rpms/libselinux
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data

Browse Source
This commit is contained in:
Dan Walsh 2011-04-05 11:25:39 -04:00
parent 1fefea1eb1
commit 0cd375f839
2 changed files with 38 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
libselinux-rhat.patch
View File

@ -174,8 +174,38 @@ index b245364..7c47222 100644
va_start(ap, fmt); va_start(ap, fmt);
rc = vfprintf(stderr, fmt, ap); rc = vfprintf(stderr, fmt, ap);
va_end(ap); va_end(ap);
diff --git a/libselinux/src/load_policy.c b/libselinux/src/load_policy.c
index 36ce029..83d2143 100644
--- a/libselinux/src/load_policy.c
+++ b/libselinux/src/load_policy.c
@@ -329,7 +329,7 @@ int selinux_init_load_policy(int *enforce)
selinux_getenforcemode(&seconfig);
/* Check for an override of the mode via the kernel command line. */
- rc = mount("none", "/proc", "proc", 0, 0);
+ rc = mount("proc", "/proc", "proc", 0, 0);
cfg = fopen("/proc/cmdline", "r");
if (cfg) {
char *tmp;
@@ -369,7 +369,7 @@ int selinux_init_load_policy(int *enforce)
* Check for the existence of SELinux via selinuxfs, and
* mount it if present for use in the calls below.
*/
- if (mount("none", SELINUXMNT, "selinuxfs", 0, 0) < 0 && errno != EBUSY) {
+ if (mount("selinuxfs", SELINUXMNT, "selinuxfs", 0, 0) < 0 && errno != EBUSY) {
if (errno == ENODEV) {
/*
* SELinux was disabled in the kernel, either
@@ -398,6 +398,7 @@ int selinux_init_load_policy(int *enforce)
if (rc == 0) {
/* Successfully disabled, so umount selinuxfs too. */
umount(SELINUXMNT);
+ fini_selinuxmnt();
}
/*
* If we failed to disable, SELinux will still be
diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c
index bb4eb9f..c9ae42f 100644 index f3e45af..2f3c16a 100644
--- a/libselinux/src/matchpathcon.c --- a/libselinux/src/matchpathcon.c
+++ b/libselinux/src/matchpathcon.c +++ b/libselinux/src/matchpathcon.c
@@ -2,6 +2,7 @@ @@ -2,6 +2,7 @@

8
libselinux.spec
View File

@ -7,7 +7,7 @@
Summary: SELinux library and simple utilities Summary: SELinux library and simple utilities
Name: libselinux Name: libselinux
Version: 2.0.99 Version: 2.0.99
Release: 1%{?dist} Release: 3%{?dist}
License: Public Domain License: Public Domain
Group: System Environment/Libraries Group: System Environment/Libraries
Source: http://www.nsa.gov/research/selinux/%{name}-%{version}.tgz Source: http://www.nsa.gov/research/selinux/%{name}-%{version}.tgz
@ -236,6 +236,12 @@ exit 0
%{ruby_sitearch}/selinux.so %{ruby_sitearch}/selinux.so
%changelog %changelog
* Tue Apr 5 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.99-3
- Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data
* Fri Apr 1 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.99-2
- Change mount source options to use "proc" and "selinuxfs"
* Tue Mar 1 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.99-1 * Tue Mar 1 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.99-1
- Update to upstream - Update to upstream
* Turn off default user handling when computing user contexts by Dan Walsh * Turn off default user handling when computing user contexts by Dan Walsh