1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-11 05:17:44 +03:00

Add function to open temp files in selinux mode

This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2014-07-13 21:10:38 -04:00
parent a334cbba72
commit f7f628b5db
3 changed files with 24 additions and 13 deletions

View File

@ -25,6 +25,7 @@
#include "fileio-label.h" #include "fileio-label.h"
#include "label.h" #include "label.h"
#include "util.h"
int write_string_file_atomic_label(const char *fn, const char *line) { int write_string_file_atomic_label(const char *fn, const char *line) {
int r; int r;
@ -53,3 +54,18 @@ int write_env_file_label(const char *fname, char **l) {
return r; return r;
} }
int fopen_temporary_label(const char *target,
const char *path, FILE **f, char **temp_path) {
int r;
r = label_context_set("/etc/passwd", S_IFREG);
if (r < 0)
return r;
r = fopen_temporary(path, f, temp_path);
label_context_clear();
return r;
}

View File

@ -27,3 +27,5 @@
int write_string_file_atomic_label(const char *fn, const char *line); int write_string_file_atomic_label(const char *fn, const char *line);
int write_env_file_label(const char *fname, char **l); int write_env_file_label(const char *fname, char **l);
int fopen_temporary_label(const char *target,
const char *path, FILE **f, char **temp_path);

View File

@ -35,6 +35,8 @@
#include "conf-files.h" #include "conf-files.h"
#include "copy.h" #include "copy.h"
#include "utf8.h" #include "utf8.h"
#include "label.h"
#include "fileio-label.h"
typedef enum ItemType { typedef enum ItemType {
ADD_USER = 'u', ADD_USER = 'u',
@ -312,11 +314,7 @@ static int write_files(void) {
_cleanup_fclose_ FILE *original = NULL; _cleanup_fclose_ FILE *original = NULL;
group_path = fix_root("/etc/group"); group_path = fix_root("/etc/group");
r = label_context_set("/etc/group", S_IFREG); r = fopen_temporary_label("/etc/group", group_path, &group, &group_tmp);
if (r < 0)
goto finish;
r = fopen_temporary(group_path, &group, &group_tmp);
label_context_clear();
if (r < 0) if (r < 0)
goto finish; goto finish;
@ -392,14 +390,9 @@ static int write_files(void) {
_cleanup_fclose_ FILE *original = NULL; _cleanup_fclose_ FILE *original = NULL;
passwd_path = fix_root("/etc/passwd"); passwd_path = fix_root("/etc/passwd");
r = label_context_set("/etc/passwd", S_IFREG); r = fopen_temporary_label("/etc/passwd", passwd_path, &passwd, &passwd_tmp);
if (r < 0) if (r < 0)
goto finish; goto finish;
r = fopen_temporary(passwd_path, &passwd, &passwd_tmp);
label_context_clear();
if (r < 0) {
goto finish;
}
if (fchmod(fileno(passwd), 0644) < 0) { if (fchmod(fileno(passwd), 0644) < 0) {
r = -errno; r = -errno;