From 39c651e9097e0e55a52c897982d6e84d281f7396 Mon Sep 17 00:00:00 2001 From: Denis Vlasenko Date: Mon, 12 Mar 2007 18:22:55 +0000 Subject: [PATCH] introduce and use setfscreatecon_or_die (patch by Yuichi Nakamura ) runcon: *yet another* fix for vda's brainfart :( --- coreutils/install.c | 4 +--- coreutils/libcoreutils/getopt_mk_fifo_nod.c | 5 +---- coreutils/mkdir.c | 5 +---- include/libbb.h | 1 + libbb/copy_file.c | 2 +- libbb/selinux_common.c | 10 ++++++++++ selinux/runcon.c | 2 +- 7 files changed, 16 insertions(+), 13 deletions(-) diff --git a/coreutils/install.c b/coreutils/install.c index 1f65407b1..a58a23b6e 100644 --- a/coreutils/install.c +++ b/coreutils/install.c @@ -110,9 +110,7 @@ int install_main(int argc, char **argv) } if (flags & OPT_SET_SECURITY_CONTEXT) { selinux_or_die(); - if (setfscreatecon(scontext) < 0) { - bb_error_msg_and_die("setfscreatecon(%s)", scontext); // perror? - } + setfscreatecon_or_die(scontext); use_default_selinux_context = 0; copy_flags |= FILEUTILS_SET_SECURITY_CONTEXT; } diff --git a/coreutils/libcoreutils/getopt_mk_fifo_nod.c b/coreutils/libcoreutils/getopt_mk_fifo_nod.c index 2e0c27439..32fa9bede 100644 --- a/coreutils/libcoreutils/getopt_mk_fifo_nod.c +++ b/coreutils/libcoreutils/getopt_mk_fifo_nod.c @@ -43,10 +43,7 @@ mode_t getopt_mk_fifo_nod(int argc, char **argv) #if ENABLE_SELINUX if (opt & 2) { selinux_or_die(); - if (setfscreatecon(scontext)) { - bb_error_msg_and_die("cannot set default file creation context " - "to %s", scontext); - } + setfscreatecon_or_die(scontext); } #endif diff --git a/coreutils/mkdir.c b/coreutils/mkdir.c index 93ded1dd5..690e4ab40 100644 --- a/coreutils/mkdir.c +++ b/coreutils/mkdir.c @@ -62,10 +62,7 @@ int mkdir_main(int argc, char **argv) #if ENABLE_SELINUX if (opt & 4) { selinux_or_die(); - if (setfscreatecon(scontext)) { - bb_error_msg_and_die("cannot set default file creation context " - "to %s", scontext); - } + setfscreatecon_or_die(scontext); } #endif diff --git a/include/libbb.h b/include/libbb.h index 69652b666..401fce4cf 100644 --- a/include/libbb.h +++ b/include/libbb.h @@ -601,6 +601,7 @@ extern void renew_current_security_context(void); extern void set_current_security_context(security_context_t sid); extern context_t set_security_context_component(security_context_t cur_context, char *user, char *role, char *type, char *range); +extern void setfscreatecon_or_die(security_context_t scontext); #endif extern void selinux_or_die(void); extern int restricted_shell(const char *shell); diff --git a/libbb/copy_file.c b/libbb/copy_file.c index 6391824aa..07564afd0 100644 --- a/libbb/copy_file.c +++ b/libbb/copy_file.c @@ -74,7 +74,7 @@ int copy_file(const char *source, const char *dest, int flags) } } else { if (errno == ENOTSUP || errno == ENODATA) { - setfscreatecon(NULL); + setfscreatecon_or_die(NULL); } else { bb_perror_msg("cannot lgetfilecon %s", source); return -1; diff --git a/libbb/selinux_common.c b/libbb/selinux_common.c index 70d63a465..d506f0636 100644 --- a/libbb/selinux_common.c +++ b/libbb/selinux_common.c @@ -28,3 +28,13 @@ error: context_free(con); return NULL; } + +void setfscreatecon_or_die(security_context_t scontext) +{ + if (setfscreatecon(scontext) < 0) { + /* Can be NULL. All known printf implementations + * display "(null)", "" etc */ + bb_perror_msg_and_die("cannot set default " + "file creation context to %s", scontext); + } +} diff --git a/selinux/runcon.c b/selinux/runcon.c index 24e436feb..8888ccc7b 100644 --- a/selinux/runcon.c +++ b/selinux/runcon.c @@ -132,6 +132,6 @@ int runcon_main(int argc, char *argv[]) execvp(argv[0], argv); - bb_perror_msg_and_die("cannot execute '%s'", command); + bb_perror_msg_and_die("cannot execute '%s'", argv[0]); return 1; }