From e3a0a862f625fdabfb0cbe15917a343c9d542d03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Wed, 27 Oct 2021 19:47:49 +0200 Subject: [PATCH] core: correct SELinux label of service credential directory Label the service root credential directory so write_credential() will create entries with the label of their parent directory. Resolves: #21134 --- src/core/execute.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/core/execute.c b/src/core/execute.c index 9d10088901..0c1e2e0563 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -2819,6 +2819,8 @@ static int setup_credentials_internal( assert(!must_mount || workspace_mounted > 0); where = workspace_mounted ? workspace : final; + (void) label_fix_container(where, final, 0); + r = acquire_credentials(context, params, unit, where, uid, workspace_mounted); if (r < 0) return r;