|
 |
7a3408 |
From e0e54b182c8ab8ba5be114d70e8a1ad17767bf4e Mon Sep 17 00:00:00 2001
|
|
|
7a3408 |
Message-Id: <e0e54b182c8ab8ba5be114d70e8a1ad17767bf4e@dist-git>
|
|
|
7a3408 |
From: Martin Kletzander <mkletzan@redhat.com>
|
|
|
7a3408 |
Date: Mon, 24 Aug 2015 13:04:45 +0200
|
|
|
7a3408 |
Subject: [PATCH] security_selinux: Use proper structure to access socket data
|
|
|
7a3408 |
|
|
|
7a3408 |
https://bugzilla.redhat.com/show_bug.cgi?id=1146886
|
|
|
7a3408 |
|
|
|
7a3408 |
In virSecuritySELinuxSetSecurityChardevLabel() we are labelling unix
|
|
|
7a3408 |
socket path, but accessing another structure of the union. This does
|
|
|
7a3408 |
not pose a problem currently as both paths are at the same offset, but
|
|
|
7a3408 |
this should be fixed for the future.
|
|
|
7a3408 |
|
|
|
7a3408 |
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
|
|
|
7a3408 |
(cherry picked from commit 4ac6ce38d3bc60f45491509ede4fc8437348048c)
|
|
|
7a3408 |
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
|
|
|
7a3408 |
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
7a3408 |
---
|
|
|
7a3408 |
src/security/security_selinux.c | 2 +-
|
|
|
7a3408 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
7a3408 |
|
|
|
7a3408 |
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
|
|
|
7a3408 |
index 6e67a86..a37f8c1 100644
|
|
|
7a3408 |
--- a/src/security/security_selinux.c
|
|
|
7a3408 |
+++ b/src/security/security_selinux.c
|
|
|
7a3408 |
@@ -1740,7 +1740,7 @@ virSecuritySELinuxSetSecurityChardevLabel(virDomainDefPtr def,
|
|
|
7a3408 |
|
|
|
7a3408 |
case VIR_DOMAIN_CHR_TYPE_UNIX:
|
|
|
7a3408 |
if (!dev_source->data.nix.listen) {
|
|
|
7a3408 |
- if (virSecuritySELinuxSetFilecon(dev_source->data.file.path,
|
|
|
7a3408 |
+ if (virSecuritySELinuxSetFilecon(dev_source->data.nix.path,
|
|
|
7a3408 |
imagelabel) < 0)
|
|
|
7a3408 |
goto done;
|
|
|
7a3408 |
}
|
|
|
7a3408 |
--
|
|
|
7a3408 |
2.5.1
|
|
|
7a3408 |
|