selinux: create standard user-runtime nodes with default context
Currently systemd-user-runtime-dir does not create the files in
/run/user/$UID/systemd/inaccessible with the default SELinux label.
The user and role part of these labels should be based on the user
related to $UID and not based on the process context of
systemd-user-runtime-dir.
Since v246-rc1 (9664be199a
) /run/user/$UID/systemd is also created by
systemd-user-runtime-dir and should also be created with the default
SELinux context.
This commit is contained in:
parent
7a3e4dc38b
commit
8d9cbd809d
|
@ -103,9 +103,9 @@ int make_inaccessible_nodes(
|
|||
return log_oom();
|
||||
|
||||
if (S_ISDIR(table[i].mode))
|
||||
r = mkdir(path, table[i].mode & 07777);
|
||||
r = mkdir_label(path, table[i].mode & 07777);
|
||||
else
|
||||
r = mknod(path, table[i].mode, makedev(0, 0));
|
||||
r = mknod_label(path, table[i].mode, makedev(0, 0));
|
||||
if (r < 0) {
|
||||
if (errno != EEXIST)
|
||||
log_debug_errno(errno, "Failed to create '%s', ignoring: %m", path);
|
||||
|
|
Loading…
Reference in New Issue