diff options
Diffstat (limited to 'src/core/selinux-access.c')
| -rw-r--r-- | src/core/selinux-access.c | 29 |
1 files changed, 3 insertions, 26 deletions
diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c index e9a9a020de..40ca0c6166 100644 --- a/src/core/selinux-access.c +++ b/src/core/selinux-access.c @@ -38,6 +38,7 @@ #include "selinux-util.h" #include "audit-fd.h" #include "strv.h" +#include "path-util.h" static bool initialized = false; @@ -245,7 +246,7 @@ int mac_selinux_generic_access_check( if (path) { /* Get the file context of the unit file */ - r = getfilecon(path, &fcon); + r = getfilecon_raw(path, &fcon); if (r < 0) { r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get file context on %s.", path); goto finish; @@ -253,7 +254,7 @@ int mac_selinux_generic_access_check( tclass = "service"; } else { - r = getcon(&fcon); + r = getcon_raw(&fcon); if (r < 0) { r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get current context."); goto finish; @@ -288,27 +289,3 @@ finish: return 0; #endif } - -int mac_selinux_unit_access_check_strv( - char **units, - sd_bus_message *message, - Manager *m, - const char *permission, - sd_bus_error *error) { - -#ifdef HAVE_SELINUX - char **i; - Unit *u; - int r; - - STRV_FOREACH(i, units) { - u = manager_get_unit(m, *i); - if (u) { - r = mac_selinux_unit_access_check(u, message, permission, error); - if (r < 0) - return r; - } - } -#endif - return 0; -} |