rpms / sssd

Clone
Source Code
GIT

Blame 0059-selinux-Begin-and-end-the-transaction-on-the-same-ne.patch

el5 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 main rawhide
  1.   1cdfb000aab60b3efbfba9ad8fb93c04555eaf15
  2.   0059-selinux-Begin-and-end-the-transaction-on-the-same-ne.patch
Blob History Raw
1cdfb00 
From 9c695e3a82fe5903b36b2d514b3284efeadc908c Mon Sep 17 00:00:00 2001
93a3c95 
From: Jakub Hrozek <jhrozek@redhat.com>
93a3c95 
Date: Fri, 10 Apr 2015 11:06:44 +0200
1cdfb00 
Subject: [PATCH 59/99] selinux: Begin and end the transaction on the same
93a3c95 
 nesting level
93a3c95 
MIME-Version: 1.0
93a3c95 
Content-Type: text/plain; charset=UTF-8
93a3c95 
Content-Transfer-Encoding: 8bit
93a3c95
93a3c95 
Transaction should be started and commited on the same code nesting or
93a3c95 
abstraction level. Also, transactions are really costly with libselinux
93a3c95 
and splitting them from initialization will make init function reusable
93a3c95 
by read-only libsemanage functions.
93a3c95
93a3c95 
Reviewed-by: Michal Židek <mzidek@redhat.com>
1cdfb00 
(cherry picked from commit 748b38a7991d78cbf4726f2a14ace5e926629a54)
93a3c95 
---
93a3c95 
 src/util/sss_semanage.c | 20 ++++++++++++++------
93a3c95 
 1 file changed, 14 insertions(+), 6 deletions(-)
93a3c95
93a3c95 
diff --git a/src/util/sss_semanage.c b/src/util/sss_semanage.c
93a3c95 
index d141de1c671e6d62a731e56b10ee14069f27ae87..c0342498cbd0495733a0bf701a06a02cfb705fc7 100644
93a3c95 
--- a/src/util/sss_semanage.c
93a3c95 
+++ b/src/util/sss_semanage.c
93a3c95 
@@ -109,12 +109,6 @@ static semanage_handle_t *sss_semanage_init(void)
93a3c95 
         goto fail;
93a3c95 
     }
93a3c95
93a3c95 
-    ret = semanage_begin_transaction(handle);
93a3c95 
-    if (ret != 0) {
93a3c95 
-        DEBUG(SSSDBG_CRIT_FAILURE, "Cannot begin SELinux transaction\n");
93a3c95 
-        goto fail;
93a3c95 
-    }
93a3c95 
-
93a3c95 
     return handle;
93a3c95 
 fail:
93a3c95 
     sss_semanage_close(handle);
93a3c95 
@@ -243,6 +237,13 @@ int set_seuser(const char *login_name, const char *seuser_name,
93a3c95 
         goto done;
93a3c95 
     }
93a3c95
93a3c95 
+    ret = semanage_begin_transaction(handle);
93a3c95 
+    if (ret != 0) {
93a3c95 
+        DEBUG(SSSDBG_CRIT_FAILURE, "Cannot begin SELinux transaction\n");
93a3c95 
+        ret = EIO;
93a3c95 
+        goto done;
93a3c95 
+    }
93a3c95 
+
93a3c95 
     ret = semanage_seuser_key_create(handle, login_name, &key);
93a3c95 
     if (ret != 0) {
93a3c95 
         DEBUG(SSSDBG_CRIT_FAILURE, "Cannot create SELinux user key\n");
93a3c95 
@@ -303,6 +304,13 @@ int del_seuser(const char *login_name)
93a3c95 
         goto done;
93a3c95 
     }
93a3c95
93a3c95 
+    ret = semanage_begin_transaction(handle);
93a3c95 
+    if (ret != 0) {
93a3c95 
+        DEBUG(SSSDBG_CRIT_FAILURE, "Cannot begin SELinux transaction\n");
93a3c95 
+        ret = EIO;
93a3c95 
+        goto done;
93a3c95 
+    }
93a3c95 
+
93a3c95 
     ret = semanage_seuser_key_create(handle, login_name, &key);
93a3c95 
     if (ret != 0) {
93a3c95 
         DEBUG(SSSDBG_CRIT_FAILURE, "Cannot create SELinux user key\n");
93a3c95 
--
1cdfb00 
2.4.0
93a3c95
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.