diff options
author | Lennart Poettering <lennart@poettering.net> | 2011-08-29 23:36:10 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2011-08-29 23:36:10 +0200 |
commit | 4d4c74866c12c98b2834e8eff218b74cb83bb608 (patch) | |
tree | 54421474a5f370f7c9f24fd2691fe98596429791 | |
parent | 990a1abae249a52eed6fa6489d54873726510620 (diff) |
selinux: retest selinux after we loaded the policy
-rw-r--r-- | src/label.c | 7 | ||||
-rw-r--r-- | src/label.h | 2 | ||||
-rw-r--r-- | src/selinux-setup.c | 2 |
3 files changed, 10 insertions, 1 deletions
diff --git a/src/label.c b/src/label.c index a5994622c7..fb9a1b4262 100644 --- a/src/label.c +++ b/src/label.c @@ -33,8 +33,9 @@ static struct selabel_handle *label_hnd = NULL; +static int use_selinux_cached = -1; + static inline bool use_selinux(void) { - static int use_selinux_cached = -1; if (use_selinux_cached < 0) use_selinux_cached = is_selinux_enabled() > 0; @@ -42,6 +43,10 @@ static inline bool use_selinux(void) { return use_selinux_cached; } +void label_retest_selinux(void) { + use_selinux_cached = -1; +} + #endif int label_init(void) { diff --git a/src/label.h b/src/label.h index 321d21f650..6e48efaa07 100644 --- a/src/label.h +++ b/src/label.h @@ -43,4 +43,6 @@ int label_get_create_label_from_exe(const char *exe, char **label); int label_mkdir(const char *path, mode_t mode); +void label_retest_selinux(void); + #endif diff --git a/src/selinux-setup.c b/src/selinux-setup.c index dc101b13ba..2abd99e6a2 100644 --- a/src/selinux-setup.c +++ b/src/selinux-setup.c @@ -73,6 +73,8 @@ int selinux_setup(bool *loaded_policy) { char timespan[FORMAT_TIMESPAN_MAX]; char *label; + label_retest_selinux(); + /* Transition to the new context */ r = label_get_create_label_from_exe(SYSTEMD_BINARY_PATH, &label); if (r < 0 || label == NULL) { |