From bf70547033799cdaeb813fbf8e6c75ab2ed64e38 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@redhat.com>
Date: Tue, 18 Jan 2005 16:09:23 +0000
Subject: [PATCH] 2005-01-18  Colin Walters  <walters@redhat.com>

	* named/nm-named-manager.c (generate_named_conf): Many fixes
	to config file generation.
	(safer_kill): Remove, was too much trouble for little gain.
	(nm_named_manager_start): Run named as NM_NAMED_USER.

	* configure.in: Add option --with-named-user.


git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@380 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
---
 ChangeLog                |   9 +++
 configure.in             |   2 +
 named/nm-named-manager.c | 159 ++++++++++++++-------------------------
 3 files changed, 66 insertions(+), 104 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 16cff9c04e..cb4903fde7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+2005-01-18  Colin Walters  <walters@redhat.com>
+
+	* named/nm-named-manager.c (generate_named_conf): Many fixes
+	to config file generation.
+	(safer_kill): Remove, was too much trouble for little gain.
+	(nm_named_manager_start): Run named as NM_NAMED_USER.
+
+	* configure.in: Add option --with-named-user.
+
 2005-01-14  Colin Walters  <walters@redhat.com>
 
 	Patch from ed@catmur.co.uk (Ed Catmur)
diff --git a/configure.in b/configure.in
index 3c553e5844..0386e5b1bc 100644
--- a/configure.in
+++ b/configure.in
@@ -159,11 +159,13 @@ AC_DEFINE_UNQUOTED(DBUS_SYSTEMD_DIR, "$DBUS_SYS_DIR", [Where system.d dir for DB
 
 AC_ARG_WITH(named, AC_HELP_STRING([--with-named=<path>], [path to the named binary])) 
 AC_ARG_WITH(named_dir, AC_HELP_STRING([--with-named-dir=<path>], [path to the named data directory])) 
+AC_ARG_WITH(named_user, AC_HELP_STRING([--with-named-user=username], [named username])) 
 if test "x${with_named}" = x; then
    AC_DEFINE(NM_NO_NAMED,,[Define if you want to disable named support])
 fi
 AC_DEFINE_UNQUOTED(NM_NAMED_BINARY_PATH, "$with_named", [Define to path of named binary])
 AC_DEFINE_UNQUOTED(NM_NAMED_DATA_DIR, "$with_named_dir", [Define to path of named data directory])
+AC_DEFINE_UNQUOTED(NM_NAMED_USER, "$with_named_user", [Define to named username])
 
 AC_ARG_ENABLE(notification-icon,	[ --enable-notification-icon	builds the wireless applet as a notification icon], enable_notification_icon=$enableval, enable_notification_icon=yes)
 
diff --git a/named/nm-named-manager.c b/named/nm-named-manager.c
index 221eda6e81..a18ae60193 100644
--- a/named/nm-named-manager.c
+++ b/named/nm-named-manager.c
@@ -37,6 +37,10 @@
 #include <syslog.h>
 #include <glib.h>
 
+#ifdef HAVE_SELINUX
+#include <selinux/selinux.h>
+#endif
+
 #ifndef RESOLV_CONF
 #define RESOLV_CONF "/etc/resolv.conf"
 #endif
@@ -62,11 +66,9 @@ static void nm_named_manager_get_property (GObject *object,
 					   GValue *value,
 					   GParamSpec *pspec);
 static gboolean rewrite_resolv_conf (NMNamedManager *mgr, GError **error);
-static int safer_kill (const char *path, pid_t pid, int signum);
 
 struct NMNamedManagerPrivate
 {
-	char *named_realpath_binary;
 	GPid named_pid;
 	guint spawn_count;
 	GMainContext *main_context;
@@ -168,8 +170,8 @@ nm_named_manager_dispose (GObject *object)
 		unlink (mgr->priv->named_conf);
 	if (mgr->priv->named_pid_file)
 		unlink (mgr->priv->named_pid_file);
-	if (mgr->priv->named_realpath_binary)
-		safer_kill (mgr->priv->named_realpath_binary, mgr->priv->named_pid, SIGTERM);
+	if (mgr->priv->named_pid > 0)
+		kill (mgr->priv->named_pid, SIGTERM);
 	if (mgr->priv->child_watch)
 		g_source_destroy (mgr->priv->child_watch);
 	if (mgr->priv->main_context)
@@ -289,70 +291,61 @@ gboolean
 generate_named_conf (NMNamedManager *mgr, GError **error)
 {
 #ifndef NM_NO_NAMED
-	char *filename = NULL;
 	int out_fd;
 	char *config_contents_str;
 	char **config_contents;
 	char **line;
 	const char *config_name;
+	gboolean ret;
 
 	config_name = NM_PKGDATADIR "/named.conf";
 
