d3767b
From 5d6c2c9b3869938592025ce169659f0c7e9970fc Mon Sep 17 00:00:00 2001
d3767b
From: Kamil Dudka <kdudka@redhat.com>
d3767b
Date: Mon, 2 Dec 2019 14:02:02 +0100
d3767b
Subject: [PATCH] chcon: do not validate security context if SELinux is
d3767b
 disabled
d3767b
d3767b
* src/chcon.c (main): Skip call of security_check_context()
d3767b
in case SELinux is disabled to avoid unnecessary failure.
d3767b
d3767b
Bug: https://bugzilla.redhat.com/1777831
d3767b
d3767b
Upstream-commit: 5118a2e392c8cffb3c26eaffbb75e2b1ef7607f9
d3767b
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
d3767b
---
d3767b
 src/chcon.c | 4 +++-
d3767b
 1 file changed, 3 insertions(+), 1 deletion(-)
d3767b
d3767b
diff --git a/src/chcon.c b/src/chcon.c
d3767b
index 6414406..eea4235 100644
d3767b
--- a/src/chcon.c
d3767b
+++ b/src/chcon.c
d3767b
@@ -18,6 +18,7 @@
d3767b
 #include <stdio.h>
d3767b
 #include <sys/types.h>
d3767b
 #include <getopt.h>
d3767b
+#include <selinux/selinux.h>
d3767b
 
d3767b
 #include "system.h"
d3767b
 #include "dev-ino.h"
d3767b
@@ -557,7 +558,8 @@ main (int argc, char **argv)
d3767b
   else
d3767b
     {
d3767b
       specified_context = argv[optind++];
d3767b
-      if (security_check_context (se_const (specified_context)) < 0)
d3767b
+      if (0 < is_selinux_enabled ()
d3767b
+          && security_check_context (se_const (specified_context)) < 0)
d3767b
         die (EXIT_FAILURE, errno, _("invalid context: %s"),
d3767b
              quote (specified_context));
d3767b
     }
d3767b
-- 
d3767b
2.21.1
d3767b