1 files changed, 13 insertions, 2 deletions
diff --git a/libbb/run_shell.c b/libbb/run_shell.c
index 49e8a76c2..4855d763e 100644
--- a/libbb/run_shell.c
+++ b/libbb/run_shell.c
@@ -36,14 +36,20 @@
 #include <syslog.h>
 #include <ctype.h>
 #include "libbb.h"
+#ifdef CONFIG_SELINUX
+#include <proc_secure.h>
+#endif
 /* Run SHELL, or DEFAULT_SHELL if SHELL is empty.
   If COMMAND is nonzero, pass it to the shell with the -c option.
   If ADDITIONAL_ARGS is nonzero, pass it to the shell as more
   arguments.  */
-void run_shell ( const char *shell, int loginshell, const char *command, const char **additional_args )
+void run_shell ( const char *shell, int loginshell, const char *command, const char **additional_args
+#ifdef CONFIG_SELINUX
+        , security_id_t sid
+#endif
+)
 {
        const char **args;
        int argno = 1;
@@ -71,6 +77,11 @@ void run_shell ( const char *shell, int loginshell, const char *command, const c
                        args [argno++] = *additional_args;
        }
        args [argno] = 0;
+#ifdef CONFIG_SELINUX
+        if(sid)
+                execve_secure(shell, (char **) args, environ, sid);
+        else
+#endif
        execv ( shell, (char **) args );
        bb_perror_msg_and_die ( "cannot run %s", shell );
 }

diff --git a/libbb/run_shell.c b/libbb/run_shell.c index 49e8a76c2..4855d763e 100644 --- a/libbb/run_shell.c +++ b/libbb/run_shell.c
@@ -36,14 +36,20 @@
36	#include <syslog.h>	36	#include <syslog.h>
37	#include <ctype.h>	37	#include <ctype.h>
38	#include "libbb.h"	38	#include "libbb.h"
39		39	#ifdef CONFIG_SELINUX
		40	#include <proc_secure.h>
		41	#endif
40		42
41	/* Run SHELL, or DEFAULT_SHELL if SHELL is empty.	43	/* Run SHELL, or DEFAULT_SHELL if SHELL is empty.
42	If COMMAND is nonzero, pass it to the shell with the -c option.	44	If COMMAND is nonzero, pass it to the shell with the -c option.
43	If ADDITIONAL_ARGS is nonzero, pass it to the shell as more	45	If ADDITIONAL_ARGS is nonzero, pass it to the shell as more
44	arguments. */	46	arguments. */
45		47
46	void run_shell ( const char shell, int loginshell, const char command, const char **additional_args )	48	void run_shell ( const char shell, int loginshell, const char command, const char **additional_args
		49	#ifdef CONFIG_SELINUX
		50	, security_id_t sid
		51	#endif
		52	)
47	{	53	{
48	const char **args;	54	const char **args;
49	int argno = 1;	55	int argno = 1;
@@ -71,6 +77,11 @@ void run_shell ( const char shell, int loginshell, const char command, const c
71	args [argno++] = *additional_args;	77	args [argno++] = *additional_args;
72	}	78	}
73	args [argno] = 0;	79	args [argno] = 0;
		80	#ifdef CONFIG_SELINUX
		81	if(sid)
		82	execve_secure(shell, (char **) args, environ, sid);
		83	else
		84	#endif
74	execv ( shell, (char **) args );	85	execv ( shell, (char **) args );
75	bb_perror_msg_and_die ( "cannot run %s", shell );	86	bb_perror_msg_and_die ( "cannot run %s", shell );
76	}	87	}