Revert "socket: introduce SELinuxLabelViaNet option"

This reverts commit cf8bd44339b00330fdbc91041d6731ba8aba9fec. Needs more discussion on the mailing list.
author: Lennart Poettering <lennart@poettering.net> 2014-08-19 19:16:08 +0200
committer: Lennart Poettering <lennart@poettering.net> 2014-08-19 19:16:08 +0200
commit: 3bb07b7680c543c982077ac075abe8badeb46ca1 (patch)
tree: 958ea1a7da76d0cb817c30f2b6d1abad41e0691f /src/shared/label.c
parent: 8530dc4467691a893aa2e07319b18a84fec96cad (diff)
1 files changed, 0 insertions, 69 deletions
diff --git a/src/shared/label.c b/src/shared/label.c
index dd89bec6e8..25a8b361b7 100644
--- a/src/shared/label.c
+++ b/src/shared/label.c
@@ -31,7 +31,6 @@
 #ifdef HAVE_SELINUX
 #include <selinux/selinux.h>
 #include <selinux/label.h>
-#include <selinux/context.h>
 #endif
 
 #include "label.h"
@@ -244,74 +243,6 @@ fail:
         return r;
 }
 
-int label_get_child_label(int socket_fd, const char *exe, char **label) {
-        int r = 0;
-
-#ifdef HAVE_SELINUX
-
-        security_context_t mycon = NULL, peercon = NULL, fcon = NULL, ret = NULL;
-        security_class_t sclass;
-        context_t pcon = NULL, bcon = NULL;
-        const char *range = NULL;
-
-        assert(socket_fd >= 0);
-        assert(exe);
-        assert(label);
-
-        r = getcon(&mycon);
-        if (r < 0)
-                goto out;
-
-        r = getpeercon(socket_fd, &peercon);
-        if (r < 0)
-                goto out;
-
-        r = getfilecon(exe, &fcon);
-        if (r < 0)
-                goto out;
-
-        bcon = context_new(mycon);
-        if (!bcon)
-                goto out;
-
-        pcon = context_new(peercon);
-        if (!pcon)
-                goto out;
-
-        range = context_range_get(pcon);
-        if (!range)
-                goto out;
-
-        r = context_range_set(bcon, range);
-        if (r)
-                goto out;
-
-        freecon(mycon);
-        mycon = context_str(bcon);
-        if (!mycon)
-                goto out;
-
-        sclass = string_to_security_class("process");
-        r = security_compute_create(mycon, fcon, sclass, &ret);
-        if (r < 0)
-                goto out;
-
-        *label = ret;
-
-out:
-        if (r && security_getenforce() == 1)
-                r = -errno;
-
-        freecon(mycon);
-        freecon(peercon);
-        freecon(fcon);
-        context_free(pcon);
-        context_free(bcon);
-
-#endif
-        return r;
-}
-
 int label_context_set(const char *path, mode_t mode) {
         int r = 0;
author	Lennart Poettering <lennart@poettering.net>	2014-08-19 19:16:08 +0200
committer	Lennart Poettering <lennart@poettering.net>	2014-08-19 19:16:08 +0200
commit	3bb07b7680c543c982077ac075abe8badeb46ca1 (patch)
tree	958ea1a7da76d0cb817c30f2b6d1abad41e0691f /src/shared/label.c
parent	8530dc4467691a893aa2e07319b18a84fec96cad (diff)