SELinuxProject · stephensmalley · Jul 31, 2025 · Aug 1, 2025 · Sep 12, 2025 · Sep 25, 2025
diff --git a/libselinux/man/man3/context_new.3 b/libselinux/man/man3/context_new.3
@@ -71,7 +71,7 @@ set a context component.
 .SH "RETURN VALUE"
 On failure
 .BR context_*_set ()
-functions return non-zero and 0 on success.
+functions return non-zero on failure and 0 on success.
 
 The other functions return NULL on failure and non-NULL on success.
 

diff --git a/libselinux/src/selinux_check_securetty_context.c b/libselinux/src/selinux_check_securetty_context.c
@@ -8,45 +8,48 @@
 
 int selinux_check_securetty_context(const char * tty_context)
 {
+	FILE *fp = fopen(selinux_securetty_types_path(), "re");
+	if (!fp)
+		return -1;
+
+	context_t con = context_new(tty_context);
+	if (!con) {
+		fclose(fp);
+		return -1;
+	}
+
+	const char *type = context_type_get(con);
+
 	char *line = NULL;
 	char *start, *end = NULL;
 	size_t line_len = 0;
-	ssize_t len;
 	int found = -1;
-	FILE *fp;
-	fp = fopen(selinux_securetty_types_path(), "re");
-	if (fp) {
-		context_t con = context_new(tty_context);
-		if (con) {
-			const char *type = context_type_get(con);
-			while ((len = getline(&line, &line_len, fp)) != -1) {
-
-				if (line[len - 1] == '\n')
-					line[len - 1] = 0;
-
-				/* Skip leading whitespace. */
-				start = line;
-				while (*start && isspace((unsigned char)*start))
-					start++;
-				if (!(*start))
-					continue;
-
-				end = start;
-				while (*end && !isspace((unsigned char)*end))
-					end++;
-				if (*end)
-					*end++ = 0;
-				if (!strcmp(type, start)) {
-					found = 0;
-					break;
-				}
-			}
-			free(line);
-			context_free(con);
+	ssize_t len;
+	while ((len = getline(&line, &line_len, fp)) != -1) {
+		if (line[len - 1] == '\n')
+			line[len - 1] = 0;
+
+		/* Skip leading whitespace. */
+		start = line;
+		while (*start && isspace((unsigned char)*start))
+			start++;
+		if (!(*start))
+			continue;
+
+		end = start;
+		while (*end && !isspace((unsigned char)*end))
+			end++;
+		if (*end)
+			*end++ = 0;
+		if (!strcmp(type, start)) {
+			found = 0;
+			break;
 		}
-		fclose(fp);
 	}
 
+	free(line);
+	context_free(con);
+	fclose(fp);
+
 	return found;
 }
-
diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c
@@ -64,6 +64,11 @@
 #define PATH_SHELLS_FILE "/etc/shells"
 #define PATH_NOLOGIN_SHELL "/sbin/nologin"
 
+/* fallback values */
+#define FALLBACK_MINUID 1000
+#define FALLBACK_MAXUID 60000
+#define FALLBACK_LU_UIDNUMBER 500
+
 /* comments written to context file */
 #define COMMENT_FILE_CONTEXT_HEADER "#\n#\n# " \
 			"User-specific file contexts, generated via libsemanage\n" \
@@ -352,26 +357,54 @@ static semanage_list_t *get_home_dirs(genhomedircon_settings_t * s)
 		goto fail;
 	}
 
+#define genhomedircon_warn_conv_fail(key, val) \
+	WARN(s->h_semanage, \
+	     "Conversion failed for key " key ", is its value a number?" \
+	     "  Falling back to default value of `%s`.", #val);
+
 	path = semanage_findval(PATH_ETC_LOGIN_DEFS, "UID_MIN", NULL);
 	if (path && *path) {
-		temp = atoi(path);
-		minuid = temp;
-		minuid_set = 1;
+		char *endptr;
+		const unsigned long val = strtoul(path, &endptr, 0);
+		if (endptr != path && *endptr == '\0') {
+			minuid = (uid_t)val;
+			minuid_set = 1;
+		} else {
+			/* we were provided an invalid value, use defaults.  */
+			genhomedircon_warn_conv_fail("UID_MIN", FALLBACK_MINUID);
+			minuid = FALLBACK_MINUID;
+			minuid_set = 1;
+		}
 	}
 	free(path);
 	path = NULL;
 
 	path = semanage_findval(PATH_ETC_LOGIN_DEFS, "UID_MAX", NULL);
 	if (path && *path) {
-		temp = atoi(path);
-		maxuid = temp;
+		char *endptr;
+		const unsigned long val = strtoul(path, &endptr, 0);
+		if (endptr != path && *endptr == '\0') {
+			maxuid = (uid_t)val;
+		} else {
+			/* we were provided an invalid value, use defaults.  */
+			genhomedircon_warn_conv_fail("UID_MAX", FALLBACK_MAXUID);
+			maxuid = FALLBACK_MAXUID;
+		}
 	}
 	free(path);
 	path = NULL;
 
 	path = semanage_findval(PATH_ETC_LIBUSER, "LU_UIDNUMBER", "=");
 	if (path && *path) {
-		temp = atoi(path);
+		char *endptr;
+		const unsigned long val = strtoul(path, &endptr, 0);
+		if (endptr != path && *endptr == '\0') {
+			temp = (uid_t)val;
+		} else {
+			/* we were provided an invalid value, use defaults.  */
+			genhomedircon_warn_conv_fail("LU_UIDNUMBER", FALLBACK_LU_UIDNUMBER);
+			temp = FALLBACK_LU_UIDNUMBER;
+		}
 		if (!minuid_set || temp < minuid) {
 			minuid = temp;
 			minuid_set = 1;
@@ -380,6 +413,8 @@ static semanage_list_t *get_home_dirs(genhomedircon_settings_t * s)
 	free(path);
 	path = NULL;
 
