Skip to content

Conversation

capnspacehook
Copy link

@capnspacehook capnspacehook commented May 20, 2025

Ported getseuserbyname (https://github.com/SELinuxProject/selinux/blob/main/libselinux/src/seusers.c#L188) to Go, and added failsafe_context parsing to GetDefaultContextWithLevel as that's what libselinux's get_default_context_with_level does (https://github.com/SELinuxProject/selinux/blob/main/libselinux/src/get_context_list.c#L488).

getseuserbyname reads theseusers file (https://www.man7.org/linux/man-pages/man5/seusers.5.html) to find the SELinux user and the MLS level for a given Linux user.

get_default_context_with_level takes a SELinux user, MLS level, and an SELinux context (combination of SELinux user, role, domain, and MLS level, in many cases this context is the context of the caller) and returns the SELinux context that should be used when creating processes as a certain Linux user.

get_default_context_with_level attempts to find a suitable context for the specific SELinux user that was passed first, then searches in the list of global context mappings if no match was found, and finally just returns the failsafe context if no match was found anywhere else. GetDefaultContextWithLevel previously returned an error if no context could be found for the SELinux user or globally.

Man page for failsafe_context: https://www.man7.org/linux//man-pages/man5/failsafe_context.5.html

@rhatdan
Copy link
Collaborator

rhatdan commented Sep 4, 2025

Missed this, could you sign your commit?

@rhatdan
Copy link
Collaborator

rhatdan commented Sep 4, 2025

LGTM
@kolyshkin @thaJeztah PTAL

@capnspacehook
Copy link
Author

@rhatdan no prob, signed commit

@kolyshkin
Copy link
Collaborator

@capnspacehook can you split this into two commits, by functionality. Same PR is fine.

@capnspacehook
Copy link
Author

@kolyshkin split into two commits

var groupSeUser, groupLevel string

lineNum := -1
scanner := bufio.NewScanner(r)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would use bufio.NewReader and ReadBytes('\n') here.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can change it, but curious as to why? Is bufio.Reader more efficient in this scenario?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I made the change in a separate commit so we can easily revert it, I personally think using bufio.NewScanner is a bit easier to follow and use, but if there's a good reason to use bufio.Reader we can keep it as is

Comment on lines 1210 to 1211
// remove any trailing comments, then extra whitespace
parts := strings.SplitN(line, "#", 2)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are trailing comments allowed? In C code they ignore empty lines, or lines consisting entirely of whitespace, or lines that start with (optional) whitespace and then #. I don't see any trailing comments handling.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When I tested before they seemed to be allowed, didn't get any errors from anything when I added them and everything kept working as it should

Copy link
Collaborator

@kolyshkin kolyshkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Regarding the second patch -- I see we're opening two files in getDefaultContextWithLevel, while we might not even read the second one. Your patch adds a third file to open.

Maybe we can rework the code first to open the file only when needed (the most changes will be in the tests I guess), then add the failsafe context?

@capnspacehook
Copy link
Author

@kolyshkin good idea, files are opened lazily now

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants