summaryrefslogtreecommitdiff
path: root/src/basic
diff options
context:
space:
mode:
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-03-01 20:35:55 -0500
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-03-01 20:39:30 -0500
commitc3dacc8bbf2dc2f5d498072418289c3ba79160ac (patch)
treef22b5a261d0b6612e28104215e321efa9e3bef7f /src/basic
parent114761866a5e9376277daf847663d23361ffe0c0 (diff)
selinux: always try to load the full selinux db
https://github.com/systemd/systemd/pull/2508#issuecomment-190901170 Maybe fixes https://bugzilla.redhat.com/show_bug.cgi?id=1308771.
Diffstat (limited to 'src/basic')
-rw-r--r--src/basic/selinux-util.c16
-rw-r--r--src/basic/selinux-util.h2
2 files changed, 5 insertions, 13 deletions
diff --git a/src/basic/selinux-util.c b/src/basic/selinux-util.c
index 6c63b9d652..71ceac1bcd 100644
--- a/src/basic/selinux-util.c
+++ b/src/basic/selinux-util.c
@@ -80,31 +80,23 @@ void mac_selinux_retest(void) {
#endif
}
-int mac_selinux_init(const char *prefix) {
+int mac_selinux_init(void) {
int r = 0;
#ifdef HAVE_SELINUX
usec_t before_timestamp, after_timestamp;
struct mallinfo before_mallinfo, after_mallinfo;
- if (!mac_selinux_use())
+ if (label_hnd)
return 0;
- if (label_hnd)
+ if (!mac_selinux_use())
return 0;
before_mallinfo = mallinfo();
before_timestamp = now(CLOCK_MONOTONIC);
- if (prefix) {
- struct selinux_opt options[] = {
- { .type = SELABEL_OPT_SUBSET, .value = prefix },
- };
-
- label_hnd = selabel_open(SELABEL_CTX_FILE, options, ELEMENTSOF(options));
- } else
- label_hnd = selabel_open(SELABEL_CTX_FILE, NULL, 0);
-
+ label_hnd = selabel_open(SELABEL_CTX_FILE, NULL, 0);
if (!label_hnd) {
log_enforcing("Failed to initialize SELinux context: %m");
r = security_getenforce() == 1 ? -errno : 0;
diff --git a/src/basic/selinux-util.h b/src/basic/selinux-util.h
index 27e8edb41b..ce6bc8e44c 100644
--- a/src/basic/selinux-util.h
+++ b/src/basic/selinux-util.h
@@ -29,7 +29,7 @@ bool mac_selinux_use(void);
bool mac_selinux_have(void);
void mac_selinux_retest(void);
-int mac_selinux_init(const char *prefix);
+int mac_selinux_init(void);
void mac_selinux_finish(void);
int mac_selinux_fix(const char *path, bool ignore_enoent, bool ignore_erofs);