teknoraver / rpms / rpm

Forked from rpms/rpm 4 months ago
Clone
Source Code
GIT

Blame rpm-4.13.0-selinux--permissive-scriptlets.patch

c10s-sig-hyperscale c8 c8s c8s-sig-hyperscale c9 c9s-sig-hyperscale
  1.   8b1762e9545628a61fa1dfb389946ce2a7d6d6ce
  2.   rpm-4.13.0-selinux--permissive-scriptlets.patch
Blob History Raw
Florian Festi 392d6c 
From 0d214a17e412bffa00cfede2d884f02ac78b8434 Mon Sep 17 00:00:00 2001
Florian Festi 392d6c 
From: Florian Festi <ffesti@redhat.com>
Florian Festi 392d6c 
Date: Mon, 12 Oct 2015 12:47:45 +0200
Florian Festi 392d6c 
Subject: [PATCH] Permit scriptlet exec context setting to fail in
Florian Festi 392d6c 
 non-enforcing modes
Florian Festi 392d6c
Florian Festi 392d6c 
for new code path, too.
Florian Festi 392d6c
Florian Festi 392d6c 
See also 9c082fb8689efdaa5a595d3043e67ccec4ed930c
Florian Festi 392d6c 
---
Florian Festi 392d6c 
 plugins/selinux.c | 6 +++---
Florian Festi 392d6c 
 1 file changed, 3 insertions(+), 3 deletions(-)
Florian Festi 392d6c
Florian Festi 392d6c 
diff --git a/plugins/selinux.c b/plugins/selinux.c
Florian Festi 392d6c 
index ea6853b..2751815 100644
Florian Festi 392d6c 
--- a/plugins/selinux.c
Florian Festi 392d6c 
+++ b/plugins/selinux.c
Florian Festi 392d6c 
@@ -134,9 +134,6 @@ exit:
Florian Festi 392d6c 
     freecon(fcon);
Florian Festi 392d6c 
     freecon(mycon);
Florian Festi 392d6c
Florian Festi 392d6c 
-    /* If selinux is not enforcing, we don't care either */
Florian Festi 392d6c 
-    if (rc && security_getenforce() < 1)
Florian Festi 392d6c 
-	rc = RPMRC_OK;
Florian Festi 392d6c 
 #else
Florian Festi 392d6c 
     if (sehandle == NULL)
Florian Festi 392d6c 
 	return RPMRC_OK;
Florian Festi 392d6c 
@@ -149,6 +146,9 @@ exit:
Florian Festi 392d6c 
 	       path, (xx < 0 ? strerror(errno) : ""));
Florian Festi 392d6c 
     }
Florian Festi 392d6c 
 #endif
Florian Festi 392d6c 
+    /* If selinux is not enforcing, we don't care either */
Florian Festi 392d6c 
+    if (rc && security_getenforce() < 1)
Florian Festi 392d6c 
+	rc = RPMRC_OK;
Florian Festi 392d6c
Florian Festi 392d6c 
     return rc;
Florian Festi 392d6c 
 }
Florian Festi 392d6c 
--
Florian Festi 392d6c 
2.1.0
Florian Festi 392d6c

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation