803fb7
From ca5c3dbfd843b6acd92425a6f56c4b01d1a80dde Mon Sep 17 00:00:00 2001
803fb7
From: Michal Sekletar <msekleta@redhat.com>
803fb7
Date: Mon, 21 Sep 2015 14:55:39 +0200
803fb7
Subject: [PATCH] login: fix label on /run/nologin
803fb7
803fb7
rhel-only for now, not yet posted upstream
803fb7
803fb7
Resolves: #1264073
803fb7
---
803fb7
 Makefile.am               | 3 ++-
803fb7
 src/login/user-sessions.c | 7 ++++++-
803fb7
 2 files changed, 8 insertions(+), 2 deletions(-)
803fb7
803fb7
diff --git a/Makefile.am b/Makefile.am
803fb7
index 58bcc2c42..0fcb73750 100644
803fb7
--- a/Makefile.am
803fb7
+++ b/Makefile.am
803fb7
@@ -5829,7 +5829,8 @@ systemd_user_sessions_SOURCES = \
803fb7
 	src/login/user-sessions.c
803fb7
 
803fb7
 systemd_user_sessions_LDADD = \
803fb7
-	libsystemd-shared.la
803fb7
+	libsystemd-shared.la \
803fb7
+	libsystemd-label.la
803fb7
 
803fb7
 rootlibexec_PROGRAMS += \
803fb7
 	systemd-logind \
803fb7
diff --git a/src/login/user-sessions.c b/src/login/user-sessions.c
803fb7
index 6edb823e8..d1d429c0d 100644
803fb7
--- a/src/login/user-sessions.c
803fb7
+++ b/src/login/user-sessions.c
803fb7
@@ -26,6 +26,7 @@
803fb7
 #include "log.h"
803fb7
 #include "util.h"
803fb7
 #include "fileio.h"
803fb7
+#include "selinux-util.h"
803fb7
 
803fb7
 int main(int argc, char*argv[]) {
803fb7
 
803fb7
@@ -40,6 +41,8 @@ int main(int argc, char*argv[]) {
803fb7
 
803fb7
         umask(0022);
803fb7
 
803fb7
+        mac_selinux_init(NULL);
803fb7
+
803fb7
         if (streq(argv[1], "start")) {
803fb7
                 int r = 0;
803fb7
 
803fb7
@@ -66,7 +69,7 @@ int main(int argc, char*argv[]) {
803fb7
         } else if (streq(argv[1], "stop")) {
803fb7
                 int r;
803fb7
 
803fb7
-                r = write_string_file_atomic("/run/nologin", "System is going down.");
803fb7
+                r = write_string_file_atomic_label("/run/nologin", "System is going down.");
803fb7
                 if (r < 0) {
803fb7
                         log_error_errno(r, "Failed to create /run/nologin: %m");
803fb7
                         return EXIT_FAILURE;
803fb7
@@ -77,5 +80,7 @@ int main(int argc, char*argv[]) {
803fb7
                 return EXIT_FAILURE;
803fb7
         }
803fb7
 
803fb7
+        mac_selinux_finish();
803fb7
+
803fb7
         return EXIT_SUCCESS;
803fb7
 }