1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-25 23:21:33 +03:00
Commit Graph

14 Commits

Author SHA1 Message Date
Kay Sievers
c7a42aea3c selinux: fix typo in block device node selection 2006-05-07 22:31:06 +02:00
Kay Sievers
1aa1e24848 replace libsysfs
We never used any of the libsysfs convenience features. Here we replace
it completely with 300 lines of code, which are much simpler and a bit
faster cause udev(d) does not open any syfs file for a simple event which
does not need any parent device information.

Signed-off-by: Kay Sievers <kay.sievers@suse.de>
2006-01-09 21:18:00 +01:00
Marco d'Itri
68cfe3b5c8 udev_selinux.c: include udev.h 2005-12-26 17:21:25 +01:00
Kay Sievers
1698d39857 use udev_root instead of "/dev"in selinux matchpathcon_init_prefix()
Taken from Red Hat CVS:
  udev-075-selinux.patch
2005-12-22 17:29:20 +01:00
Harald Hoyer
65e63a710e optimize SELinux path match 2005-12-06 19:00:40 +01:00
Marco d'Itri
df4e89bfa6 move some logging from dbg() to info() 2005-11-07 18:52:03 +01:00
Marco d'Itri
ff3e4bed21 add strerror() to error logs 2005-11-07 18:44:18 +01:00
Greg KH
4d7726399b selinux merge fixups again... 2005-04-26 23:52:14 -07:00
Greg KH
7eb92135c6 more merge fixups, looks like i missed a selinux patch somewhere... 2005-04-26 23:48:29 -07:00
pebenito@gentoo.org
b55e654026 [PATCH] udev selinux fix
Here is a fix for the SELinux part of udev.

Setfscreatecon() overrides the default labeling behavior of SELinux when
creating files, so it should only be used for as short of a time as
possible, around the mknod or symlink calls.  Without this, the files in
udev_db get the wrong label because the fscreatecon is reset after the
udev_db file creation instead of before.  I'm guessing the Redhat people
missed this because they modify udev_db to be one big file instead of a
directory of small files (at least that's what I'm told).  I created
selinux_resetfscreatecon() to reset the fscreatecon asap after the
file/node is created.

Fixed a memory leak in selinux_init.  Getfscreatecon() allocates memory
for the context, and the udev code was immediately setting the pointer
(security_context_t is actually a typedef'ed char*) to NULL after the
call regardless of success/failure.  If you're wondering about the case
where there's effectively a setfscreatecon(NULL), this is ok, as its
used to tell SELinux to do the default labeling behavior.

Renamed selinux_restore() to selinux_exit() due to the changed behavior.

Fixed a couple of dbg() messages.
2005-04-26 23:39:48 -07:00
kay.sievers@vrfy.org
fbda4a34d8 [PATCH] selinux: cleanup udev integration
Move code into a .c-file instead of big inline functions in a header file.
Pass the device name down instead of relying that the node name is equal
to the kernel name.
2005-04-26 23:24:19 -07:00
greg@kroah.com
0384e43ad9 [PATCH] move udev_selinux into extras/selinux 2005-04-26 21:35:11 -07:00
greg@kroah.com
b528cd4920 [PATCH] first cut at standalone udev_selinux program.
Will not work, need to finish working on this on a system with selinux installed...
2005-04-26 21:35:11 -07:00
greg@kroah.com
8481f8ce2b [PATCH] Add initial SELinux support for udev
Based on a patch from Daniel J Walsh <dwalsh@redhat.com>
2005-04-26 21:32:31 -07:00