diff options
author | Denis Vlasenko | 2007-03-12 18:22:55 +0000 |
---|---|---|
committer | Denis Vlasenko | 2007-03-12 18:22:55 +0000 |
commit | 39c651e9097e0e55a52c897982d6e84d281f7396 (patch) | |
tree | ad535283af2299825f65b6b44c889dc7e7bfc842 | |
parent | b3f09f4a5092aacbdc3da80d4fefeaf06445a4f8 (diff) | |
download | busybox-39c651e9097e0e55a52c897982d6e84d281f7396.zip busybox-39c651e9097e0e55a52c897982d6e84d281f7396.tar.gz |
introduce and use setfscreatecon_or_die
(patch by Yuichi Nakamura <ynakam@hitachisoft.jp>)
runcon: *yet another* fix for vda's brainfart :(
-rw-r--r-- | coreutils/install.c | 4 | ||||
-rw-r--r-- | coreutils/libcoreutils/getopt_mk_fifo_nod.c | 5 | ||||
-rw-r--r-- | coreutils/mkdir.c | 5 | ||||
-rw-r--r-- | include/libbb.h | 1 | ||||
-rw-r--r-- | libbb/copy_file.c | 2 | ||||
-rw-r--r-- | libbb/selinux_common.c | 10 | ||||
-rw-r--r-- | selinux/runcon.c | 2 |
7 files changed, 16 insertions, 13 deletions
diff --git a/coreutils/install.c b/coreutils/install.c index 1f65407..a58a23b 100644 --- a/coreutils/install.c +++ b/coreutils/install.c @@ -110,9 +110,7 @@ int install_main(int argc, char **argv) } if (flags & OPT_SET_SECURITY_CONTEXT) { selinux_or_die(); - if (setfscreatecon(scontext) < 0) { - bb_error_msg_and_die("setfscreatecon(%s)", scontext); // perror? - } + setfscreatecon_or_die(scontext); use_default_selinux_context = 0; copy_flags |= FILEUTILS_SET_SECURITY_CONTEXT; } diff --git a/coreutils/libcoreutils/getopt_mk_fifo_nod.c b/coreutils/libcoreutils/getopt_mk_fifo_nod.c index 2e0c274..32fa9be 100644 --- a/coreutils/libcoreutils/getopt_mk_fifo_nod.c +++ b/coreutils/libcoreutils/getopt_mk_fifo_nod.c @@ -43,10 +43,7 @@ mode_t getopt_mk_fifo_nod(int argc, char **argv) #if ENABLE_SELINUX if (opt & 2) { selinux_or_die(); - if (setfscreatecon(scontext)) { - bb_error_msg_and_die("cannot set default file creation context " - "to %s", scontext); - } + setfscreatecon_or_die(scontext); } #endif diff --git a/coreutils/mkdir.c b/coreutils/mkdir.c index 93ded1d..690e4ab 100644 --- a/coreutils/mkdir.c +++ b/coreutils/mkdir.c @@ -62,10 +62,7 @@ int mkdir_main(int argc, char **argv) #if ENABLE_SELINUX if (opt & 4) { selinux_or_die(); - if (setfscreatecon(scontext)) { - bb_error_msg_and_die("cannot set default file creation context " - "to %s", scontext); - } + setfscreatecon_or_die(scontext); } #endif diff --git a/include/libbb.h b/include/libbb.h index 69652b6..401fce4 100644 --- a/include/libbb.h +++ b/include/libbb.h @@ -601,6 +601,7 @@ extern void renew_current_security_context(void); extern void set_current_security_context(security_context_t sid); extern context_t set_security_context_component(security_context_t cur_context, char *user, char *role, char *type, char *range); +extern void setfscreatecon_or_die(security_context_t scontext); #endif extern void selinux_or_die(void); extern int restricted_shell(const char *shell); diff --git a/libbb/copy_file.c b/libbb/copy_file.c index 6391824..07564af 100644 --- a/libbb/copy_file.c +++ b/libbb/copy_file.c @@ -74,7 +74,7 @@ int copy_file(const char *source, const char *dest, int flags) } } else { if (errno == ENOTSUP || errno == ENODATA) { - setfscreatecon(NULL); + setfscreatecon_or_die(NULL); } else { bb_perror_msg("cannot lgetfilecon %s", source); return -1; diff --git a/libbb/selinux_common.c b/libbb/selinux_common.c index 70d63a4..d506f06 100644 --- a/libbb/selinux_common.c +++ b/libbb/selinux_common.c @@ -28,3 +28,13 @@ error: context_free(con); return NULL; } + +void setfscreatecon_or_die(security_context_t scontext) +{ + if (setfscreatecon(scontext) < 0) { + /* Can be NULL. All known printf implementations + * display "(null)", "<null>" etc */ + bb_perror_msg_and_die("cannot set default " + "file creation context to %s", scontext); + } +} diff --git a/selinux/runcon.c b/selinux/runcon.c index 24e436f..8888ccc 100644 --- a/selinux/runcon.c +++ b/selinux/runcon.c @@ -132,6 +132,6 @@ int runcon_main(int argc, char *argv[]) execvp(argv[0], argv); - bb_perror_msg_and_die("cannot execute '%s'", command); + bb_perror_msg_and_die("cannot execute '%s'", argv[0]); return 1; } |