diff options
Diffstat (limited to 'openbsd-compat/port-linux.c')
-rw-r--r-- | openbsd-compat/port-linux.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c index 77f3a1c17..d153f8fb5 100644 --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c | |||
@@ -54,7 +54,7 @@ static security_context_t | |||
54 | ssh_selinux_getctxbyname(char *pwname) | 54 | ssh_selinux_getctxbyname(char *pwname) |
55 | { | 55 | { |
56 | security_context_t sc; | 56 | security_context_t sc; |
57 | char *sename = NULL, *lvl = NULL; | 57 | char *sename = NULL, *role = NULL, *lvl = NULL; |
58 | int r; | 58 | int r; |
59 | 59 | ||
60 | #ifdef HAVE_GETSEUSERBYNAME | 60 | #ifdef HAVE_GETSEUSERBYNAME |
@@ -64,11 +64,20 @@ ssh_selinux_getctxbyname(char *pwname) | |||
64 | sename = pwname; | 64 | sename = pwname; |
65 | lvl = NULL; | 65 | lvl = NULL; |
66 | #endif | 66 | #endif |
67 | if (the_authctxt) | ||
68 | role = the_authctxt->role; | ||
67 | 69 | ||
68 | #ifdef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL | 70 | #ifdef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL |
69 | r = get_default_context_with_level(sename, lvl, NULL, &sc); | 71 | if (role != NULL && role[0]) |
72 | r = get_default_context_with_rolelevel(sename, role, lvl, NULL, | ||
73 | &sc); | ||
74 | else | ||
75 | r = get_default_context_with_level(sename, lvl, NULL, &sc); | ||
70 | #else | 76 | #else |
71 | r = get_default_context(sename, NULL, &sc); | 77 | if (role != NULL && role[0]) |
78 | r = get_default_context_with_role(sename, role, NULL, &sc); | ||
79 | else | ||
80 | r = get_default_context(sename, NULL, &sc); | ||
72 | #endif | 81 | #endif |
73 | 82 | ||
74 | if (r != 0) { | 83 | if (r != 0) { |