semanage: close the selabel handle

Close the selabel handle to update the file_context. This means that the
file_context will be remmaped and used by selabel_lookup() to return
the appropriate context to label the home folder.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1993081

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This commit is contained in:
Iker Pedrosa 2021-10-08 13:13:13 +02:00
parent 09c752f00f
commit 234af5cf67
3 changed files with 7 additions and 0 deletions

View File

@ -392,6 +392,7 @@ extern /*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const
/* selinux.c */ /* selinux.c */
#ifdef WITH_SELINUX #ifdef WITH_SELINUX
extern int set_selinux_file_context (const char *dst_name, mode_t mode); extern int set_selinux_file_context (const char *dst_name, mode_t mode);
extern void reset_selinux_handle (void);
extern int reset_selinux_file_context (void); extern int reset_selinux_file_context (void);
extern int check_selinux_permit (const char *perm_name); extern int check_selinux_permit (const char *perm_name);
#endif #endif

View File

@ -50,6 +50,11 @@ static void cleanup(void)
} }
} }
void reset_selinux_handle (void)
{
cleanup();
}
/* /*
* set_selinux_file_context - Set the security context before any file or * set_selinux_file_context - Set the security context before any file or
* directory creation. * directory creation.

View File

@ -293,6 +293,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
} }
ret = 0; ret = 0;
reset_selinux_handle();
done: done:
semanage_seuser_key_free (key); semanage_seuser_key_free (key);