Blame SOURCES/coreutils-8.30-chcon-invalid-context.patch
|
|
d3767b |
From 5d6c2c9b3869938592025ce169659f0c7e9970fc Mon Sep 17 00:00:00 2001
|
|
|
d3767b |
From: Kamil Dudka <kdudka@redhat.com>
|
|
|
d3767b |
Date: Mon, 2 Dec 2019 14:02:02 +0100
|
|
|
d3767b |
Subject: [PATCH] chcon: do not validate security context if SELinux is
|
|
|
d3767b |
disabled
|
|
|
d3767b |
|
|
|
d3767b |
* src/chcon.c (main): Skip call of security_check_context()
|
|
|
d3767b |
in case SELinux is disabled to avoid unnecessary failure.
|
|
|
d3767b |
|
|
|
d3767b |
Bug: https://bugzilla.redhat.com/1777831
|
|
|
d3767b |
|
|
|
d3767b |
Upstream-commit: 5118a2e392c8cffb3c26eaffbb75e2b1ef7607f9
|
|
|
d3767b |
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|
|
d3767b |
---
|
|
|
d3767b |
src/chcon.c | 4 +++-
|
|
|
d3767b |
1 file changed, 3 insertions(+), 1 deletion(-)
|
|
|
d3767b |
|
|
|
d3767b |
diff --git a/src/chcon.c b/src/chcon.c
|
|
|
d3767b |
index 6414406..eea4235 100644
|
|
|
d3767b |
--- a/src/chcon.c
|
|
|
d3767b |
+++ b/src/chcon.c
|
|
|
d3767b |
@@ -18,6 +18,7 @@
|
|
|
d3767b |
#include <stdio.h>
|
|
|
d3767b |
#include <sys/types.h>
|
|
|
d3767b |
#include <getopt.h>
|
|
|
d3767b |
+#include <selinux/selinux.h>
|
|
|
d3767b |
|
|
|
d3767b |
#include "system.h"
|
|
|
d3767b |
#include "dev-ino.h"
|
|
|
d3767b |
@@ -557,7 +558,8 @@ main (int argc, char **argv)
|
|
|
d3767b |
else
|
|
|
d3767b |
{
|
|
|
d3767b |
specified_context = argv[optind++];
|
|
|
d3767b |
- if (security_check_context (se_const (specified_context)) < 0)
|
|
|
d3767b |
+ if (0 < is_selinux_enabled ()
|
|
|
d3767b |
+ && security_check_context (se_const (specified_context)) < 0)
|
|
|
d3767b |
die (EXIT_FAILURE, errno, _("invalid context: %s"),
|
|
|
d3767b |
quote (specified_context));
|
|
|
d3767b |
}
|
|
|
d3767b |
--
|
|
|
d3767b |
2.21.1
|
|
|
d3767b |
|