Skip to content

Commit

Permalink
libsemanage: respect shell paths with /usr prefix
Browse files Browse the repository at this point in the history 
Consider paths with the prefix /usr for shells by including them in the
list of fallback default shells and by extending the check for a nologin
shell.

Signed-off-by: Christian Göttsche <[email protected]>
Acked-by: James Carter <[email protected]>
  • Loading branch information
@cgzones @bachradsusi
cgzones authored and bachradsusi committed Nov 27, 2024
1 parent 8422032 commit 4d30739
Showing 1 changed file with 23 additions and 9 deletions.
32 changes: 23 additions & 9 deletions libsemanage/src/genhomedircon.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,15 +192,23 @@ static semanage_list_t *default_shell_list(void)
semanage_list_t *list = NULL;

if (semanage_list_push(&list, "/bin/csh")
|| semanage_list_push(&list, "/usr/bin/csh")
|| semanage_list_push(&list, "/bin/tcsh")
|| semanage_list_push(&list, "/usr/bin/tcsh")
|| semanage_list_push(&list, "/bin/ksh")
|| semanage_list_push(&list, "/usr/bin/ksh")
|| semanage_list_push(&list, "/bin/bsh")
|| semanage_list_push(&list, "/usr/bin/bsh")
|| semanage_list_push(&list, "/bin/ash")
|| semanage_list_push(&list, "/usr/bin/ksh")
|| semanage_list_push(&list, "/usr/bin/ash")
|| semanage_list_push(&list, "/bin/pdksh")
|| semanage_list_push(&list, "/usr/bin/pdksh")
|| semanage_list_push(&list, "/bin/zsh")
|| semanage_list_push(&list, "/usr/bin/zsh")
|| semanage_list_push(&list, "/bin/sh")
|| semanage_list_push(&list, "/bin/bash"))
|| semanage_list_push(&list, "/usr/bin/sh")
|| semanage_list_push(&list, "/bin/bash")
|| semanage_list_push(&list, "/usr/bin/bash"))
goto fail;

return list;
Expand All @@ -210,6 +218,12 @@ static semanage_list_t *default_shell_list(void)
return NULL;
}

static bool is_nologin_shell(const char *path)
{
return strcmp(path, PATH_NOLOGIN_SHELL) == 0 ||
strcmp(path, "/usr" PATH_NOLOGIN_SHELL) == 0;
}

static semanage_list_t *get_shell_list(void)
{
FILE *shells;
Expand All @@ -223,13 +237,13 @@ static semanage_list_t *get_shell_list(void)
return default_shell_list();
while ((len = getline(&temp, &buff_len, shells)) > 0) {
if (temp[len-1] == '\n') temp[len-1] = 0;
if (strcmp(temp, PATH_NOLOGIN_SHELL)) {
if (semanage_list_push(&list, temp)) {
free(temp);
semanage_list_destroy(&list);
fclose(shells);
return NULL;
}
if (is_nologin_shell(temp))
continue;
if (semanage_list_push(&list, temp)) {
free(temp);
semanage_list_destroy(&list);
fclose(shells);
return NULL;
}
}
free(temp);
Expand Down

0 comments on commit 4d30739

Please sign in to comment.