+#undef genhomedircon_warn_conv_fail
+
 	errno = 0;
 	setpwent();
 	while (1) {

diff --git a/libsepol/src/Makefile b/libsepol/src/Makefile
@@ -40,6 +40,8 @@ LD_SONAME_FLAGS=-soname,$(LIBSO),--version-script=$(LIBMAP),-z,defs
 LN=ln
 OS := $(shell uname)
 ifeq ($(OS), Darwin)
+TARGET=libsepol.dylib
+LIBSO=libsepol.$(LIBVERSION).dylib
 LD_SONAME_FLAGS=-install_name,$(LIBSO)
 LDFLAGS += -undefined dynamic_lookup
 LN=gln

diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
@@ -2885,7 +2885,15 @@ def delete(self, name):
         self.__delete(name)
         self.commit()
 
+        # New transaction to reset the boolean to its default value.
+        # Calling __reset_value in the same transaction as the removal of
+        # local customizations does nothing
+        self.begin()
+        self.__reset_value(name)
+        self.commit()
+
     def deleteall(self):
+        deleted = []
         (rc, self.blist) = semanage_bool_list_local(self.sh)
         if rc < 0:
             raise ValueError(_("Could not list booleans"))
@@ -2894,10 +2902,45 @@ def deleteall(self):
 
         for boolean in self.blist:
             name = semanage_bool_get_name(boolean)
+            deleted.append(name)
             self.__delete(name)
 
         self.commit()
 
+        # New transaction to reset all affected booleans to their default values.
+        # Calling __reset_value in the same transaction as the removal of
+        # local customizations does nothing
+        self.begin()
+
+        for boolean in deleted:
+            self.__reset_value(boolean)
+
+        self.commit()
+
+    # Set active value to default
+    # Note: this needs to be called in a new transaction after removing local customizations
+    # in order for semanage_bool_query to fetch the default value
+    # (as opposed to the current one -- set by the local customizations)
+    def __reset_value(self, name):
+        name = selinux.selinux_boolean_sub(name)
+
+        (rc, k) = semanage_bool_key_create(self.sh, name)
+        if rc < 0:
+            raise ValueError(_("Could not create a key for %s") % name)
+
+        (rc, b) = semanage_bool_query(self.sh, k)
+        if rc < 0:
+            raise ValueError(_("Could not query boolean %s") % name)
+
+        semanage_bool_set_value(b, semanage_bool_get_value(b))
+
+        rc = semanage_bool_set_active(self.sh, k, b)
+        if rc < 0:
+            raise ValueError(_("Could not set active value of boolean %s") % name)
+
+        semanage_bool_key_free(k)
+        semanage_bool_free(b)
+
     def get_all(self, locallist=0):
         ddict = {}
         if locallist:

diff --git a/sandbox/seunshare.c b/sandbox/seunshare.c
@@ -103,20 +103,20 @@ static int set_signal_handles(void)
 
 	/* Empty the signal mask in case someone is blocking a signal */
 	if (sigemptyset(&empty)) {
-		fprintf(stderr, "Unable to obtain empty signal set\n");
+		fprintf(stderr, _("Unable to obtain empty signal set\n"));
 		return -1;
 	}
 
 	(void)sigprocmask(SIG_SETMASK, &empty, NULL);
 
 	/* Terminate on SIGHUP */
 	if (signal(SIGHUP, SIG_DFL) == SIG_ERR) {
-		perror("Unable to set SIGHUP handler");
+		perror(_("Unable to set SIGHUP handler"));
 		return -1;
 	}
 
 	if (signal(SIGINT, handler) == SIG_ERR) {
-		perror("Unable to set SIGINT handler");
+		perror(_("Unable to set SIGINT handler"));
 		return -1;
 	}
 
@@ -353,7 +353,7 @@ static int rsynccmd(const char * src, const char *dst, char **cmdbuf)
 
 	/* match glob for all files in src dir */
 	if (asprintf(&buf, "%s/*", src) == -1) {
-		fprintf(stderr, "Out of memory\n");
+		fprintf(stderr, _("Out of memory\n"));
 		return -1;
 	}
 
@@ -371,12 +371,12 @@ static int rsynccmd(const char * src, const char *dst, char **cmdbuf)
 
 		if (!buf) {
 			if (asprintf(&newbuf, "\'%s\'", path) == -1) {
-				fprintf(stderr, "Out of memory\n");
+				fprintf(stderr, _("Out of memory\n"));
 				goto err;
 			}
 		} else {
 			if (asprintf(&newbuf, "%s  \'%s\'", buf, path) == -1) {
-				fprintf(stderr, "Out of memory\n");
+				fprintf(stderr, _("Out of memory\n"));
 				goto err;
 			}
 		}
@@ -387,7 +387,7 @@ static int rsynccmd(const char * src, const char *dst, char **cmdbuf)
 
 	if (buf) {
 		if (asprintf(&newbuf, "/usr/bin/rsync -trlHDq %s '%s'", buf, dst) == -1) {
-			fprintf(stderr, "Out of memory\n");
+			fprintf(stderr, _("Out of memory\n"));
 			goto err;
 		}
 		*cmdbuf=newbuf;