diff options
author | Paolo Bonzini <bonzini@gnu.org> | 2012-03-16 10:05:51 +0100 |
---|---|---|
committer | Paolo Bonzini <bonzini@gnu.org> | 2012-03-16 10:05:51 +0100 |
commit | c30ee312734d1bab0b4c9d9cccdb66654a95496d (patch) | |
tree | 3c98024299cc8dcf0fe2d4ed11c2708a2aaad2f7 | |
parent | 8528ed0334303c40f1a8df36810bc179e4af23ea (diff) | |
download | sed-c30ee312734d1bab0b4c9d9cccdb66654a95496d.tar.gz |
synchronize SELinux code with GNU sed
2012-03-16 Paolo Bonzini <bonzini@gnu.org>
* execute.c (open_next_file): Save/restore file creation context.
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | sed/execute.c | 16 |
2 files changed, 20 insertions, 0 deletions
@@ -1,3 +1,7 @@ +2012-03-16 Paolo Bonzini <bonzini@gnu.org> + + * execute.c (open_next_file): Save/restore file creation context. + 2010-11-03 Eric Blake <eblake@redhat.com> * basicdefs.h (ISDIGIT): Avoid compiler warning on cygwin. diff --git a/sed/execute.c b/sed/execute.c index 34ce920..9367a34 100644 --- a/sed/execute.c +++ b/sed/execute.c @@ -727,6 +727,11 @@ open_next_file(name, input) { int input_fd; char *tmpdir, *p; +#ifndef BOOTSTRAP + security_context_t old_fscreatecon; + int reset_fscreatecon = 0; + memset (&old_fscreatecon, 0, sizeof (old_fscreatecon)); +#endif /* get the base name */ tmpdir = ck_strdup(input->in_file_name); @@ -749,6 +754,9 @@ open_next_file(name, input) security_context_t con; if (getfilecon (input->in_file_name, &con) != -1) { + /* Save and restore the old context for the sake of w and W + commands. */ + reset_fscreatecon = getfscreatecon (&old_fscreatecon) >= 0; if (setfscreatecon (con) < 0) fprintf (stderr, _("%s: warning: failed to set default file creation context to %s: %s"), myname, con, strerror (errno)); @@ -768,6 +776,14 @@ open_next_file(name, input) output_file.missing_newline = false; free (tmpdir); +#ifndef BOOTSTRAP + if (reset_fscreatecon) + { + setfscreatecon (old_fscreatecon); + freecon (old_fscreatecon); + } +#endif + if (!output_file.fp) panic(_("couldn't open temporary file %s: %s"), input->out_file_name, strerror(errno)); } |