Bug 153687 - seuser command segfaults
seuser command segfaults
Status: CLOSED NEXTRELEASE
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: setools (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-04-04 21:08 EDT by Stephen Gardner
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-10-12 14:15:49 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Stephen Gardner 2005-04-04 21:08:23 EDT
Description of problem:
When seuser command is run with various switches command segfaults

Version-Release number of selected component (if applicable):
RHEL4-AS-U0
[ i386 (clean install, no packages changed from default) ]
[ i386 (patched up2date) ]
[ x86_64 (patched up2date) ]
setools-1.5.1-5

How reproducible:
Always.
With and without X running.
As a root and non-root user.

Steps to Reproduce:
seuser -h
or
seuser version

Actual results:
[root@server1 ~]# seuser version
Segmentation fault

[root@server1 ~]# seuser -h
Segmentation fault

The same occurs with non-sense input after the command name for example

[root@netserver-new setools]# seuser 1234567890
Segmentation fault
[root@netserver-new setools]# seuser foobarfoobar
Segmentation fault

Expected results:
Command displays help / version string / exits normally etc

Additional info:
I freely admit I know little about SElinux sub-system or its operation but this
seems too fundamental to overlook and worth reporting.

I note that the setools-1.5.1-5 SRPM  does include the patch from Bugzilla Bug
138297 which on initial inspection seemed similar.
Comment 1 Daniel Walsh 2005-04-07 11:10:37 EDT
seuser is not intended to be used in targeted policy, only strict.  But I have
prepared a fix on
ftp://people.redhat.com/dwalsh/SELinux/RHEL4

This should go into U2 since U1 is already frozen.

Please try it out.
Comment 2 Stephen Gardner 2005-04-07 11:42:45 EDT
I can confirm that seuser from the (-5.1 release rpm you provided) now exits
cleanly on RHEL4-U0 (i386 and x86_86) with valid and invalid command line
switches passed to it.

Thanks for the note regarding its intended usage on strict policy systems which
I was unaware of.
Comment 3 Daniel Walsh 2005-04-07 11:54:50 EDT
The main use of seuser is to manipulate the user database, similarly to useradd,
userdel ...

It's main difference is that it will also manipulate the roles database of
SELinux.  roles are not really used in targeted policy.  We also intend to move
the ability to manipulate roles into useradd and friends in the future.  This
mechanism will be different then seuser since it will not require that policy
sources be installed.

Dan

Note You need to log in before you can comment on or make changes to this bug.