Blame SOURCES/shadow-4.6-selinux.patch

9f13c6
diff -up shadow-4.6/lib/semanage.c.selinux shadow-4.6/lib/semanage.c
9f13c6
--- shadow-4.6/lib/semanage.c.selinux	2018-04-29 18:42:37.000000000 +0200
9f13c6
+++ shadow-4.6/lib/semanage.c	2018-05-28 13:38:20.551008911 +0200
9f13c6
@@ -294,6 +294,9 @@ int set_seuser (const char *login_name,
9f13c6
 
9f13c6
 	ret = 0;
9f13c6
 
9f13c6
+        /* drop obsolete matchpathcon cache */
9f13c6
+        matchpathcon_fini();
9f13c6
+
9f13c6
 done:
9f13c6
 	semanage_seuser_key_free (key);
9f13c6
 	semanage_handle_destroy (handle);
9f13c6
@@ -369,6 +372,10 @@ int del_seuser (const char *login_name)
9f13c6
 	}
9f13c6
 
9f13c6
 	ret = 0;
9f13c6
+
9f13c6
+        /* drop obsolete matchpathcon cache */
9f13c6
+        matchpathcon_fini();
9f13c6
+
9f13c6
 done:
9f13c6
 	semanage_handle_destroy (handle);
9f13c6
 	return ret;
9f13c6
diff -up shadow-4.6/src/useradd.c.selinux shadow-4.6/src/useradd.c
9f13c6
--- shadow-4.6/src/useradd.c.selinux	2018-05-28 13:43:30.996748997 +0200
9f13c6
+++ shadow-4.6/src/useradd.c	2018-05-28 13:44:04.645486199 +0200
9f13c6
@@ -2120,6 +2120,7 @@ static void create_mail (void)
9f13c6
  */
9f13c6
 int main (int argc, char **argv)
9f13c6
 {
9f13c6
+	int rv = E_SUCCESS;
9f13c6
 #ifdef ACCT_TOOLS_SETUID
9f13c6
 #ifdef USE_PAM
9f13c6
 	pam_handle_t *pamh = NULL;
9f13c6
@@ -2342,27 +2343,11 @@ int main (int argc, char **argv)
9f13c6
 
9f13c6
 	usr_update ();
9f13c6
 
9f13c6
-	if (mflg) {
9f13c6
-		create_home ();
9f13c6
-		if (home_added) {
9f13c6
-			copy_tree (def_template, prefix_user_home, false, false,
9f13c6
-			           (uid_t)-1, user_id, (gid_t)-1, user_gid);
9f13c6
-		} else {
9f13c6
-			fprintf (stderr,
9f13c6
-			         _("%s: warning: the home directory already exists.\n"
9f13c6
-			           "Not copying any file from skel directory into it.\n"),
9f13c6
-			         Prog);
9f13c6
-		}
9f13c6
-
9f13c6
-	}
9f13c6
-
9f13c6
-	/* Do not create mail directory for system accounts */
9f13c6
-	if (!rflg) {
9f13c6
-		create_mail ();
9f13c6
-	}
9f13c6
-
9f13c6
 	close_files ();
9f13c6
 
9f13c6
+	nscd_flush_cache ("passwd");
9f13c6
+	nscd_flush_cache ("group");
9f13c6
+
9f13c6
 	/*
9f13c6
 	 * tallylog_reset needs to be able to lookup
9f13c6
 	 * a valid existing user name,
9f13c6
@@ -2373,8 +2358,9 @@ int main (int argc, char **argv)
9f13c6
 	}
9f13c6
 
9f13c6
 #ifdef WITH_SELINUX
9f13c6
-	if (Zflg) {
9f13c6
-		if (set_seuser (user_name, user_selinux) != 0) {
9f13c6
+	if (Zflg && *user_selinux) {
9f13c6
+		if (is_selinux_enabled () > 0) {
9f13c6
+		    if (set_seuser (user_name, user_selinux) != 0) {
9f13c6
 			fprintf (stderr,
9f13c6
 			         _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
9f13c6
 			         Prog, user_name, user_selinux);
9f13c6
@@ -2383,14 +2369,31 @@ int main (int argc, char **argv)
9f13c6
 			              "adding SELinux user mapping",
9f13c6
 			              user_name, (unsigned int) user_id, 0);
9f13c6
 #endif				/* WITH_AUDIT */
9f13c6
-			fail_exit (E_SE_UPDATE);
9f13c6
+			rv = E_SE_UPDATE;
9f13c6
+		    }
9f13c6
 		}
9f13c6
 	}
9f13c6
-#endif				/* WITH_SELINUX */
9f13c6
+#endif
9f13c6
 
9f13c6
-	nscd_flush_cache ("passwd");
9f13c6
-	nscd_flush_cache ("group");
9f13c6
+	if (mflg) {
9f13c6
+		create_home ();
9f13c6
+		if (home_added) {
9f13c6
+			copy_tree (def_template, prefix_user_home, false, true,
9f13c6
+			           (uid_t)-1, user_id, (gid_t)-1, user_gid);
9f13c6
+		} else {
9f13c6
+			fprintf (stderr,
9f13c6
+			         _("%s: warning: the home directory already exists.\n"
9f13c6
+			           "Not copying any file from skel directory into it.\n"),
9f13c6
+			         Prog);
9f13c6
+		}
9f13c6
+
9f13c6
+	}
9f13c6
+
9f13c6
+	/* Do not create mail directory for system accounts */
9f13c6
+	if (!rflg) {
9f13c6
+		create_mail ();
9f13c6
+	}
9f13c6
 
9f13c6
-	return E_SUCCESS;
9f13c6
+	return rv;
9f13c6
 }
9f13c6