From a5c32cff1f56afe6f0c6c70d91a88a7a8238b2d7 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Thu, 14 Feb 2013 12:26:13 +0100
Subject: honor SELinux labels, when creating and writing config files

Also split out some fileio functions to fileio.c and provide a SELinux
aware pendant in fileio-label.c

see https://bugzilla.redhat.com/show_bug.cgi?id=881577
---
 src/login/logind-dbus.c    | 5 ++++-
 src/login/logind-inhibit.c | 1 +
 src/login/logind-session.c | 1 +
 src/login/logind-user.c    | 1 +
 src/login/pam-module.c     | 1 +
 src/login/sd-login.c       | 1 +
 src/login/user-sessions.c  | 1 +
 7 files changed, 10 insertions(+), 1 deletion(-)

(limited to 'src/login')

diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
index f35185971b..d235474a23 100644
--- a/src/login/logind-dbus.c
+++ b/src/login/logind-dbus.c
@@ -33,6 +33,8 @@
 #include "special.h"
 #include "systemd/sd-id128.h"
 #include "systemd/sd-messages.h"
+#include "fileio-label.h"
+#include "label.h"
 
 #define BUS_MANAGER_INTERFACE                                           \
         " <interface name=\"org.freedesktop.login1.Manager\">\n"        \
@@ -937,7 +939,8 @@ static int attach_device(Manager *m, const char *seat, const char *sysfs) {
         }
 
         mkdir_p_label("/etc/udev/rules.d", 0755);
-        r = write_one_line_file_atomic(file, rule);
+        label_init("/etc");
+        r = write_one_line_file_atomic_label(file, rule);
         if (r < 0)
                 goto finish;
 
diff --git a/src/login/logind-inhibit.c b/src/login/logind-inhibit.c
index 2c1a412e55..9994084f93 100644
--- a/src/login/logind-inhibit.c
+++ b/src/login/logind-inhibit.c
@@ -30,6 +30,7 @@
 #include "mkdir.h"
 #include "path-util.h"
 #include "logind-inhibit.h"
+#include "fileio.h"
 
 Inhibitor* inhibitor_new(Manager *m, const char* id) {
         Inhibitor *i;
diff --git a/src/login/logind-session.c b/src/login/logind-session.c
index b981e147c9..71c79127e9 100644
--- a/src/login/logind-session.c
+++ b/src/login/logind-session.c
@@ -33,6 +33,7 @@
 #include "path-util.h"
 #include "cgroup-util.h"
 #include "logind-session.h"
+#include "fileio.h"
 
 Session* session_new(Manager *m, User *u, const char *id) {
         Session *s;
diff --git a/src/login/logind-user.c b/src/login/logind-user.c
index b692b533e2..411215a925 100644
--- a/src/login/logind-user.c
+++ b/src/login/logind-user.c
@@ -29,6 +29,7 @@
 #include "cgroup-util.h"
 #include "hashmap.h"
 #include "strv.h"
+#include "fileio.h"
 
 User* user_new(Manager *m, uid_t uid, gid_t gid, const char *name) {
         User *u;
diff --git a/src/login/pam-module.c b/src/login/pam-module.c
index 88b0ef9e45..702095e5e6 100644
--- a/src/login/pam-module.c
+++ b/src/login/pam-module.c
@@ -41,6 +41,7 @@
 #include "dbus-common.h"
 #include "def.h"
 #include "socket-util.h"
+#include "fileio.h"
 
 static int parse_argv(pam_handle_t *handle,
                       int argc, const char **argv,
diff --git a/src/login/sd-login.c b/src/login/sd-login.c
index b81dddf86b..8867e8c8eb 100644
--- a/src/login/sd-login.c
+++ b/src/login/sd-login.c
@@ -29,6 +29,7 @@
 #include "macro.h"
 #include "sd-login.h"
 #include "strv.h"
+#include "fileio.h"
 
 _public_ int sd_pid_get_session(pid_t pid, char **session) {
         int r;
diff --git a/src/login/user-sessions.c b/src/login/user-sessions.c
index 91531e8f38..c6f8fa79e2 100644
--- a/src/login/user-sessions.c
+++ b/src/login/user-sessions.c
@@ -26,6 +26,7 @@
 #include "log.h"
 #include "util.h"
 #include "cgroup-util.h"
+#include "fileio.h"
 
 int main(int argc, char*argv[]) {
         int ret = EXIT_FAILURE;
-- 
cgit v1.2.3-54-g00ecf