Age | Commit message (Collapse) | Author |
|
|
|
|
|
We never used any of the libsysfs convenience features. Here we replace
it completely with 300 lines of code, which are much simpler and a bit
faster cause udev(d) does not open any syfs file for a simple event which
does not need any parent device information.
Signed-off-by: Kay Sievers <kay.sievers@suse.de>
|
|
|
|
Taken from Red Hat CVS:
udev-075-selinux.patch
|
|
|
|
|
|
|
|
|
|
|
|
Here is a fix for the SELinux part of udev.
Setfscreatecon() overrides the default labeling behavior of SELinux when
creating files, so it should only be used for as short of a time as
possible, around the mknod or symlink calls. Without this, the files in
udev_db get the wrong label because the fscreatecon is reset after the
udev_db file creation instead of before. I'm guessing the Redhat people
missed this because they modify udev_db to be one big file instead of a
directory of small files (at least that's what I'm told). I created
selinux_resetfscreatecon() to reset the fscreatecon asap after the
file/node is created.
Fixed a memory leak in selinux_init. Getfscreatecon() allocates memory
for the context, and the udev code was immediately setting the pointer
(security_context_t is actually a typedef'ed char*) to NULL after the
call regardless of success/failure. If you're wondering about the case
where there's effectively a setfscreatecon(NULL), this is ok, as its
used to tell SELinux to do the default labeling behavior.
Renamed selinux_restore() to selinux_exit() due to the changed behavior.
Fixed a couple of dbg() messages.
|
|
Move code into a .c-file instead of big inline functions in a header file.
Pass the device name down instead of relying that the node name is equal
to the kernel name.
|
|
|
|
Will not work, need to finish working on this on a system with selinux installed...
|
|
Based on a patch from Daniel J Walsh <dwalsh@redhat.com>
|