diff options
| author | Lennart Poettering <lennart@poettering.net> | 2015-09-01 20:46:27 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2015-09-01 20:46:27 +0200 |
| commit | 92dcf85e11d24b60f099401c1865add607d0bf4a (patch) | |
| tree | 2d6bf33cc1413ab3e53a8ddcf6b79ec68066f638 | |
| parent | fc94c3260549c12892461be031c4b9dc122ca1ef (diff) | |
| parent | 24154879845c6aa68a82d3a606f037e9df7527e0 (diff) | |
| download | systemd-92dcf85e11d24b60f099401c1865add607d0bf4a.tar.gz | |
Merge pull request #1107 from msekletar/selinux-get-raw-context
selinux: always use *_raw API from libselinux
| -rw-r--r-- | src/basic/selinux-util.c | 10 | ||||
| -rw-r--r-- | src/core/selinux-access.c | 4 |
2 files changed, 7 insertions, 7 deletions
diff --git a/src/basic/selinux-util.c b/src/basic/selinux-util.c index 7c58985cd2..a39a0f775a 100644 --- a/src/basic/selinux-util.c +++ b/src/basic/selinux-util.c @@ -199,11 +199,11 @@ int mac_selinux_get_create_label_from_exe(const char *exe, char **label) { if (!mac_selinux_use()) return -EOPNOTSUPP; - r = getcon(&mycon); + r = getcon_raw(&mycon); if (r < 0) return -errno; - r = getfilecon(exe, &fcon); + r = getfilecon_raw(exe, &fcon); if (r < 0) return -errno; @@ -225,7 +225,7 @@ int mac_selinux_get_our_label(char **label) { if (!mac_selinux_use()) return -EOPNOTSUPP; - r = getcon(label); + r = getcon_raw(label); if (r < 0) return -errno; #endif @@ -249,7 +249,7 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char * if (!mac_selinux_use()) return -EOPNOTSUPP; - r = getcon(&mycon); + r = getcon_raw(&mycon); if (r < 0) return -errno; @@ -260,7 +260,7 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char * if (!exec_label) { /* If there is no context set for next exec let's use context of target executable */ - r = getfilecon(exe, &fcon); + r = getfilecon_raw(exe, &fcon); if (r < 0) return -errno; } diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c index f920c2e2cd..40ca0c6166 100644 --- a/src/core/selinux-access.c +++ b/src/core/selinux-access.c @@ -246,7 +246,7 @@ int mac_selinux_generic_access_check( if (path) { /* Get the file context of the unit file */ - r = getfilecon(path, &fcon); + r = getfilecon_raw(path, &fcon); if (r < 0) { r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get file context on %s.", path); goto finish; @@ -254,7 +254,7 @@ int mac_selinux_generic_access_check( tclass = "service"; } else { - r = getcon(&fcon); + r = getcon_raw(&fcon); if (r < 0) { r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get current context."); goto finish; |