-	if (!mgr->priv->named_conf)
-	{
-		mgr->priv->named_conf = g_build_filename (NM_NAMED_DATA_DIR,
-							  "NetworkManager-named.conf",
-							  NULL);
-		unlink (mgr->priv->named_conf);
-		out_fd = open (mgr->priv->named_conf, O_CREAT|O_EXCL, 0600);
-		if (out_fd < 0)
-		{
-			g_set_error (error,
-				     G_FILE_ERROR,
-				     G_FILE_ERROR_EXIST,
-				     "Couldn't create %s: %s",
-				     mgr->priv->named_conf,
-				     g_strerror (errno));
-			return FALSE;
-		}
-		close (out_fd);
-	}
-
 	if (!mgr->priv->named_pid_file)
-	{
 		mgr->priv->named_pid_file = g_build_filename (NM_NAMED_DATA_DIR,
 							      "NetworkManager-pid-named",
 							      NULL);
-		unlink (mgr->priv->named_pid_file);
-		out_fd = open (mgr->priv->named_pid_file, O_CREAT|O_EXCL, 0600);
-		if (out_fd < 0)
-		{
-			g_set_error (error,
-				     G_FILE_ERROR,
-				     G_FILE_ERROR_EXIST,
-				     "Couldn't create %s: %s",
-				     mgr->priv->named_pid_file,
-				     g_strerror (errno));
-			return FALSE;
-		}
-		close (out_fd);
+	
+	if (!mgr->priv->named_conf)
+		mgr->priv->named_conf = g_build_filename (NM_NAMED_DATA_DIR,
+							  "NetworkManager-named.conf",
+							  NULL);
+	unlink (mgr->priv->named_conf);
+	out_fd = open (mgr->priv->named_conf, O_WRONLY|O_CREAT|O_TRUNC, 0644);
+	if (out_fd < 0)
+	{
+		g_set_error (error,
+			     G_FILE_ERROR,
+			     G_FILE_ERROR_EXIST,
+			     "Couldn't create %s: %s",
+			     mgr->priv->named_conf,
+			     g_strerror (errno));
+		return FALSE;
 	}
+	/* This is needed to work around the Fedora Core 3
+	 * SELinux policy for named.  We need it to be able
+	 * to read the config file created by NetworkManager,
+	 * which runs in unconfined_t
+	 */
+#if 0
+#ifdef HAVE_SELINUX
+	{
+		char *context;
+		if (matchpathcon (mgr->priv->named_conf, 0, &context) < 0)
+			syslog (LOG_WARNING, "matchpathcon(%s) failed: %s",
+				mgr->priv->named_conf, strerror (errno));
+		else if (fsetfilecon(out_fd, context) < 0)
+			syslog (LOG_WARNING, "fsetfilecon failed: %s",
+				strerror (errno));
+	}
+#endif
+#endif
 
 	if (!g_file_get_contents (config_name,
 				  &config_contents_str,
 				  NULL,
 				  error))
 	{
-		return FALSE;
-	}
-
-	out_fd = g_file_open_tmp ("NetworkManager-named.conf-XXXXXX",
-				  &filename,
-				  error);
-
-	if (out_fd < 0)
-	{
-		g_free (config_contents_str);
+		close (out_fd);
 		return FALSE;
 	}
 
