From 56845ad1c1892934989d3aca1d57dc61fad7f030 Mon Sep 17 00:00:00 2001 From: nekral-guest Date: Fri, 18 May 2012 19:44:53 +0000 Subject: [PATCH] * lib/commonio.c: Fix labeling of /etc/{passwd,shadow,group,gshadow}. It will basically label them with same context as /etc/{passwd+,shadow+,group+,gshadow+} --- ChangeLog | 6 ++++++ lib/commonio.c | 12 ++++++++++++ 2 files changed, 18 insertions(+) diff --git a/ChangeLog b/ChangeLog index 730796b8..98f1a27f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2012-05-18 Peter Vrabec + + * lib/commonio.c: Fix labeling of /etc/{passwd,shadow,group,gshadow}. + It will basically label them with same context as + /etc/{passwd+,shadow+,group+,gshadow+} + 2012-05-18 Nicolas François * src/pwunconv.c: Do not check spw_close() return value (file is diff --git a/lib/commonio.c b/lib/commonio.c index 11e46cd0..1c0555c3 100644 --- a/lib/commonio.c +++ b/lib/commonio.c @@ -977,6 +977,12 @@ int commonio_close (struct commonio_db *db) snprintf (buf, sizeof buf, "%s+", db->filename); +#ifdef WITH_SELINUX + if (set_selinux_file_context (buf) != 0) { + errors++; + } +#endif + db->fp = fopen_set_perms (buf, "w", &sb); if (NULL == db->fp) { goto fail; @@ -1011,6 +1017,12 @@ int commonio_close (struct commonio_db *db) goto fail; } +#ifdef WITH_SELINUX + if (reset_selinux_file_context () != 0) { + goto fail; + } +#endif + nscd_need_reload = true; goto success; fail: