summaryrefslogtreecommitdiff
path: root/udev_selinux.c
AgeCommit message (Collapse)Author
2006-08-28update source file headersKay Sievers
2006-05-07selinux: fix typo in block device node selectionKay Sievers
2006-01-09replace libsysfsKay Sievers
We never used any of the libsysfs convenience features. Here we replace it completely with 300 lines of code, which are much simpler and a bit faster cause udev(d) does not open any syfs file for a simple event which does not need any parent device information. Signed-off-by: Kay Sievers <kay.sievers@suse.de>
2005-12-26udev_selinux.c: include udev.hMarco d'Itri
2005-12-22use udev_root instead of "/dev"in selinux matchpathcon_init_prefix()Kay Sievers
Taken from Red Hat CVS: udev-075-selinux.patch
2005-12-06optimize SELinux path matchHarald Hoyer
2005-11-07move some logging from dbg() to info()Marco d'Itri
2005-11-07add strerror() to error logsMarco d'Itri
2005-04-26selinux merge fixups again...Greg KH
2005-04-26more merge fixups, looks like i missed a selinux patch somewhere...Greg KH
2005-04-26[PATCH] udev selinux fixpebenito@gentoo.org
Here is a fix for the SELinux part of udev. Setfscreatecon() overrides the default labeling behavior of SELinux when creating files, so it should only be used for as short of a time as possible, around the mknod or symlink calls. Without this, the files in udev_db get the wrong label because the fscreatecon is reset after the udev_db file creation instead of before. I'm guessing the Redhat people missed this because they modify udev_db to be one big file instead of a directory of small files (at least that's what I'm told). I created selinux_resetfscreatecon() to reset the fscreatecon asap after the file/node is created. Fixed a memory leak in selinux_init. Getfscreatecon() allocates memory for the context, and the udev code was immediately setting the pointer (security_context_t is actually a typedef'ed char*) to NULL after the call regardless of success/failure. If you're wondering about the case where there's effectively a setfscreatecon(NULL), this is ok, as its used to tell SELinux to do the default labeling behavior. Renamed selinux_restore() to selinux_exit() due to the changed behavior. Fixed a couple of dbg() messages.
2005-04-26[PATCH] selinux: cleanup udev integrationkay.sievers@vrfy.org
Move code into a .c-file instead of big inline functions in a header file. Pass the device name down instead of relying that the node name is equal to the kernel name.
2005-04-26[PATCH] move udev_selinux into extras/selinuxgreg@kroah.com
2005-04-26[PATCH] first cut at standalone udev_selinux program.greg@kroah.com
Will not work, need to finish working on this on a system with selinux installed...
2005-04-26[PATCH] Add initial SELinux support for udevgreg@kroah.com
Based on a patch from Daniel J Walsh <dwalsh@redhat.com>