mirror of
https://github.com/systemd/systemd.git
synced 2024-12-25 01:34:28 +03:00
Merge pull request #1107 from msekletar/selinux-get-raw-context
selinux: always use *_raw API from libselinux
This commit is contained in:
commit
92dcf85e11
@ -199,11 +199,11 @@ int mac_selinux_get_create_label_from_exe(const char *exe, char **label) {
|
||||
if (!mac_selinux_use())
|
||||
return -EOPNOTSUPP;
|
||||
|
||||
r = getcon(&mycon);
|
||||
r = getcon_raw(&mycon);
|
||||
if (r < 0)
|
||||
return -errno;
|
||||
|
||||
r = getfilecon(exe, &fcon);
|
||||
r = getfilecon_raw(exe, &fcon);
|
||||
if (r < 0)
|
||||
return -errno;
|
||||
|
||||
@ -225,7 +225,7 @@ int mac_selinux_get_our_label(char **label) {
|
||||
if (!mac_selinux_use())
|
||||
return -EOPNOTSUPP;
|
||||
|
||||
r = getcon(label);
|
||||
r = getcon_raw(label);
|
||||
if (r < 0)
|
||||
return -errno;
|
||||
#endif
|
||||
@ -249,7 +249,7 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *
|
||||
if (!mac_selinux_use())
|
||||
return -EOPNOTSUPP;
|
||||
|
||||
r = getcon(&mycon);
|
||||
r = getcon_raw(&mycon);
|
||||
if (r < 0)
|
||||
return -errno;
|
||||
|
||||
@ -260,7 +260,7 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *
|
||||
if (!exec_label) {
|
||||
/* If there is no context set for next exec let's use context
|
||||
of target executable */
|
||||
r = getfilecon(exe, &fcon);
|
||||
r = getfilecon_raw(exe, &fcon);
|
||||
if (r < 0)
|
||||
return -errno;
|
||||
}
|
||||
|
@ -246,7 +246,7 @@ int mac_selinux_generic_access_check(
|
||||
if (path) {
|
||||
/* Get the file context of the unit file */
|
||||
|
||||
r = getfilecon(path, &fcon);
|
||||
r = getfilecon_raw(path, &fcon);
|
||||
if (r < 0) {
|
||||
r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get file context on %s.", path);
|
||||
goto finish;
|
||||
@ -254,7 +254,7 @@ int mac_selinux_generic_access_check(
|
||||
|
||||
tclass = "service";
|
||||
} else {
|
||||
r = getcon(&fcon);
|
||||
r = getcon_raw(&fcon);
|
||||
if (r < 0) {
|
||||
r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get current context.");
|
||||
goto finish;
|
||||
|
Loading…
Reference in New Issue
Block a user