Blob Blame Raw
diff --git a/NEWS b/NEWS
index e9335f0..e762b2d 100644
--- a/NEWS
+++ b/NEWS
@@ -1,4 +1,9 @@ GNU sed NEWS                                    -*- outline -*-
 GNU sed NEWS                                    -*- outline -*-
+ 
+  sed -i now creates selinux context based on the context of the symlink
+  instead of the symlink target. [Bug present since at least sed-4.2]
+  sed -i --follow-symlinks remains unchanged.
+
 
 * Noteworthy changes in release 4.4 (2017-02-03) [stable]
 
diff --git a/sed/execute.c b/sed/execute.c
index 1843392..453886e 100644
--- a/sed/execute.c
+++ b/sed/execute.c
@@ -607,7 +607,7 @@ open_next_file(const char *name, struct input *input)
       if (is_selinux_enabled () > 0)
         {
           security_context_t con;
-          if (getfilecon (input->in_file_name, &con) != -1)
+          if (lgetfilecon (input->in_file_name, &con) != -1)
             {
               /* Save and restore the old context for the sake of w and W
                  commands.  */
2.9.5