Use matchpathcon mode parameter

2024-12-21 13:34:40 +03:00 · 2005-06-13 13:11:48 +00:00 · 2005-06-13 13:11:48 +00:00 · c8c07bbedc
commit c8c07bbedc
parent 5a3f4a794d
4 changed files with 12 additions and 10 deletions
--- a/3
+++ b/3
@ -1,5 +1,6 @@
-Version 1.01.03 - 10 Jun 2005
+Version 1.01.03 - 13 Jun 2005
 =============================
+  Use matchpathcon mode parameter.
  Fix configure script to re-enable selinux.

 Version 1.01.02 - 17 May 2005
--- a/libdm/ioctl/libdm-iface.c
+++ b/libdm/ioctl/libdm-iface.c
@ -219,7 +219,7 @@ static int _create_control(const char *control, uint32_t major, uint32_t minor)
 	}

 #ifdef HAVE_SELINUX
-        if (!set_selinux_context(control)) {
+        if (!set_selinux_context(control, S_IFCHR)) {
                stack;
                return 0;
        }
--- a/libdm/libdm-common.c
+++ b/libdm/libdm-common.c
@ -200,27 +200,28 @@ int dm_task_add_target(struct dm_task *dmt, uint64_t start, uint64_t size,
 }

 #ifdef HAVE_SELINUX
-int set_selinux_context(const char *path)
+int set_selinux_context(const char *path, mode_t mode)
 {
 	security_context_t scontext;

 	if (is_selinux_enabled() <= 0)
 		return 1;

-	if (matchpathcon(path, 0, &scontext) < 0) {
-		log_error("%s: matchpathcon failed: %s", path, strerror(errno));
+	if (matchpathcon(path, mode, &scontext) < 0) {
+		log_error("%s: matchpathcon %07o failed: %s", path, mode,
+			  strerror(errno));
 		return 0;
 	}

-	log_debug("Setting SELinux context for %s to %s", path, scontext);
+	log_debug("Setting SELinux context for %s to %s.", path, scontext);

 	if ((lsetfilecon(path, scontext) < 0) && (errno != ENOTSUP)) {
 		log_error("%s: lsetfilecon failed: %s", path, strerror(errno));
-		free(scontext);
+		freecon(scontext);
 		return 0;
 	}

-	free(scontext);
+	freecon(scontext);
 	return 1;
 }
 #endif
@ -266,7 +267,7 @@ static int _add_dev_node(const char *dev_name, uint32_t major, uint32_t minor,
 	}

 #ifdef HAVE_SELINUX
-	if (!set_selinux_context(path))
+	if (!set_selinux_context(path, S_IFBLK))
 		return 0;
 #endif

--- a/libdm/libdm-common.h.in
+++ b/libdm/libdm-common.h.in
@ -28,7 +28,7 @@ int rm_dev_node(const char *dev_name);
 int rename_dev_node(const char *old_name, const char *new_name);
 void update_devs(void);

-int set_selinux_context(const char *path);
+int set_selinux_context(const char *path, mode_t mode);

 #define DM_LIB_VERSION @DM_LIB_VERSION@