From ef2a7df1c5574744dcb334e93e1e6238540c3d87 Mon Sep 17 00:00:00 2001 From: Karol Lewandowski Date: Wed, 21 Nov 2018 15:53:23 +0100 Subject: [PATCH] Revert "Revert "Revert "Add a pam module to set smack label (PTREL-549)""" This reverts commit edff5bffddd8761a781a6b9d64f7fc7cad20dc9b. The problem was in security-config package that removed the service file during image creation stage. The removal was caused by change (SmackProcessLabel=) that didn't match its own "saved" policy. Change-Id: Ie2a3cffc304eeabb3896124eaf84b7dc4b2ab3f4 --- configure.in | 4 ---- modules/Makefile.am | 2 +- modules/pam_smack/Makefile.am | 11 ----------- modules/pam_smack/pam_smack.c | 31 ------------------------------- packaging/pam.spec | 2 -- 5 files changed, 1 insertion(+), 49 deletions(-) delete mode 100644 modules/pam_smack/Makefile.am delete mode 100644 modules/pam_smack/pam_smack.c diff --git a/configure.in b/configure.in index 2749f0c..ae762a2 100644 --- a/configure.in +++ b/configure.in @@ -498,9 +498,6 @@ if test ! -z "$LIBSELINUX" ; then LIBS=$BACKUP_LIBS fi -dnl hacks for pam_smack -PKG_CHECK_MODULES([LIBSMACK], [libsmack]) - dnl Checks for header files. AC_HEADER_DIRENT AC_HEADER_STDC @@ -628,7 +625,6 @@ AC_CONFIG_FILES([Makefile libpam/Makefile libpamc/Makefile libpamc/test/Makefile modules/pam_unix/Makefile modules/pam_userdb/Makefile \ modules/pam_warn/Makefile modules/pam_wheel/Makefile \ modules/pam_xauth/Makefile doc/Makefile doc/specs/Makefile \ - modules/pam_smack/Makefile \ doc/man/Makefile doc/sag/Makefile doc/adg/Makefile \ doc/mwg/Makefile examples/Makefile tests/Makefile \ xtests/Makefile]) diff --git a/modules/Makefile.am b/modules/Makefile.am index 885a4ad..0c80cea 100644 --- a/modules/Makefile.am +++ b/modules/Makefile.am @@ -11,7 +11,7 @@ SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \ pam_selinux pam_sepermit pam_shells pam_stress \ pam_succeed_if pam_tally pam_tally2 pam_time pam_timestamp \ pam_tty_audit pam_umask \ - pam_unix pam_userdb pam_warn pam_wheel pam_xauth pam_smack + pam_unix pam_userdb pam_warn pam_wheel pam_xauth CLEANFILES = *~ diff --git a/modules/pam_smack/Makefile.am b/modules/pam_smack/Makefile.am deleted file mode 100644 index 4a415d9..0000000 --- a/modules/pam_smack/Makefile.am +++ /dev/null @@ -1,11 +0,0 @@ -securelibdir = $(SECUREDIR) -secureconfdir = $(SCONFIGDIR) - -AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include @LIBSMACK_CFLAGS@ -AM_LDFLAGS = -no-undefined -avoid-version -module -if HAVE_VERSIONING - AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map -endif -securelib_LTLIBRARIES = pam_smack.la -pam_smack_la_LIBADD = $(top_builddir)/libpam/libpam.la @LIBSMACK_LIBS@ -pam_smack_la_SOURCES = pam_smack.c diff --git a/modules/pam_smack/pam_smack.c b/modules/pam_smack/pam_smack.c deleted file mode 100644 index 4fde36e..0000000 --- a/modules/pam_smack/pam_smack.c +++ /dev/null @@ -1,31 +0,0 @@ -#define _GNU_SOURCE -#include -#include - -#define PAM_SM_SESSION -#include -#include - - -PAM_EXTERN int -pam_sm_open_session (pam_handle_t *pamh, - int flags, - int argc, - const char **argv) -{ - if (smack_smackfs_path ()) { - int rc = smack_set_label_for_self ("User"); - if (rc) { - pam_syslog (pamh, LOG_WARNING, "couldn't set label"); - } - } - - return PAM_SUCCESS; -} - -PAM_EXTERN int -pam_sm_close_session (pam_handle_t *pamh, int flags, - int argc, const char **argv) -{ - return PAM_IGNORE; -} diff --git a/packaging/pam.spec b/packaging/pam.spec index 210b3d7..b4048dc 100644 --- a/packaging/pam.spec +++ b/packaging/pam.spec @@ -29,7 +29,6 @@ BuildRequires: libtool BuildRequires: net-tools BuildRequires: zlib-devel BuildRequires: gettext-tools -BuildRequires: smack-devel BuildRequires: pkgconfig Requires(post): /sbin/ldconfig Requires(post): /usr/bin/install @@ -195,7 +194,6 @@ fi %{_moduledir}/pam_unix_passwd.so %{_moduledir}/pam_unix_session.so %{_moduledir}/pam_warn.so -%{_moduledir}/pam_smack.so %files devel %manifest %{name}.manifest -- 2.7.4