Bug#851933: udev: /lib/udev/hwdb.bin gets wrong SE Linux label
Michael Biebl
biebl at debian.org
Thu Jun 1 03:16:31 BST 2017
Control: clone -1 -2
Control: reassign -2 libselinux1
Control: found -2 2.6-3
Control: retitle -2 selabel_lookup_raw() doesn't find correct context for "//lib/udev/hwdb.bin"
Am 01.06.2017 um 00:34 schrieb Michael Biebl:
> This path is passed to mac_selinux_fix() in
> https://github.com/systemd/systemd/blob/master/src/basic/selinux-util.c#L122
>
> I supposed either selabel_lookup_raw() or lsetfilecon_raw() doesn't
> properly deal with the double //.
Apparently it's selabel_lookup_raw() which doesn't handle the double slash gracefully
Using selabel_lookup_raw(label_hnd, &fcon, path, st.st_mode);
and path being set to "//lib/udev/hwdb.bin", fcon contains "system_u:object_r:default_t:s0".
I'm cloning this bug report for libselinux1.
We can work around this in systemd, but I'm convinced selabel_lookup_raw() should deal with such paths more robustly.
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-systemd-maintainers/attachments/20170601/4ba81c28/attachment.sig>
More information about the Pkg-systemd-maintainers
mailing list