|
 |
2de3ab |
From 234af5cf67fc1a3ba99fc246ba65869a3c416545 Mon Sep 17 00:00:00 2001
|
|
|
2de3ab |
From: Iker Pedrosa <ipedrosa@redhat.com>
|
|
|
2de3ab |
Date: Fri, 8 Oct 2021 13:13:13 +0200
|
|
|
2de3ab |
Subject: [PATCH] semanage: close the selabel handle
|
|
|
2de3ab |
|
|
|
2de3ab |
Close the selabel handle to update the file_context. This means that the
|
|
|
2de3ab |
file_context will be remmaped and used by selabel_lookup() to return
|
|
|
2de3ab |
the appropriate context to label the home folder.
|
|
|
2de3ab |
|
|
|
2de3ab |
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1993081
|
|
|
2de3ab |
|
|
|
2de3ab |
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
|
|
|
2de3ab |
---
|
|
|
2de3ab |
lib/prototypes.h | 1 +
|
|
|
2de3ab |
lib/selinux.c | 5 +++++
|
|
|
2de3ab |
lib/semanage.c | 1 +
|
|
|
2de3ab |
3 files changed, 7 insertions(+)
|
|
|
2de3ab |
|
|
|
2de3ab |
diff --git a/lib/prototypes.h b/lib/prototypes.h
|
|
|
2de3ab |
index 1d1586d4..b697e0ec 100644
|
|
|
2de3ab |
--- a/lib/prototypes.h
|
|
|
2de3ab |
+++ b/lib/prototypes.h
|
|
|
2de3ab |
@@ -392,6 +392,7 @@ extern /*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const
|
|
|
2de3ab |
/* selinux.c */
|
|
|
2de3ab |
#ifdef WITH_SELINUX
|
|
|
2de3ab |
extern int set_selinux_file_context (const char *dst_name, mode_t mode);
|
|
|
2de3ab |
+extern void reset_selinux_handle (void);
|
|
|
2de3ab |
extern int reset_selinux_file_context (void);
|
|
|
2de3ab |
extern int check_selinux_permit (const char *perm_name);
|
|
|
2de3ab |
#endif
|
|
|
2de3ab |
diff --git a/lib/selinux.c b/lib/selinux.c
|
|
|
2de3ab |
index c83545f9..b075d4c0 100644
|
|
|
2de3ab |
--- a/lib/selinux.c
|
|
|
2de3ab |
+++ b/lib/selinux.c
|
|
|
2de3ab |
@@ -50,6 +50,11 @@ static void cleanup(void)
|
|
|
2de3ab |
}
|
|
|
2de3ab |
}
|
|
|
2de3ab |
|
|
|
2de3ab |
+void reset_selinux_handle (void)
|
|
|
2de3ab |
+{
|
|
|
2de3ab |
+ cleanup();
|
|
|
2de3ab |
+}
|
|
|
2de3ab |
+
|
|
|
2de3ab |
/*
|
|
|
2de3ab |
* set_selinux_file_context - Set the security context before any file or
|
|
|
2de3ab |
* directory creation.
|
|
|
2de3ab |
diff --git a/lib/semanage.c b/lib/semanage.c
|
|
|
2de3ab |
index 0d30456a..a5bf9218 100644
|
|
|
2de3ab |
--- a/lib/semanage.c
|
|
|
2de3ab |
+++ b/lib/semanage.c
|
|
|
2de3ab |
@@ -293,6 +293,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
|
|
|
2de3ab |
}
|
|
|
2de3ab |
|
|
|
2de3ab |
ret = 0;
|
|
|
2de3ab |
+ reset_selinux_handle();
|
|
|
2de3ab |
|
|
|
2de3ab |
done:
|
|
|
2de3ab |
semanage_seuser_key_free (key);
|
|
|
2de3ab |
--
|
|
|
2de3ab |
2.31.1
|
|
|
2de3ab |
|