summaryrefslogtreecommitdiff
path: root/udev/udev-selinux.c
diff options
context:
space:
mode:
Diffstat (limited to 'udev/udev-selinux.c')
-rw-r--r--udev/udev-selinux.c88
1 files changed, 0 insertions, 88 deletions
diff --git a/udev/udev-selinux.c b/udev/udev-selinux.c
deleted file mode 100644
index 4f1b2bb2d1..0000000000
--- a/udev/udev-selinux.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * Copyright (C) 2008 Kay Sievers <kay.sievers@vrfy.org>
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <stddef.h>
-#include <stdarg.h>
-#include <unistd.h>
-#include <selinux/selinux.h>
-
-#include "udev.h"
-
-static int selinux_enabled;
-security_context_t selinux_prev_scontext;
-
-void udev_selinux_init(struct udev *udev)
-{
- /* record the present security context */
- selinux_enabled = (is_selinux_enabled() > 0);
- info(udev, "selinux=%i\n", selinux_enabled);
- if (!selinux_enabled)
- return;
- matchpathcon_init_prefix(NULL, udev_get_dev_path(udev));
- if (getfscreatecon(&selinux_prev_scontext) < 0) {
- err(udev, "getfscreatecon failed\n");
- selinux_prev_scontext = NULL;
- }
-}
-
-void udev_selinux_exit(struct udev *udev)
-{
- if (!selinux_enabled)
- return;
- freecon(selinux_prev_scontext);
- selinux_prev_scontext = NULL;
-}
-
-void udev_selinux_lsetfilecon(struct udev *udev, const char *file, unsigned int mode)
-{
- security_context_t scontext = NULL;
-
- if (!selinux_enabled)
- return;
- if (matchpathcon(file, mode, &scontext) < 0) {
- err(udev, "matchpathcon(%s) failed\n", file);
- return;
- }
- if (lsetfilecon(file, scontext) < 0)
- err(udev, "setfilecon %s failed: %m\n", file);
- freecon(scontext);
-}
-
-void udev_selinux_setfscreatecon(struct udev *udev, const char *file, unsigned int mode)
-{
- security_context_t scontext = NULL;
-
- if (!selinux_enabled)
- return;
- if (matchpathcon(file, mode, &scontext) < 0) {
- err(udev, "matchpathcon(%s) failed\n", file);
- return;
- }
- if (setfscreatecon(scontext) < 0)
- err(udev, "setfscreatecon %s failed: %m\n", file);
- freecon(scontext);
-}
-
-void udev_selinux_resetfscreatecon(struct udev *udev)
-{
- if (!selinux_enabled)
- return;
- if (setfscreatecon(selinux_prev_scontext) < 0)
- err(udev, "setfscreatecon failed: %m\n");
-}