Use matchpathcon mode parameter.

WHATS_NEW

@@ -1,5 +1,7 @@
 Version 2.01.11 - 
 ==============================
+  Use matchpathcon mode parameter.
+  Don't defer closing dead FDs in clvmd.
   Remove hard-coded 64k text metadata writing restriction.
   Make VG name restrictions consistent.
   Introduce lvconvert.  So far only removes mirror images.
@@ -36,7 +38,6 @@ Version 2.01.11 -
   lv_reduce tidying.
   Remove some unnecessary parameters.
   Introduce seg_is macros.
-  Don't defer closing dead FDs in clvmd.
 
 Version 2.01.10 - 3rd May 2005
 ==============================

lib/activate/fs.c

@@ -180,7 +180,7 @@ static int _mk_link(const char *dev_dir, const char *vg_name,
 	}
 
 #ifdef HAVE_SELINUX
-        if (!set_selinux_context(lv_path)) {
+        if (!set_selinux_context(lv_path, S_IFLNK)) {
                 stack;
                 return 0;
         }

lib/misc/selinux.c

@@ -18,27 +18,28 @@
 
 #include <selinux/selinux.h>
 
-int set_selinux_context(const char *path)
+int set_selinux_context(const char *path, mode_t mode)
 {
 	security_context_t scontext;
 
 	if (is_selinux_enabled() <= 0)
 		return 1;
 
-	if (matchpathcon(path, 0, &scontext) < 0) {
-		log_sys_error("matchpathcon", path);
+	if (matchpathcon(path, mode, &scontext) < 0) {
+		log_error("%s: matchpathcon %07o failed: %s", path, mode,
+			  strerror(errno));
 		return 0;
 	}
 
-	log_very_verbose("Setting SELinux context for %s to %s",
+	log_very_verbose("Setting SELinux context for %s to %s.",
 			 path, scontext);
 
 	if ((lsetfilecon(path, scontext) < 0) && (errno != ENOTSUP)) {
 		log_sys_error("lsetfilecon", path);
-		free(scontext);
+		freecon(scontext);
 		return 0;
 	}
 
-	free(scontext);
+	freecon(scontext);
 	return 1;
 }

lib/misc/selinux.h

@@ -15,6 +15,8 @@
 #ifndef _LVM_SELINUX_H
 #define _LVM_SELINUX_H
 
-int set_selinux_context(const char * path);
+#include <sys/types.h>
+
+int set_selinux_context(const char * path, mode_t mode);
 
 #endif