diff options
Diffstat (limited to 'src/sysusers/sysusers.c')
| -rw-r--r-- | src/sysusers/sysusers.c | 61 | 
1 files changed, 34 insertions, 27 deletions
| diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index aaa33354f4..ba09727080 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -19,26 +19,26 @@    along with systemd; If not, see <http://www.gnu.org/licenses/>.  ***/ -#include <pwd.h> +#include <getopt.h>  #include <grp.h> -#include <shadow.h>  #include <gshadow.h> -#include <getopt.h> +#include <pwd.h> +#include <shadow.h>  #include <utmp.h> -#include "util.h" -#include "hashmap.h" -#include "specifier.h" -#include "path-util.h" -#include "build.h" -#include "strv.h"  #include "conf-files.h"  #include "copy.h" -#include "utf8.h"  #include "fileio-label.h" -#include "uid-range.h" -#include "selinux-util.h"  #include "formats-util.h" +#include "hashmap.h" +#include "path-util.h" +#include "selinux-util.h" +#include "specifier.h" +#include "strv.h" +#include "uid-range.h" +#include "utf8.h" +#include "util.h" +#include "smack-util.h"  typedef enum ItemType {          ADD_USER = 'u', @@ -353,6 +353,19 @@ static int sync_rights(FILE *from, FILE *to) {          return 0;  } +static int rename_and_apply_smack(const char *temp_path, const char *dest_path) { +        int r = 0; +        if (rename(temp_path, dest_path) < 0) +                return -errno; + +#ifdef SMACK_RUN_LABEL +        r = mac_smack_apply(dest_path, SMACK_ATTR_ACCESS, SMACK_FLOOR_LABEL); +        if (r < 0) +                return r; +#endif +        return r; +} +  static int write_files(void) {          _cleanup_fclose_ FILE *passwd = NULL, *group = NULL, *shadow = NULL, *gshadow = NULL; @@ -699,36 +712,32 @@ static int write_files(void) {          /* And make the new files count */          if (group_changed) {                  if (group) { -                        if (rename(group_tmp, group_path) < 0) { -                                r = -errno; +                        r = rename_and_apply_smack(group_tmp, group_path); +                        if (r < 0)                                  goto finish; -                        }                          group_tmp = mfree(group_tmp);                  }                  if (gshadow) { -                        if (rename(gshadow_tmp, gshadow_path) < 0) { -                                r = -errno; +                        r = rename_and_apply_smack(gshadow_tmp, gshadow_path); +                        if (r < 0)                                  goto finish; -                        }                          gshadow_tmp = mfree(gshadow_tmp);                  }          }          if (passwd) { -                if (rename(passwd_tmp, passwd_path) < 0) { -                        r = -errno; +                r = rename_and_apply_smack(passwd_tmp, passwd_path); +                if (r < 0)                          goto finish; -                }                  passwd_tmp = mfree(passwd_tmp);          }          if (shadow) { -                if (rename(shadow_tmp, shadow_path) < 0) { -                        r = -errno; +                r = rename_and_apply_smack(shadow_tmp, shadow_path); +                if (r < 0)                          goto finish; -                }                  shadow_tmp = mfree(shadow_tmp);          } @@ -1767,9 +1776,7 @@ static int parse_argv(int argc, char *argv[]) {                          return 0;                  case ARG_VERSION: -                        puts(PACKAGE_STRING); -                        puts(SYSTEMD_FEATURES); -                        return 0; +                        return version();                  case ARG_ROOT:                          free(arg_root); | 
