chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
nspawn: allow spawning ephemeral nspawn containers based on the root file system...
[elogind.git]
/
src
/
shared
/
selinux-util.c
diff --git
a/src/shared/selinux-util.c
b/src/shared/selinux-util.c
index 6bd3bf1c8027c651a928692b2773e21a32c7b63e..a2233e0cfb75e5c259fd42131e5930af2fc96841 100644
(file)
--- a/
src/shared/selinux-util.c
+++ b/
src/shared/selinux-util.c
@@
-233,7
+233,7
@@
int mac_selinux_get_our_label(char **label) {
return r;
}
return r;
}
-int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, char **label) {
+int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, c
onst char *exec_label, c
har **label) {
int r = -EOPNOTSUPP;
#ifdef HAVE_SELINUX
int r = -EOPNOTSUPP;
#ifdef HAVE_SELINUX
@@
-257,11
+257,7
@@
int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, char **label
if (r < 0)
return -errno;
if (r < 0)
return -errno;
- r = getexeccon(&fcon);
- if (r < 0)
- return -errno;
-
- if (!fcon) {
+ if (!exec_label) {
/* If there is no context set for next exec let's use context
of target executable */
r = getfilecon(exe, &fcon);
/* If there is no context set for next exec let's use context
of target executable */
r = getfilecon(exe, &fcon);