introduce and use setfscreatecon_or_die

(patch by Yuichi Nakamura <ynakam@hitachisoft.jp>)
runcon: *yet another* fix for vda's brainfart :(
This commit is contained in:
Denis Vlasenko 2007-03-12 18:22:55 +00:00
parent b3f09f4a50
commit 39c651e909
7 changed files with 16 additions and 13 deletions

View File

@ -110,9 +110,7 @@ int install_main(int argc, char **argv)
} }
if (flags & OPT_SET_SECURITY_CONTEXT) { if (flags & OPT_SET_SECURITY_CONTEXT) {
selinux_or_die(); selinux_or_die();
if (setfscreatecon(scontext) < 0) { setfscreatecon_or_die(scontext);
bb_error_msg_and_die("setfscreatecon(%s)", scontext); // perror?
}
use_default_selinux_context = 0; use_default_selinux_context = 0;
copy_flags |= FILEUTILS_SET_SECURITY_CONTEXT; copy_flags |= FILEUTILS_SET_SECURITY_CONTEXT;
} }

View File

@ -43,10 +43,7 @@ mode_t getopt_mk_fifo_nod(int argc, char **argv)
#if ENABLE_SELINUX #if ENABLE_SELINUX
if (opt & 2) { if (opt & 2) {
selinux_or_die(); selinux_or_die();
if (setfscreatecon(scontext)) { setfscreatecon_or_die(scontext);
bb_error_msg_and_die("cannot set default file creation context "
"to %s", scontext);
}
} }
#endif #endif

View File

@ -62,10 +62,7 @@ int mkdir_main(int argc, char **argv)
#if ENABLE_SELINUX #if ENABLE_SELINUX
if (opt & 4) { if (opt & 4) {
selinux_or_die(); selinux_or_die();
if (setfscreatecon(scontext)) { setfscreatecon_or_die(scontext);
bb_error_msg_and_die("cannot set default file creation context "
"to %s", scontext);
}
} }
#endif #endif

View File

@ -601,6 +601,7 @@ extern void renew_current_security_context(void);
extern void set_current_security_context(security_context_t sid); extern void set_current_security_context(security_context_t sid);
extern context_t set_security_context_component(security_context_t cur_context, extern context_t set_security_context_component(security_context_t cur_context,
char *user, char *role, char *type, char *range); char *user, char *role, char *type, char *range);
extern void setfscreatecon_or_die(security_context_t scontext);
#endif #endif
extern void selinux_or_die(void); extern void selinux_or_die(void);
extern int restricted_shell(const char *shell); extern int restricted_shell(const char *shell);

View File

@ -74,7 +74,7 @@ int copy_file(const char *source, const char *dest, int flags)
} }
} else { } else {
if (errno == ENOTSUP || errno == ENODATA) { if (errno == ENOTSUP || errno == ENODATA) {
setfscreatecon(NULL); setfscreatecon_or_die(NULL);
} else { } else {
bb_perror_msg("cannot lgetfilecon %s", source); bb_perror_msg("cannot lgetfilecon %s", source);
return -1; return -1;

View File

@ -28,3 +28,13 @@ error:
context_free(con); context_free(con);
return NULL; return NULL;
} }
void setfscreatecon_or_die(security_context_t scontext)
{
if (setfscreatecon(scontext) < 0) {
/* Can be NULL. All known printf implementations
* display "(null)", "<null>" etc */
bb_perror_msg_and_die("cannot set default "
"file creation context to %s", scontext);
}
}

View File

@ -132,6 +132,6 @@ int runcon_main(int argc, char *argv[])
execvp(argv[0], argv); execvp(argv[0], argv);
bb_perror_msg_and_die("cannot execute '%s'", command); bb_perror_msg_and_die("cannot execute '%s'", argv[0]);
return 1; return 1;
} }