diff options
author | Damien Miller <djm@mindrot.org> | 2011-01-28 10:30:18 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2011-01-28 10:30:18 +1100 |
commit | d4a5504cb19acf061bc6d68362b666416b21d9b3 (patch) | |
tree | 29cd39855abe1013454115014a9873729f23b225 | |
parent | 648f876566053e6df45060019d370d9ea73f08f4 (diff) |
- (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled
before attempting setfscreatecon(). Check whether matchpathcon()
succeeded before using its result. Patch from cjwatson AT debian.org;
bz#1851
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | openbsd-compat/port-linux.c | 16 |
2 files changed, 15 insertions, 7 deletions
@@ -1,3 +1,9 @@ | |||
1 | 20110128 | ||
2 | - (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled | ||
3 | before attempting setfscreatecon(). Check whether matchpathcon() | ||
4 | succeeded before using its result. Patch from cjwatson AT debian.org; | ||
5 | bz#1851 | ||
6 | |||
1 | 20110127 | 7 | 20110127 |
2 | - (tim) [config.guess config.sub] Sync with upstream. | 8 | - (tim) [config.guess config.sub] Sync with upstream. |
3 | - (tim) [configure.ac] Consistent M4 quoting throughout, updated obsolete | 9 | - (tim) [configure.ac] Consistent M4 quoting throughout, updated obsolete |
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c index b152efc29..eb280e616 100644 --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: port-linux.c,v 1.12 2011/01/25 01:16:18 djm Exp $ */ | 1 | /* $Id: port-linux.c,v 1.13 2011/01/27 23:30:20 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com> | 4 | * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com> |
@@ -209,13 +209,15 @@ ssh_selinux_change_context(const char *newname) | |||
209 | void | 209 | void |
210 | ssh_selinux_setfscreatecon(const char *path) | 210 | ssh_selinux_setfscreatecon(const char *path) |
211 | { | 211 | { |
212 | security_context_t context; | 212 | security_context_t context; |
213 | 213 | ||
214 | if (path == NULL) { | 214 | if (!ssh_selinux_enabled()) |
215 | setfscreatecon(NULL); | 215 | return; |
216 | return; | 216 | if (path == NULL) |
217 | } | 217 | setfscreatecon(NULL); |
218 | matchpathcon(path, 0700, &context); | 218 | return; |
219 | } | ||
220 | if (matchpathcon(path, 0700, &context) == 0) | ||
219 | setfscreatecon(context); | 221 | setfscreatecon(context); |
220 | } | 222 | } |
221 | 223 | ||