Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 645623 Details for
Bug 876976
Remove manual_selection from pam_selinux
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Would like to get this into RHEL7 and F18 when we are confident it does not break anything
pam_remove_manual_context.patch (text/plain), 2.84 KB, created by
Daniel Walsh
on 2012-11-15 12:49:40 UTC
(
hide
)
Description:
Would like to get this into RHEL7 and F18 when we are confident it does not break anything
Filename:
MIME Type:
Creator:
Daniel Walsh
Created:
2012-11-15 12:49:40 UTC
Size:
2.84 KB
patch
obsolete
>diff -up Linux-PAM-1.1.6/modules/pam_selinux/pam_selinux.c.selinux Linux-PAM-1.1.6/modules/pam_selinux/pam_selinux.c >--- Linux-PAM-1.1.6/modules/pam_selinux/pam_selinux.c.selinux 2012-11-14 16:53:04.840755400 -0500 >+++ Linux-PAM-1.1.6/modules/pam_selinux/pam_selinux.c 2012-11-15 07:28:23.841813021 -0500 >@@ -161,81 +161,6 @@ query_response (pam_handle_t *pamh, cons > return rc; > } > >-static security_context_t >-manual_context (pam_handle_t *pamh, const char *user, int debug) >-{ >- security_context_t newcon=NULL; >- context_t new_context; >- int mls_enabled = is_selinux_mls_enabled(); >- char *type=NULL; >- char *response=NULL; >- >- while (1) { >- if (query_response(pamh, >- _("Would you like to enter a security context? [N] "), NULL, >- &response, debug) != PAM_SUCCESS) >- return NULL; >- >- if ((response[0] == 'y') || (response[0] == 'Y')) >- { >- if (mls_enabled) >- new_context = context_new ("user:role:type:level"); >- else >- new_context = context_new ("user:role:type"); >- >- if (!new_context) >- goto fail_set; >- >- if (context_user_set (new_context, user)) >- goto fail_set; >- >- _pam_drop(response); >- /* Allow the user to enter each field of the context individually */ >- if (query_response(pamh, _("role:"), NULL, &response, debug) == PAM_SUCCESS && >- response[0] != '\0') { >- if (context_role_set (new_context, response)) >- goto fail_set; >- if (get_default_type(response, &type)) >- goto fail_set; >- if (context_type_set (new_context, type)) >- goto fail_set; >- _pam_drop(type); >- } >- _pam_drop(response); >- >- if (mls_enabled) >- { >- if (query_response(pamh, _("level:"), NULL, &response, debug) == PAM_SUCCESS && >- response[0] != '\0') { >- if (context_range_set (new_context, response)) >- goto fail_set; >- } >- _pam_drop(response); >- } >- >- /* Get the string value of the context and see if it is valid. */ >- if (!security_check_context(context_str(new_context))) { >- newcon = strdup(context_str(new_context)); >- context_free (new_context); >- return newcon; >- } >- else >- send_text(pamh,_("Not a valid security context"),debug); >- >- context_free (new_context); >- } >- else { >- _pam_drop(response); >- return NULL; >- } >- } /* end while */ >- fail_set: >- free(type); >- _pam_drop(response); >- context_free (new_context); >- return NULL; >-} >- > static int mls_range_allowed(pam_handle_t *pamh, security_context_t src, security_context_t dst, int debug) > { > struct av_decision avd; >@@ -606,11 +531,6 @@ compute_exec_context(pam_handle_t *pamh, > data->exec_context = context_from_env(pamh, data->default_user_context, > env_params, use_current_range, > debug); >- } else { >- if (seuser) { >- data->exec_context = manual_context(pamh, seuser, debug); >- free(seuser); >- } > } > > if (!data->exec_context) {
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 876976
: 645623