|
|
9f13c6 |
diff -up shadow-4.6/lib/semanage.c.selinux shadow-4.6/lib/semanage.c
|
|
|
9f13c6 |
--- shadow-4.6/lib/semanage.c.selinux 2018-04-29 18:42:37.000000000 +0200
|
|
|
9f13c6 |
+++ shadow-4.6/lib/semanage.c 2018-05-28 13:38:20.551008911 +0200
|
|
|
9f13c6 |
@@ -294,6 +294,9 @@ int set_seuser (const char *login_name,
|
|
|
9f13c6 |
|
|
|
9f13c6 |
ret = 0;
|
|
|
9f13c6 |
|
|
|
9f13c6 |
+ /* drop obsolete matchpathcon cache */
|
|
|
9f13c6 |
+ matchpathcon_fini();
|
|
|
9f13c6 |
+
|
|
|
9f13c6 |
done:
|
|
|
9f13c6 |
semanage_seuser_key_free (key);
|
|
|
9f13c6 |
semanage_handle_destroy (handle);
|
|
|
9f13c6 |
@@ -369,6 +372,10 @@ int del_seuser (const char *login_name)
|
|
|
9f13c6 |
}
|
|
|
9f13c6 |
|
|
|
9f13c6 |
ret = 0;
|
|
|
9f13c6 |
+
|
|
|
9f13c6 |
+ /* drop obsolete matchpathcon cache */
|
|
|
9f13c6 |
+ matchpathcon_fini();
|
|
|
9f13c6 |
+
|
|
|
9f13c6 |
done:
|
|
|
9f13c6 |
semanage_handle_destroy (handle);
|
|
|
9f13c6 |
return ret;
|
|
|
9f13c6 |
diff -up shadow-4.6/src/useradd.c.selinux shadow-4.6/src/useradd.c
|
|
|
9f13c6 |
--- shadow-4.6/src/useradd.c.selinux 2018-05-28 13:43:30.996748997 +0200
|
|
|
9f13c6 |
+++ shadow-4.6/src/useradd.c 2018-05-28 13:44:04.645486199 +0200
|
|
|
9f13c6 |
@@ -2120,6 +2120,7 @@ static void create_mail (void)
|
|
|
9f13c6 |
*/
|
|
|
9f13c6 |
int main (int argc, char **argv)
|
|
|
9f13c6 |
{
|
|
|
9f13c6 |
+ int rv = E_SUCCESS;
|
|
|
9f13c6 |
#ifdef ACCT_TOOLS_SETUID
|
|
|
9f13c6 |
#ifdef USE_PAM
|
|
|
9f13c6 |
pam_handle_t *pamh = NULL;
|
|
|
9f13c6 |
@@ -2342,27 +2343,11 @@ int main (int argc, char **argv)
|
|
|
9f13c6 |
|
|
|
9f13c6 |
usr_update ();
|
|
|
9f13c6 |
|
|
|
9f13c6 |
- if (mflg) {
|
|
|
9f13c6 |
- create_home ();
|
|
|
9f13c6 |
- if (home_added) {
|
|
|
9f13c6 |
- copy_tree (def_template, prefix_user_home, false, false,
|
|
|
9f13c6 |
- (uid_t)-1, user_id, (gid_t)-1, user_gid);
|
|
|
9f13c6 |
- } else {
|
|
|
9f13c6 |
- fprintf (stderr,
|
|
|
9f13c6 |
- _("%s: warning: the home directory already exists.\n"
|
|
|
9f13c6 |
- "Not copying any file from skel directory into it.\n"),
|
|
|
9f13c6 |
- Prog);
|
|
|
9f13c6 |
- }
|
|
|
9f13c6 |
-
|
|
|
9f13c6 |
- }
|
|
|
9f13c6 |
-
|
|
|
9f13c6 |
- /* Do not create mail directory for system accounts */
|
|
|
9f13c6 |
- if (!rflg) {
|
|
|
9f13c6 |
- create_mail ();
|
|
|
9f13c6 |
- }
|
|
|
9f13c6 |
-
|
|
|
9f13c6 |
close_files ();
|
|
|
9f13c6 |
|
|
|
9f13c6 |
+ nscd_flush_cache ("passwd");
|
|
|
9f13c6 |
+ nscd_flush_cache ("group");
|
|
|
9f13c6 |
+
|
|
|
9f13c6 |
/*
|
|
|
9f13c6 |
* tallylog_reset needs to be able to lookup
|
|
|
9f13c6 |
* a valid existing user name,
|
|
|
9f13c6 |
@@ -2373,8 +2358,9 @@ int main (int argc, char **argv)
|
|
|
9f13c6 |
}
|
|
|
9f13c6 |
|
|
|
9f13c6 |
#ifdef WITH_SELINUX
|
|
|
9f13c6 |
- if (Zflg) {
|
|
|
9f13c6 |
- if (set_seuser (user_name, user_selinux) != 0) {
|
|
|
9f13c6 |
+ if (Zflg && *user_selinux) {
|
|
|
9f13c6 |
+ if (is_selinux_enabled () > 0) {
|
|
|
9f13c6 |
+ if (set_seuser (user_name, user_selinux) != 0) {
|
|
|
9f13c6 |
fprintf (stderr,
|
|
|
9f13c6 |
_("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
|
|
|
9f13c6 |
Prog, user_name, user_selinux);
|
|
|
9f13c6 |
@@ -2383,14 +2369,31 @@ int main (int argc, char **argv)
|
|
|
9f13c6 |
"adding SELinux user mapping",
|
|
|
9f13c6 |
user_name, (unsigned int) user_id, 0);
|
|
|
9f13c6 |
#endif /* WITH_AUDIT */
|
|
|
9f13c6 |
- fail_exit (E_SE_UPDATE);
|
|
|
9f13c6 |
+ rv = E_SE_UPDATE;
|
|
|
9f13c6 |
+ }
|
|
|
9f13c6 |
}
|
|
|
9f13c6 |
}
|
|
|
9f13c6 |
-#endif /* WITH_SELINUX */
|
|
|
9f13c6 |
+#endif
|
|
|
9f13c6 |
|
|
|
9f13c6 |
- nscd_flush_cache ("passwd");
|
|
|
9f13c6 |
- nscd_flush_cache ("group");
|
|
|
9f13c6 |
+ if (mflg) {
|
|
|
9f13c6 |
+ create_home ();
|
|
|
9f13c6 |
+ if (home_added) {
|
|
|
9f13c6 |
+ copy_tree (def_template, prefix_user_home, false, true,
|
|
|
9f13c6 |
+ (uid_t)-1, user_id, (gid_t)-1, user_gid);
|
|
|
9f13c6 |
+ } else {
|
|
|
9f13c6 |
+ fprintf (stderr,
|
|
|
9f13c6 |
+ _("%s: warning: the home directory already exists.\n"
|
|
|
9f13c6 |
+ "Not copying any file from skel directory into it.\n"),
|
|
|
9f13c6 |
+ Prog);
|
|
|
9f13c6 |
+ }
|
|
|
9f13c6 |
+
|
|
|
9f13c6 |
+ }
|
|
|
9f13c6 |
+
|
|
|
9f13c6 |
+ /* Do not create mail directory for system accounts */
|
|
|
9f13c6 |
+ if (!rflg) {
|
|
|
9f13c6 |
+ create_mail ();
|
|
|
9f13c6 |
+ }
|
|
|
9f13c6 |
|
|
|
9f13c6 |
- return E_SUCCESS;
|
|
|
9f13c6 |
+ return rv;
|
|
|
9f13c6 |
}
|
|
|
9f13c6 |
|