diff --git libsemanage-2.4/src/direct_api.c libsemanage-2.4/src/direct_api.c index b0ed338..875c513 100644 --- libsemanage-2.4/src/direct_api.c +++ libsemanage-2.4/src/direct_api.c @@ -1137,6 +1137,9 @@ static int semanage_direct_commit(semanage_handle_t * sh) if (retval < 0) goto cleanup; + /* remove FC_TMPL now that it is now longer needed */ + unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL)); + pfcontexts->dtable->drop_cache(pfcontexts->dbase); /* SEUsers */ @@ -1241,11 +1244,6 @@ static int semanage_direct_commit(semanage_handle_t * sh) sepol_policydb_free(out); out = NULL; - /* remove files that are automatically generated and no longer needed */ - unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL)); - unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL)); - unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA)); - if (sh->do_rebuild || modified || bools_modified || fcontexts_modified) { retval = semanage_install_sandbox(sh); } @@ -1355,7 +1353,7 @@ static int semanage_direct_install_file(semanage_handle_t * sh, int in_fd = -1; char *path = NULL; char *filename; - char *lang_ext; + char *lang_ext = NULL; char *separator; if ((in_fd = open(install_filename, O_RDONLY)) == -1) { @@ -1387,17 +1385,20 @@ static int semanage_direct_install_file(semanage_handle_t * sh, goto cleanup; } *separator = '\0'; + lang_ext = separator + 1; } separator = strrchr(filename, '.'); if (separator == NULL) { - ERR(sh, "Module does not have a valid extension."); - retval = -1; - goto cleanup; + if (lang_ext == NULL) { + ERR(sh, "Module does not have a valid extension."); + retval = -1; + goto cleanup; + } + } else { + *separator = '\0'; + lang_ext = separator + 1; } - *separator = '\0'; - - lang_ext = separator + 1; retval = semanage_direct_install(sh, data, data_len, filename, lang_ext); diff --git libsemanage-2.4/tests/test_utilities.c libsemanage-2.4/tests/test_utilities.c index 4d25b07..32cc33c 100644 --- libsemanage-2.4/tests/test_utilities.c +++ libsemanage-2.4/tests/test_utilities.c @@ -45,7 +45,7 @@ void test_slurp_file_filter(void); char fname[] = { 'T', 'E', 'S', 'T', '_', 'T', 'E', 'M', 'P', '_', 'X', 'X', 'X', 'X', - 'X', 'X' + 'X', 'X', '\0' }; int fd; FILE *fptr; diff --git libsemanage-2.4/utils/semanage_migrate_store libsemanage-2.4/utils/semanage_migrate_store index 03b492e..22842fc 100755 --- libsemanage-2.4/utils/semanage_migrate_store +++ libsemanage-2.4/utils/semanage_migrate_store @@ -1,4 +1,4 @@ -#!/usr/bin/python -E +#!/usr/bin/python3 -E from __future__ import print_function @@ -17,7 +17,7 @@ try: import selinux import semanage except: - print("You must install libselinux-python and libsemanage-python before running this tool", file=sys.stderr) + print("You must install libselinux-python3 and libsemanage-python3 before running this tool", file=sys.stderr) exit(1) @@ -221,7 +221,7 @@ def rebuild_policy(): def oldroot_path(): - return "/etc/selinux" + return "%s/etc/selinux" % ROOT def oldstore_path(store): return "%s/%s/modules/active" % (oldroot_path(), store) @@ -233,7 +233,7 @@ def disabledmodules_path(store): return "%s/disabled" % newmodules_path(store) def newroot_path(): - return PATH + return "%s%s" % (ROOT, PATH) def newstore_path(store): return "%s/%s/active" % (newroot_path(), store) @@ -260,6 +260,8 @@ if __name__ == "__main__": help="Disable rebuilding policy after migration (default: no)") parser.add_option("-P", "--path", dest="path", help="Set path for the policy store (default: /var/lib/selinux)") + parser.add_option("-r", "--root", dest="root", + help="Set an alternative root for the migration (default: /)") (options, args) = parser.parse_args() @@ -272,6 +274,10 @@ if __name__ == "__main__": if PATH is None: PATH = "/var/lib/selinux" + ROOT = options.root + if ROOT is None: + ROOT = "" + # List of paths that go in the active 'root' TOPPATHS = [ "commit_num", @@ -282,9 +288,13 @@ if __name__ == "__main__": "file_contexts.local", "seusers", "users.local", + "users_extra", "users_extra.local", "disable_dontaudit", - "preserve_tunables" ] + "preserve_tunables", + "policy.kern", + "file_contexts", + "homedir_template"] create_dir_from(oldroot_path(), newroot_path(), 0o755)