From 751b4ff02bfa10a56df7052b7cb473b682a50c90 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Mar 21 2006 04:07:13 +0000
Subject: * Mon Mar 20 2006 Dan Walsh <dwalsh@redhat.com> 1.30-4

- Open file descriptor to make sure file does not change from underneath.

---

diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index f82b319..771ebb2 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -1,6 +1,6 @@
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.30/Makefile
 --- nsapolicycoreutils/Makefile	2005-11-29 10:55:01.000000000 -0500
-+++ policycoreutils-1.30/Makefile	2006-03-17 23:29:02.000000000 -0500
++++ policycoreutils-1.30/Makefile	2006-03-20 22:51:07.000000000 -0500
 @@ -1,4 +1,4 @@
 -SUBDIRS=setfiles semanage load_policy newrole run_init restorecon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand setsebool po
 +SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand setsebool po
@@ -9,7 +9,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/Makefile policycoreutils
  	@for subdir in $(SUBDIRS); do \
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-1.30/restorecond/Makefile
 --- nsapolicycoreutils/restorecond/Makefile	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/Makefile	2006-03-17 23:29:02.000000000 -0500
++++ policycoreutils-1.30/restorecond/Makefile	2006-03-20 22:51:07.000000000 -0500
 @@ -0,0 +1,29 @@
 +# Installation directories.
 +PREFIX ?= ${DESTDIR}/usr
@@ -42,7 +42,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/Makefile pol
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.8 policycoreutils-1.30/restorecond/restorecond.8
 --- nsapolicycoreutils/restorecond/restorecond.8	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/restorecond.8	2006-03-17 23:29:02.000000000 -0500
++++ policycoreutils-1.30/restorecond/restorecond.8	2006-03-20 22:51:07.000000000 -0500
 @@ -0,0 +1,31 @@
 +.TH "restorecond" "8" "2002031409" "" ""
 +.SH "NAME"
@@ -77,8 +77,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +.BR restorecon (8),
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.30/restorecond/restorecond.c
 --- nsapolicycoreutils/restorecond/restorecond.c	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/restorecond.c	2006-03-20 15:57:28.000000000 -0500
-@@ -0,0 +1,436 @@
++++ policycoreutils-1.30/restorecond/restorecond.c	2006-03-20 22:51:13.000000000 -0500
+@@ -0,0 +1,452 @@
 +/*
 + * restorecond
 + *
@@ -235,13 +235,26 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +	security_context_t prev_context=NULL;
 +	struct stat st;
 +	char path[PATH_MAX+1];
++	int fd=-1;
 +	if (debug_mode)
 +		printf("restore %s\n", filename);
 +
-+	if (lstat(filename, &st)!=0) return;
++	fd = open(filename, O_NOFOLLOW | O_RDONLY );
++	if ( fd < 0 ) {
++		syslog(LOG_ERR,"Unable to open file (%s) %s\n", filename,strerror(errno));
++		return;
++	}
++
++
++	if (fstat(fd, &st)!=0) {
++		syslog(LOG_ERR,"Unable to stat file (%s) %s\n", filename,strerror(errno));
++		close(fd);
++		return;
++	}
 +
 +	if (st.st_nlink > 1) {
 +		syslog(LOG_ERR,"Will not restore a file with more than one hard link (%s) %s\n", filename,strerror(errno));
++		close(fd);
 +		return;
 +	}
 +
@@ -251,7 +264,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +		syslog(LOG_ERR,"matchpathcon(%s) failed %s\n", filename,strerror(errno));
 +		return;
 +	} 
-+	retcontext=lgetfilecon(filename,&prev_context);
++	retcontext=fgetfilecon(fd,&prev_context);
 +	
 +	if (retcontext >= 0 || errno == ENODATA) {
 +		if (retcontext < 0) prev_context=NULL;
@@ -261,15 +274,17 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +			if (only_changed_user(scontext, prev_context) != 0) {
 +				free(scontext);
 +				free(prev_context);
++				close(fd);
 +				return;
 +			}
 +
-+			if (lsetfilecon(filename,scontext) < 0) {
++			if (fsetfilecon(fd,scontext) < 0) {
 +				syslog(LOG_ERR,"set context %s->%s failed:'%s'\n",
 +					filename, scontext, strerror(errno));
 +				if (retcontext >= 0)
 +					free(prev_context);
 +				free(scontext);
++				close(fd);
 +				return;
 +			}
 +			syslog(LOG_WARNING,"Reset file context %s: %s->%s\n", filename, prev_context, scontext);
@@ -282,6 +297,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +			filename, strerror(errno));
 +	}
 +	free(scontext);
++	close(fd);
 +}
 +
 +static void process_config(int fd, FILE *cfg) {
@@ -517,14 +533,14 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +}
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-1.30/restorecond/restorecond.conf
 --- nsapolicycoreutils/restorecond/restorecond.conf	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/restorecond.conf	2006-03-17 23:29:02.000000000 -0500
++++ policycoreutils-1.30/restorecond/restorecond.conf	2006-03-20 22:51:07.000000000 -0500
 @@ -0,0 +1,3 @@
 +/etc/resolv.conf
 +/etc/mtab
 +~/public_html
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-1.30/restorecond/restorecond.h
 --- nsapolicycoreutils/restorecond/restorecond.h	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/restorecond.h	2006-03-17 23:29:02.000000000 -0500
++++ policycoreutils-1.30/restorecond/restorecond.h	2006-03-20 22:51:07.000000000 -0500
 @@ -0,0 +1,31 @@
 +/* restorecond.h -- 
