diff options
| author | Denis Vlasenko <vda.linux@googlemail.com> | 2007-03-12 18:22:55 +0000 |
|---|---|---|
| committer | Denis Vlasenko <vda.linux@googlemail.com> | 2007-03-12 18:22:55 +0000 |
| commit | 39c651e9097e0e55a52c897982d6e84d281f7396 (patch) | |
| tree | ad535283af2299825f65b6b44c889dc7e7bfc842 | |
| parent | b3f09f4a5092aacbdc3da80d4fefeaf06445a4f8 (diff) | |
| download | busybox-w32-39c651e9097e0e55a52c897982d6e84d281f7396.tar.gz busybox-w32-39c651e9097e0e55a52c897982d6e84d281f7396.tar.bz2 busybox-w32-39c651e9097e0e55a52c897982d6e84d281f7396.zip | |
introduce and use setfscreatecon_or_die
(patch by Yuichi Nakamura <ynakam@hitachisoft.jp>)
runcon: *yet another* fix for vda's brainfart :(
| -rw-r--r-- | coreutils/install.c | 4 | ||||
| -rw-r--r-- | coreutils/libcoreutils/getopt_mk_fifo_nod.c | 5 | ||||
| -rw-r--r-- | coreutils/mkdir.c | 5 | ||||
| -rw-r--r-- | include/libbb.h | 1 | ||||
| -rw-r--r-- | libbb/copy_file.c | 2 | ||||
| -rw-r--r-- | libbb/selinux_common.c | 10 | ||||
| -rw-r--r-- | selinux/runcon.c | 2 |
7 files changed, 16 insertions, 13 deletions
diff --git a/coreutils/install.c b/coreutils/install.c index 1f65407b1..a58a23b6e 100644 --- a/coreutils/install.c +++ b/coreutils/install.c | |||
| @@ -110,9 +110,7 @@ int install_main(int argc, char **argv) | |||
| 110 | } | 110 | } |
| 111 | if (flags & OPT_SET_SECURITY_CONTEXT) { | 111 | if (flags & OPT_SET_SECURITY_CONTEXT) { |
| 112 | selinux_or_die(); | 112 | selinux_or_die(); |
| 113 | if (setfscreatecon(scontext) < 0) { | 113 | setfscreatecon_or_die(scontext); |
| 114 | bb_error_msg_and_die("setfscreatecon(%s)", scontext); // perror? | ||
| 115 | } | ||
| 116 | use_default_selinux_context = 0; | 114 | use_default_selinux_context = 0; |
| 117 | copy_flags |= FILEUTILS_SET_SECURITY_CONTEXT; | 115 | copy_flags |= FILEUTILS_SET_SECURITY_CONTEXT; |
| 118 | } | 116 | } |
diff --git a/coreutils/libcoreutils/getopt_mk_fifo_nod.c b/coreutils/libcoreutils/getopt_mk_fifo_nod.c index 2e0c27439..32fa9bede 100644 --- a/coreutils/libcoreutils/getopt_mk_fifo_nod.c +++ b/coreutils/libcoreutils/getopt_mk_fifo_nod.c | |||
| @@ -43,10 +43,7 @@ mode_t getopt_mk_fifo_nod(int argc, char **argv) | |||
| 43 | #if ENABLE_SELINUX | 43 | #if ENABLE_SELINUX |
| 44 | if (opt & 2) { | 44 | if (opt & 2) { |
| 45 | selinux_or_die(); | 45 | selinux_or_die(); |
| 46 | if (setfscreatecon(scontext)) { | 46 | setfscreatecon_or_die(scontext); |
| 47 | bb_error_msg_and_die("cannot set default file creation context " | ||
| 48 | "to %s", scontext); | ||
| 49 | } | ||
| 50 | } | 47 | } |
| 51 | #endif | 48 | #endif |
| 52 | 49 | ||
diff --git a/coreutils/mkdir.c b/coreutils/mkdir.c index 93ded1dd5..690e4ab40 100644 --- a/coreutils/mkdir.c +++ b/coreutils/mkdir.c | |||
| @@ -62,10 +62,7 @@ int mkdir_main(int argc, char **argv) | |||
| 62 | #if ENABLE_SELINUX | 62 | #if ENABLE_SELINUX |
| 63 | if (opt & 4) { | 63 | if (opt & 4) { |
| 64 | selinux_or_die(); | 64 | selinux_or_die(); |
| 65 | if (setfscreatecon(scontext)) { | 65 | setfscreatecon_or_die(scontext); |
