diff options
| author | Kay Sievers <kay.sievers@vrfy.org> | 2010-05-20 09:04:26 +0200 |
|---|---|---|
| committer | Kay Sievers <kay.sievers@vrfy.org> | 2010-05-20 09:04:26 +0200 |
| commit | cb9a0eeeab56c402dbbab79f3c1be985139ccfd9 (patch) | |
| tree | 849be32dcc5df25ca1eda1928eb8dd6a74cd09d6 /libudev | |
| parent | c1332ae89866f243f4817dc4d3bdd7f11d3f9a9a (diff) | |
udevd: create standard symlinks and handle /lib/udev/devices
Diffstat (limited to 'libudev')
| -rw-r--r-- | libudev/libudev-private.h | 3 | ||||
| -rw-r--r-- | libudev/libudev-selinux-private.c | 28 |
2 files changed, 30 insertions, 1 deletions
diff --git a/libudev/libudev-private.h b/libudev/libudev-private.h index 3758c5b1b4..fa9722360b 100644 --- a/libudev/libudev-private.h +++ b/libudev/libudev-private.h @@ -227,12 +227,15 @@ static inline void udev_selinux_init(struct udev *udev) {} static inline void udev_selinux_exit(struct udev *udev) {} static inline void udev_selinux_lsetfilecon(struct udev *udev, const char *file, unsigned int mode) {} static inline void udev_selinux_setfscreatecon(struct udev *udev, const char *file, unsigned int mode) {} +static inline void udev_selinux_setfscreateconat(struct udev *udev, int dirfd, const char *file, unsigned int mode) {} static inline void udev_selinux_resetfscreatecon(struct udev *udev) {} #else void udev_selinux_init(struct udev *udev); void udev_selinux_exit(struct udev *udev); void udev_selinux_lsetfilecon(struct udev *udev, const char *file, unsigned int mode); void udev_selinux_setfscreatecon(struct udev *udev, const char *file, unsigned int mode); +void udev_selinux_setfscreateconat(struct udev *udev, int dirfd, const char *file, unsigned int mode); void udev_selinux_resetfscreatecon(struct udev *udev); #endif + #endif diff --git a/libudev/libudev-selinux-private.c b/libudev/libudev-selinux-private.c index 84f8b6a63f..2d4463d864 100644 --- a/libudev/libudev-selinux-private.c +++ b/libudev/libudev-selinux-private.c @@ -53,7 +53,7 @@ void udev_selinux_lsetfilecon(struct udev *udev, const char *file, unsigned int if (matchpathcon(file, mode, &scontext) < 0) { err(udev, "matchpathcon(%s) failed\n", file); return; - } + } if (lsetfilecon(file, scontext) < 0) err(udev, "setfilecon %s failed: %m\n", file); freecon(scontext); @@ -65,6 +65,7 @@ void udev_selinux_setfscreatecon(struct udev *udev, const char *file, unsigned i if (!selinux_enabled) return; + if (matchpathcon(file, mode, &scontext) < 0) { err(udev, "matchpathcon(%s) failed\n", file); return; @@ -81,3 +82,28 @@ void udev_selinux_resetfscreatecon(struct udev *udev) if (setfscreatecon(selinux_prev_scontext) < 0) err(udev, "setfscreatecon failed: %m\n"); } + +void udev_selinux_setfscreateconat(struct udev *udev, int dirfd, const char *file, unsigned int mode) +{ + char filename[UTIL_PATH_SIZE]; + + if (!selinux_enabled) + return; + + /* resolve relative filename */ + if (file[0] != '/') { + char procfd[UTIL_PATH_SIZE]; + char target[UTIL_PATH_SIZE]; + ssize_t len; + + snprintf(procfd, sizeof(procfd), "/proc/%u/fd/%u", getpid(), dirfd); + len = readlink(procfd, target, sizeof(target)); + if (len <= 0 || len == sizeof(target)) + return; + target[len] = '\0'; + + util_strscpyl(filename, sizeof(filename), target, "/", file, NULL); + file = filename; + } + udev_selinux_setfscreatecon(udev, file, mode); +} |