Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data
This commit is contained in:
Dan Walsh
parent
1fefea1eb1
commit
0cd375f839
|
|
@ -174,8 +174,38 @@ index b245364..7c47222 100644
|
|||
va_start(ap, fmt);
|
||||
rc = vfprintf(stderr, fmt, ap);
|
||||
va_end(ap);
|
||||
diff --git a/libselinux/src/load_policy.c b/libselinux/src/load_policy.c
|
||||
index 36ce029..83d2143 100644
|
||||
--- a/libselinux/src/load_policy.c
|
||||
+++ b/libselinux/src/load_policy.c
|
||||
@@ -329,7 +329,7 @@ int selinux_init_load_policy(int *enforce)
|
||||
selinux_getenforcemode(&seconfig);
|
||||
|
||||
/* Check for an override of the mode via the kernel command line. */
|
||||
- rc = mount("none", "/proc", "proc", 0, 0);
|
||||
+ rc = mount("proc", "/proc", "proc", 0, 0);
|
||||
cfg = fopen("/proc/cmdline", "r");
|
||||
if (cfg) {
|
||||
char *tmp;
|
||||
@@ -369,7 +369,7 @@ int selinux_init_load_policy(int *enforce)
|
||||
* Check for the existence of SELinux via selinuxfs, and
|
||||
* mount it if present for use in the calls below.
|
||||
*/
|
||||
- if (mount("none", SELINUXMNT, "selinuxfs", 0, 0) < 0 && errno != EBUSY) {
|
||||
+ if (mount("selinuxfs", SELINUXMNT, "selinuxfs", 0, 0) < 0 && errno != EBUSY) {
|
||||
if (errno == ENODEV) {
|
||||
/*
|
||||
* SELinux was disabled in the kernel, either
|
||||
@@ -398,6 +398,7 @@ int selinux_init_load_policy(int *enforce)
|
||||
if (rc == 0) {
|
||||
/* Successfully disabled, so umount selinuxfs too. */
|
||||
umount(SELINUXMNT);
|
||||
+ fini_selinuxmnt();
|
||||
}
|
||||
/*
|
||||
* If we failed to disable, SELinux will still be
|
||||
diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c
|
||||
index bb4eb9f..c9ae42f 100644
|
||||
index f3e45af..2f3c16a 100644
|
||||
--- a/libselinux/src/matchpathcon.c
|
||||
+++ b/libselinux/src/matchpathcon.c
|
||||
@@ -2,6 +2,7 @@
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
Summary: SELinux library and simple utilities
|
||||
Name: libselinux
|
||||
Version: 2.0.99
|
||||
Release: 1%{?dist}
|
||||
Release: 3%{?dist}
|
||||
License: Public Domain
|
||||
Group: System Environment/Libraries
|
||||
Source: http://www.nsa.gov/research/selinux/%{name}-%{version}.tgz
|
||||
|
|
@ -236,6 +236,12 @@ exit 0
|
|||
%{ruby_sitearch}/selinux.so
|
||||
|
||||
%changelog
|
||||
* Tue Apr 5 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.99-3
|
||||
- Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data
|
||||
|
||||
* Fri Apr 1 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.99-2
|
||||
- Change mount source options to use "proc" and "selinuxfs"
|
||||
|
||||
* Tue Mar 1 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.99-1
|
||||
- Update to upstream
|
||||
* Turn off default user handling when computing user contexts by Dan Walsh
|
||||
|
|
|
|||
Loading…
Reference in New Issue