rpms / libselinux

Clone
Source Code
GIT

Files

  1.   70810f17e4fb870fe858822fdc20f64453992ea6
  2.   libselinux-rhat.patch
Blob Blame History Raw 
Index: libselinux/include/selinux/selinux.h
===================================================================
RCS file: /nfshome/pal/CVS/selinux-usr/libselinux/include/selinux/selinux.h,v
retrieving revision 1.50
diff -u -p -r1.50 selinux.h
--- libselinux/include/selinux/selinux.h	7 Nov 2005 19:30:36 -0000	1.50
+++ libselinux/include/selinux/selinux.h	8 Nov 2005 19:04:31 -0000
@@ -292,6 +292,7 @@ extern void set_matchpathcon_canoncon(in
 
 /* Set flags controlling operation of matchpathcon_init or matchpathcon. */
 #define MATCHPATHCON_BASEONLY 1 /* Only process the base file_contexts file. */
+#define MATCHPATHCON_NOTRANS  2 /* Do not perform any context translation. */
 extern void set_matchpathcon_flags(unsigned int flags);
 
 /* Load the file contexts configuration specified by 'path'
Index: libselinux/src/matchpathcon.c
===================================================================
RCS file: /nfshome/pal/CVS/selinux-usr/libselinux/src/matchpathcon.c,v
retrieving revision 1.32
diff -u -p -r1.32 matchpathcon.c
--- libselinux/src/matchpathcon.c	7 Nov 2005 19:30:37 -0000	1.32
+++ libselinux/src/matchpathcon.c	8 Nov 2005 19:08:05 -0000
@@ -570,6 +570,10 @@ static int process_line( const char *pat
 	skip_type:
 		if (strcmp(context, "<<none>>")) {
 			char *tmpcon = NULL;
+
+			if (myflags & MATCHPATHCON_NOTRANS)
+				goto skip_trans;
+
 			if (context_translations) {
 				if (raw_to_trans_context(context, &tmpcon)) {
 					myprintf("%s: line %u has invalid "
@@ -584,6 +588,7 @@ static int process_line( const char *pat
 					return -1;
 			}
 
+skip_trans:
 			if (myinvalidcon) {
 				/* Old-style validation of context. */
 				if (myinvalidcon(path, lineno, context)) 
Index: policycoreutils/setfiles/setfiles.c
===================================================================
RCS file: /nfshome/pal/CVS/selinux-usr/policycoreutils/setfiles/setfiles.c,v
retrieving revision 1.38
diff -u -p -r1.38 setfiles.c
--- policycoreutils/setfiles/setfiles.c	7 Nov 2005 19:31:55 -0000	1.38
+++ policycoreutils/setfiles/setfiles.c	8 Nov 2005 19:12:31 -0000
@@ -388,13 +388,7 @@ int canoncon(const char *path, unsigned 
 	int valid = 1;
 
 	if (policyfile) {
-		char *raw;
-		if (selinux_trans_to_raw_context(context, &raw))
-			valid = 0;
-		if (valid) {
-			valid = (sepol_check_context (raw) >= 0);
-			freecon(raw);
-		}
+		valid = (sepol_check_context (context) >= 0);
 	} else if (security_canonicalize_context(context, &tmpcon) < 0) {
 		if (errno != ENOENT) {
 			valid = 0;
@@ -447,8 +441,9 @@ int main(int argc, char **argv)
 			fclose(policystream);
 
 			/* Only process the specified file_contexts file, not
-			   any .homedirs or .local files. */
-			set_matchpathcon_flags(MATCHPATHCON_BASEONLY);
+			   any .homedirs or .local files, and do not perform
+			   context translations. */
+			set_matchpathcon_flags(MATCHPATHCON_BASEONLY|MATCHPATHCON_NOTRANS);
 			
 			break;
 		}
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.