|
 |
7f93bc2 |
From 52af6106165bb6521e0dab433e647878a33e901c Mon Sep 17 00:00:00 2001
|
|
|
a59965a |
From: Lennart Poettering <lennart@poettering.net>
|
|
|
a59965a |
Date: Tue, 10 Jun 2014 22:48:56 +0200
|
|
|
a59965a |
Subject: [PATCH] label: when clearing selinux context, don't mangle errno
|
|
|
a59965a |
|
|
|
a59965a |
(cherry picked from commit 874f1947e33922f08c578696af5b628a0f67fec2)
|
|
|
a59965a |
(cherry picked from commit 00d967b989929e176e940345bbf3ffa65832b15f)
|
|
|
a59965a |
|
|
|
a59965a |
Conflicts:
|
|
|
a59965a |
src/tmpfiles/tmpfiles.c
|
|
|
a59965a |
---
|
|
|
a59965a |
src/shared/label.c | 4 ++++
|
|
|
a59965a |
src/tmpfiles/tmpfiles.c | 13 +++++--------
|
|
|
a59965a |
2 files changed, 9 insertions(+), 8 deletions(-)
|
|
|
a59965a |
|
|
|
a59965a |
diff --git a/src/shared/label.c b/src/shared/label.c
|
|
|
a59965a |
index fde39f2..3a18e31 100644
|
|
|
a59965a |
--- a/src/shared/label.c
|
|
|
a59965a |
+++ b/src/shared/label.c
|
|
|
a59965a |
@@ -230,6 +230,8 @@ int label_socket_set(const char *label) {
|
|
|
a59965a |
void label_context_clear(void) {
|
|
|
a59965a |
|
|
|
a59965a |
#ifdef HAVE_SELINUX
|
|
|
a59965a |
+ PROTECT_ERRNO;
|
|
|
a59965a |
+
|
|
|
a59965a |
if (!use_selinux())
|
|
|
a59965a |
return;
|
|
|
a59965a |
|
|
|
a59965a |
@@ -240,6 +242,8 @@ void label_context_clear(void) {
|
|
|
a59965a |
void label_socket_clear(void) {
|
|
|
a59965a |
|
|
|
a59965a |
#ifdef HAVE_SELINUX
|
|
|
a59965a |
+ PROTECT_ERRNO;
|
|
|
a59965a |
+
|
|
|
a59965a |
if (!use_selinux())
|
|
|
a59965a |
return;
|
|
|
a59965a |
|
|
|
a59965a |
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
|
|
|
a59965a |
index 4244656..be2115c 100644
|
|
|
a59965a |
--- a/src/tmpfiles/tmpfiles.c
|
|
|
a59965a |
+++ b/src/tmpfiles/tmpfiles.c
|
|
|
a59965a |
@@ -460,18 +460,19 @@ static int item_set_perms(Item *i, const char *path) {
|
|
|
a59965a |
}
|
|
|
a59965a |
|
|
|
a59965a |
static int write_one_file(Item *i, const char *path) {
|
|
|
a59965a |
- int r, e, fd, flags;
|
|
|
a59965a |
+ int r, fd, flags;
|
|
|
a59965a |
struct stat st;
|
|
|
a59965a |
|
|
|
a59965a |
+ assert(i);
|
|
|
a59965a |
+ assert(path);
|
|
|
a59965a |
+
|
|
|
a59965a |
flags = i->type == CREATE_FILE ? O_CREAT|O_APPEND :
|
|
|
a59965a |
i->type == TRUNCATE_FILE ? O_CREAT|O_TRUNC : 0;
|
|
|
a59965a |
|
|
|
a59965a |
RUN_WITH_UMASK(0) {
|
|
|
a59965a |
label_context_set(path, S_IFREG);
|
|
|
a59965a |
fd = open(path, flags|O_NDELAY|O_CLOEXEC|O_WRONLY|O_NOCTTY|O_NOFOLLOW, i->mode);
|
|
|
a59965a |
- e = errno;
|
|
|
a59965a |
label_context_clear();
|
|
|
a59965a |
- errno = e;
|
|
|
a59965a |
}
|
|
|
a59965a |
|
|
|
a59965a |
if (fd < 0) {
|
|
|
a59965a |
@@ -633,7 +634,7 @@ static int glob_item(Item *i, int (*action)(Item *, const char *)) {
|
|
|
a59965a |
}
|
|
|
a59965a |
|
|
|
a59965a |
static int create_item(Item *i) {
|
|
|
a59965a |
- int r, e;
|
|
|
a59965a |
+ int r;
|
|
|
a59965a |
struct stat st;
|
|
|
a59965a |
|
|
|
a59965a |
assert(i);
|
|
|
a59965a |
@@ -728,9 +729,7 @@ static int create_item(Item *i) {
|
|
|
a59965a |
|
|
|
a59965a |
label_context_set(i->path, S_IFLNK);
|
|
|
a59965a |
r = symlink(i->argument, i->path);
|
|
|
a59965a |
- e = errno;
|
|
|
a59965a |
label_context_clear();
|
|
|
a59965a |
- errno = e;
|
|
|
a59965a |
|
|
|
a59965a |
if (r < 0 && errno != EEXIST) {
|
|
|
a59965a |
log_error("symlink(%s, %s) failed: %m", i->argument, i->path);
|
|
|
a59965a |
@@ -772,9 +771,7 @@ static int create_item(Item *i) {
|
|
|
a59965a |
RUN_WITH_UMASK(0000) {
|
|
|
a59965a |
label_context_set(i->path, file_type);
|
|
|
a59965a |
r = mknod(i->path, i->mode | file_type, i->major_minor);
|
|
|
a59965a |
- e = errno;
|
|
|
a59965a |
label_context_clear();
|
|
|
a59965a |
- errno = e;
|
|
|
a59965a |
}
|
|
|
a59965a |
|
|
|
a59965a |
if (r < 0 && errno != EEXIST) {
|