@@ -403,38 +396,27 @@ generate_named_conf (NMNamedManager *mgr, GError **error)
 			g_free (replacement);
 			continue;
 		replacement_lose:
+			ret = FALSE;
 			g_free (variable);
 			g_free (replacement);
 			goto write_lose;
 		} else {
-			if (write (out_fd, *line, strlen (*line)) < 0)
+			if (write (out_fd, *line, strlen (*line)) < 0) {
+				ret = FALSE;
 				goto write_lose;
-				
+			}
 		}
-		if (write (out_fd, "\n", 1) < 0)
+		if (write (out_fd, "\n", 1) < 0) {
+			ret = FALSE;
 			goto write_lose;
+		}
 	}
 	
-	close (out_fd);
-
-	if (rename (filename, mgr->priv->named_conf) < 0) {
-		g_set_error (error,
-			     NM_NAMED_MANAGER_ERROR,
-			     NM_NAMED_MANAGER_ERROR_SYSTEM,
-			     "Couldn't rename %s to %s: %s",
-			     filename, mgr->priv->named_conf,
-			     g_strerror (errno));
-		return FALSE;
-	}
-
-	g_strfreev (config_contents);
-	return TRUE;
+	ret = TRUE;
 write_lose:
 	close (out_fd);
 	g_strfreev (config_contents);
-	unlink (filename);
-	g_free (filename);
-	return FALSE;
+	return ret;
 #else
 	return rewrite_resolv_conf (mgr, error);
 #endif
@@ -490,12 +472,10 @@ nm_named_manager_start (NMNamedManager *mgr, GError **error)
 	named_argv = g_ptr_array_new ();
 	named_binary = g_getenv ("NM_NAMED_BINARY_PATH") ?
 	  g_getenv ("NM_NAMED_BINARY_PATH") : NM_NAMED_BINARY_PATH;
-	g_free (mgr->priv->named_realpath_binary);
-	mgr->priv->named_realpath_binary = realpath (named_binary, NULL);
-	if (mgr->priv->named_realpath_binary == NULL)
-		mgr->priv->named_realpath_binary = g_strdup (named_binary);
 	g_ptr_array_add (named_argv, (char *) named_binary);
 	g_ptr_array_add (named_argv, "-f");
+	g_ptr_array_add (named_argv, "-u");
+	g_ptr_array_add (named_argv, NM_NAMED_USER);
 	g_ptr_array_add (named_argv, "-c");
 	g_ptr_array_add (named_argv, mgr->priv->named_conf);
 	g_ptr_array_add (named_argv, NULL);
@@ -522,7 +502,7 @@ nm_named_manager_start (NMNamedManager *mgr, GError **error)
 #endif
 	if (!rewrite_resolv_conf (mgr, error))
 	{
-		safer_kill (mgr->priv->named_realpath_binary, mgr->priv->named_pid, SIGTERM);
+		kill (mgr->priv->named_pid, SIGTERM);
 		return FALSE;
 	}
 
@@ -536,7 +516,7 @@ reload_named (NMNamedManager *mgr, GError **error)
 	if (!generate_named_conf (mgr, error))
 		return FALSE;
 #ifndef NM_NO_NAMED
-	if (safer_kill (mgr->priv->named_realpath_binary, mgr->priv->named_pid, SIGHUP) < 0) {
+	if (kill (mgr->priv->named_pid, SIGHUP) < 0) {
 		g_set_error (error,
 			     NM_NAMED_MANAGER_ERROR,
 			     NM_NAMED_MANAGER_ERROR_SYSTEM,
@@ -808,32 +788,3 @@ nm_named_manager_remove_domain_nameserver_ipv4 (NMNamedManager *mgr,
 	
 	return TRUE;
 }
-
-static int
-safer_kill (const char *path, pid_t pid, int signum)
-{
-#ifdef __linux__
-  {
-    char buffer[1024];
-    int len;
-    char *procpath;
-		
-    procpath = g_strdup_printf ("/proc/%d/exe", pid); 
-    len = readlink (procpath, buffer, sizeof (buffer)-1);
-    g_free (procpath);
-    buffer[len] = '\0';
-
-	if (len > 0)
-	{
-		if (strcmp (path, buffer) != 0)
-		{
-			syslog (LOG_ERR, "pid %u with exe \"%s'\" did not match expected exe \"%s\"",
-				(unsigned int) pid, buffer, path);
-			errno = EPERM;
-			return -1;
-		}
-	}	
-  }
-#endif
-  return kill ((pid_t) pid, signum);
-}