| 66 | bb_error_msg_and_die("cannot set default file creation context " | ||
| 67 | "to %s", scontext); | ||
| 68 | } | ||
| 69 | } | 66 | } |
| 70 | #endif | 67 | #endif |
| 71 | 68 | ||
diff --git a/include/libbb.h b/include/libbb.h index 69652b666..401fce4cf 100644 --- a/include/libbb.h +++ b/include/libbb.h | |||
| @@ -601,6 +601,7 @@ extern void renew_current_security_context(void); | |||
| 601 | extern void set_current_security_context(security_context_t sid); | 601 | extern void set_current_security_context(security_context_t sid); |
| 602 | extern context_t set_security_context_component(security_context_t cur_context, | 602 | extern context_t set_security_context_component(security_context_t cur_context, |
| 603 | char *user, char *role, char *type, char *range); | 603 | char *user, char *role, char *type, char *range); |
| 604 | extern void setfscreatecon_or_die(security_context_t scontext); | ||
| 604 | #endif | 605 | #endif |
| 605 | extern void selinux_or_die(void); | 606 | extern void selinux_or_die(void); |
| 606 | extern int restricted_shell(const char *shell); | 607 | extern int restricted_shell(const char *shell); |
diff --git a/libbb/copy_file.c b/libbb/copy_file.c index 6391824aa..07564afd0 100644 --- a/libbb/copy_file.c +++ b/libbb/copy_file.c | |||
| @@ -74,7 +74,7 @@ int copy_file(const char *source, const char *dest, int flags) | |||
| 74 | } | 74 | } |
| 75 | } else { | 75 | } else { |
| 76 | if (errno == ENOTSUP || errno == ENODATA) { | 76 | if (errno == ENOTSUP || errno == ENODATA) { |
| 77 | setfscreatecon(NULL); | 77 | setfscreatecon_or_die(NULL); |
| 78 | } else { | 78 | } else { |
| 79 | bb_perror_msg("cannot lgetfilecon %s", source); | 79 | bb_perror_msg("cannot lgetfilecon %s", source); |
| 80 | return -1; | 80 | return -1; |
diff --git a/libbb/selinux_common.c b/libbb/selinux_common.c index 70d63a465..d506f0636 100644 --- a/libbb/selinux_common.c +++ b/libbb/selinux_common.c | |||
| @@ -28,3 +28,13 @@ error: | |||
| 28 | context_free(con); | 28 | context_free(con); |
| 29 | return NULL; | 29 | return NULL; |
| 30 | } | 30 | } |
| 31 | |||
| 32 | void setfscreatecon_or_die(security_context_t scontext) | ||
| 33 | { | ||
| 34 | if (setfscreatecon(scontext) < 0) { | ||
| 35 | /* Can be NULL. All known printf implementations | ||
| 36 | * display "(null)", "<null>" etc */ | ||
| 37 | bb_perror_msg_and_die("cannot set default " | ||
| 38 | "file creation context to %s", scontext); | ||
| 39 | } | ||
| 40 | } | ||
diff --git a/selinux/runcon.c b/selinux/runcon.c index 24e436feb..8888ccc7b 100644 --- a/selinux/runcon.c +++ b/selinux/runcon.c | |||
| @@ -132,6 +132,6 @@ int runcon_main(int argc, char *argv[]) | |||
| 132 | 132 | ||
| 133 | execvp(argv[0], argv); | 133 | execvp(argv[0], argv); |
| 134 | 134 | ||
| 135 | bb_perror_msg_and_die("cannot execute '%s'", command); | 135 | bb_perror_msg_and_die("cannot execute '%s'", argv[0]); |
| 136 | return 1; | 136 | return 1; |
| 137 | } | 137 | } |