picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

SELinux: label created symlink instead of node

Browse source 
The current code will label the target of a symlink rather than the
link itself.  This means that the link does not get it's context set
and the target gets the wrong context.
Incidentally this affects the labelling of hard disk device nodes and
can get in the way of booting.

Also get_media() should not be called with devname==NULL.
This commit is contained in:
Russell Coker 2006-12-05 14:32:44 +01:00 committed by Kay Sievers
parent 5284454d5f
commit eb8b496e89
1 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
udev_selinux.c
View file

@ -90,10 +90,13 @@ void selinux_setfilecon(const char *file, const char *devname, unsigned int mode
char *media;
int ret = -1;
media = get_media(devname, mode);
if (media) {
ret = matchmediacon(media, &scontext);
free(media);
if(devname)
{
media = get_media(devname, mode);
if (media) {
ret = matchmediacon(media, &scontext);
free(media);
}
}
if (ret < 0)
@ -102,7 +105,7 @@ void selinux_setfilecon(const char *file, const char *devname, unsigned int mode
return;
}
if (setfilecon(file, scontext) < 0)
if (lsetfilecon(file, scontext) < 0)
err("setfilecon %s failed: %s", file, strerror(errno));
freecon(scontext);