From ca6abddd0f192d574e5ac74dcf8314b30f2aed5b Mon Sep 17 00:00:00 2001
From: "Jan F. Chadima" <jfch@eglon.jagda.eu>
Date: Thu, 21 Jul 2011 14:52:34 +0200
Subject: [PATCH] Do not change context when run under unconfined_t

---
 openssh-5.8p2-unconfined.patch | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 openssh-5.8p2-unconfined.patch

diff --git a/openssh-5.8p2-unconfined.patch b/openssh-5.8p2-unconfined.patch
new file mode 100644
index 0000000..79079d7
--- /dev/null
+++ b/openssh-5.8p2-unconfined.patch
@@ -0,0 +1,15 @@
+diff -up openssh-5.8p2/openbsd-compat/port-linux.c.unconfined openssh-5.8p2/openbsd-compat/port-linux.c
+--- openssh-5.8p2/openbsd-compat/port-linux.c.unconfined	2011-07-21 12:23:53.912418908 +0200
++++ openssh-5.8p2/openbsd-compat/port-linux.c	2011-07-21 13:33:14.188545403 +0200
+@@ -491,6 +491,11 @@ ssh_selinux_change_context(const char *n
+ 		return;
+ 	}
+ 
++	if (!strncmp(cx, ":unconfined_t:", strlen(":unconfined_t:"))) {
++		debug3("%s: do not change unconfined_t", __func__);
++		return;
++	}
++
+ 	newlen = strlen(oldctx) + strlen(newname) + 1;
+ 	newctx = xmalloc(newlen);
+ 	len = cx - oldctx + 1;