mirror of
https://git.savannah.gnu.org/git/coreutils.git
synced 2025-09-10 07:59:52 +02:00
maint: use absolute paths with selabel_lookup
* src/selinux.c: selabel_lookup requires absolute paths (while only older matchpathcon before libselinux < 2.1.5 2011-0826 did). * po/POTFILES.in: Readd src/selinux.c since we now have a translatable error message.
This commit is contained in:
Pádraig Brady
committed by
Paul Eggert
Paul Eggert
parent
344cf0ee5f
commit
7b341f084b
@@ -109,6 +109,7 @@ src/remove.c
|
||||
src/rm.c
|
||||
src/rmdir.c
|
||||
src/runcon.c
|
||||
src/selinux.c
|
||||
src/seq.c
|
||||
src/set-fields.c
|
||||
src/shred.c
|
||||
|
||||
@@ -21,7 +21,9 @@
|
||||
#include <selinux/context.h>
|
||||
#include <sys/types.h>
|
||||
|
||||
#include "die.h"
|
||||
#include "system.h"
|
||||
#include "canonicalize.h"
|
||||
#include "xfts.h"
|
||||
#include "selinux.h"
|
||||
|
||||
@@ -113,6 +115,16 @@ defaultcon (struct selabel_handle *selabel_handle,
|
||||
context_t scontext = 0, tcontext = 0;
|
||||
const char *contype;
|
||||
char *constr;
|
||||
char *newpath = NULL;
|
||||
|
||||
if (! IS_ABSOLUTE_FILE_NAME (path))
|
||||
{
|
||||
newpath = canonicalize_filename_mode (path, CAN_MISSING);
|
||||
if (! newpath)
|
||||
die (EXIT_FAILURE, errno, _("error canonicalizing %s"),
|
||||
quoteaf (path));
|
||||
path = newpath;
|
||||
}
|
||||
|
||||
if (selabel_lookup (selabel_handle, &scon, path, mode) < 0)
|
||||
{
|
||||
@@ -120,7 +132,7 @@ defaultcon (struct selabel_handle *selabel_handle,
|
||||
when processing files, when in fact it was the
|
||||
associated default context that was not found.
|
||||
Therefore map the error to something more appropriate
|
||||
to the context in which we're using matchpathcon(). */
|
||||
to the context in which we're using selabel_lookup(). */
|
||||
if (errno == ENOENT)
|
||||
errno = ENODATA;
|
||||
goto quit;
|
||||
@@ -146,6 +158,7 @@ quit:
|
||||
context_free (tcontext);
|
||||
freecon (scon);
|
||||
freecon (tcon);
|
||||
free (newpath);
|
||||
return rc;
|
||||
}
|
||||
|
||||
@@ -269,8 +282,23 @@ bool
|
||||
restorecon (struct selabel_handle *selabel_handle,
|
||||
char const *path, bool recurse)
|
||||
{
|
||||
char *newpath = NULL;
|
||||
|
||||
if (! IS_ABSOLUTE_FILE_NAME (path))
|
||||
{
|
||||
newpath = canonicalize_filename_mode (path, CAN_MISSING);
|
||||
if (! newpath)
|
||||
die (EXIT_FAILURE, errno, _("error canonicalizing %s"),
|
||||
quoteaf (path));
|
||||
path = newpath;
|
||||
}
|
||||
|
||||
if (! recurse)
|
||||
return restorecon_private (selabel_handle, path) == 0;
|
||||
{
|
||||
bool ok = restorecon_private (selabel_handle, path) != -1;
|
||||
free (newpath);
|
||||
return ok;
|
||||
}
|
||||
|
||||
char const *ftspath[2] = { path, NULL };
|
||||
FTS *fts = xfts_open ((char *const *) ftspath, FTS_PHYSICAL, NULL);
|
||||
@@ -286,6 +314,7 @@ restorecon (struct selabel_handle *selabel_handle,
|
||||
if (fts_close (fts) != 0)
|
||||
err = errno;
|
||||
|
||||
free (newpath);
|
||||
return !err;
|
||||
}
|
||||
#endif
|
||||
|
||||
Reference in New Issue
Block a user