 + * Copyright 2006 Red Hat Inc., Durham, North Carolina.
@@ -559,8 +575,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-1.30/restorecond/restorecond.init
 --- nsapolicycoreutils/restorecond/restorecond.init	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/restorecond.init	2006-03-17 23:29:02.000000000 -0500
-@@ -0,0 +1,57 @@
++++ policycoreutils-1.30/restorecond/restorecond.init	2006-03-20 23:04:15.000000000 -0500
+@@ -0,0 +1,61 @@
 +#!/bin/sh
 +#
 +# restorecond:		Daemo used to maintain path file context
@@ -591,6 +607,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +	rm -f  /var/lock/subsys/restorecond
 +        echo
 +}
++restart() 
++{
++    stop
++    start
++}
 +
 +[ -f /usr/sbin/restorecond ] || exit 0
 +
@@ -606,11 +627,10 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +	status restorecond
 +	;;
 +  restart|reload)
-+	stop
-+	start
++	restart
 +	;;
 +  condrestart)
-+	[ -e /var/lock/subsys/restorecond ] && (stop; start)
++	[ -e /var/lock/subsys/restorecond ] && restart || :
 +	;;
 +  *)
 +        echo $"Usage: $0 {start|stop|restart|reload|condrestart}"
@@ -620,7 +640,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
 +exit 0
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/stringslist.c policycoreutils-1.30/restorecond/stringslist.c
 --- nsapolicycoreutils/restorecond/stringslist.c	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/stringslist.c	2006-03-17 23:29:02.000000000 -0500
++++ policycoreutils-1.30/restorecond/stringslist.c	2006-03-20 22:51:07.000000000 -0500
 @@ -0,0 +1,118 @@
 +/*
 + * Copyright (C) 2006 Red Hat 
@@ -742,7 +762,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/stringslist.
 +#endif
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/stringslist.h policycoreutils-1.30/restorecond/stringslist.h
 --- nsapolicycoreutils/restorecond/stringslist.h	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/stringslist.h	2006-03-17 23:29:02.000000000 -0500
++++ policycoreutils-1.30/restorecond/stringslist.h	2006-03-20 22:51:07.000000000 -0500
 @@ -0,0 +1,37 @@
 +/* stringslist.h -- 
 + * Copyright 2006 Red Hat Inc., Durham, North Carolina.
@@ -783,7 +803,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/stringslist.
 +#endif
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.c policycoreutils-1.30/restorecond/utmpwatcher.c
 --- nsapolicycoreutils/restorecond/utmpwatcher.c	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/utmpwatcher.c	2006-03-17 23:29:02.000000000 -0500
++++ policycoreutils-1.30/restorecond/utmpwatcher.c	2006-03-20 22:51:07.000000000 -0500
 @@ -0,0 +1,105 @@
 +/*
 + * utmpwatcher.c
@@ -892,7 +912,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.
 +
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.h policycoreutils-1.30/restorecond/utmpwatcher.h
 --- nsapolicycoreutils/restorecond/utmpwatcher.h	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.30/restorecond/utmpwatcher.h	2006-03-17 23:29:02.000000000 -0500
++++ policycoreutils-1.30/restorecond/utmpwatcher.h	2006-03-20 22:51:07.000000000 -0500
 @@ -0,0 +1,29 @@
 +/* utmpwatcher.h -- 
 + * Copyright 2006 Red Hat Inc., Durham, North Carolina.
@@ -925,7 +945,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.
 +#endif
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.30/scripts/fixfiles
 --- nsapolicycoreutils/scripts/fixfiles	2006-01-04 13:07:46.000000000 -0500
-+++ policycoreutils-1.30/scripts/fixfiles	2006-03-20 15:50:23.000000000 -0500
++++ policycoreutils-1.30/scripts/fixfiles	2006-03-20 22:51:07.000000000 -0500
 @@ -124,7 +124,15 @@
      exit $?
  fi
@@ -945,8 +965,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policyc
  LogReadOnly
 diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.30/semanage/seobject.py
 --- nsapolicycoreutils/semanage/seobject.py	2006-03-10 09:48:05.000000000 -0500
-+++ policycoreutils-1.30/semanage/seobject.py	2006-03-17 23:29:02.000000000 -0500
-@@ -549,7 +548,7 @@
++++ policycoreutils-1.30/semanage/seobject.py	2006-03-20 22:51:07.000000000 -0500
+@@ -549,7 +549,7 @@
  				raise ValueError("Could not list roles for user %s" % name)
  
  			roles = string.join(rlist, ' ');
@@ -955,7 +975,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py pol
  
  		return ddict
  
-@@ -559,10 +558,10 @@
+@@ -559,10 +559,10 @@
  		keys.sort()
  		if is_mls_enabled == 1:
  			if heading:
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 8de0cff..5397840 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -5,7 +5,7 @@
 Summary: SELinux policy core utilities.
 Name: policycoreutils
 Version: 1.30
-Release: 3
+Release: 4
 License: GPL
 Group: System Environment/Base
 Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -103,7 +103,13 @@ rm -rf ${RPM_BUILD_ROOT}
 %attr(755,root,root) /etc/rc.d/init.d/restorecond
 %config(noreplace) /etc/selinux/restorecond.conf
 
+%post
+service restorecond condrestart
+
 %changelog
+* Mon Mar 20 2006 Dan Walsh <dwalsh@redhat.com> 1.30-4
+- Open file descriptor to make sure file does not change from underneath.
+
 * Fri Mar 17 2006 Dan Walsh <dwalsh@redhat.com> 1.30-3
 - Fixes for restorecond attack via symlinks
 - Fixes for fixfiles