X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fcore%2Fselinux-setup.c;h=e9c0de92f1fb5157d665b97e238535d38104d2af;hb=774de5a97fe69da822fde77b88af8d970ab5d0c6;hp=a7e1fa4007f055793a3b66fab966ff3d7886420e;hpb=b30e2f4c18ad81b04e4314fd191a5d458553773c;p=elogind.git

diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c
index a7e1fa400..e9c0de92f 100644
--- a/src/core/selinux-setup.c
+++ b/src/core/selinux-setup.c
@@ -6,16 +6,16 @@
   Copyright 2010 Lennart Poettering
 
   systemd is free software; you can redistribute it and/or modify it
-  under the terms of the GNU General Public License as published by
-  the Free Software Foundation; either version 2 of the License, or
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
   (at your option) any later version.
 
   systemd is distributed in the hope that it will be useful, but
   WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-  General Public License for more details.
+  Lesser General Public License for more details.
 
-  You should have received a copy of the GNU General Public License
+  You should have received a copy of the GNU Lesser General Public License
   along with systemd; If not, see <http://www.gnu.org/licenses/>.
 ***/
 
@@ -30,11 +30,18 @@
 #endif
 
 #include "selinux-setup.h"
+#include "selinux-util.h"
+#include "label.h"
 #include "mount-setup.h"
 #include "macro.h"
 #include "util.h"
 #include "log.h"
-#include "label.h"
+
+#ifdef HAVE_SELINUX
+static int null_log(int type, const char *fmt, ...) {
+        return 0;
+}
+#endif
 
 int selinux_setup(bool *loaded_policy) {
 
@@ -43,9 +50,14 @@ int selinux_setup(bool *loaded_policy) {
        usec_t before_load, after_load;
        security_context_t con;
        int r;
+       union selinux_callback cb;
 
        assert(loaded_policy);
 
+       /* Turn off all of SELinux' own logging, we want to do that */
+       cb.func_log = null_log;
+       selinux_set_callback(SELINUX_CB_LOG, cb);
+
        /* Make sure getcon() works, which needs /proc and /sys */
        mount_setup_early();
 
@@ -68,12 +80,11 @@ int selinux_setup(bool *loaded_policy) {
        /* Now load the policy */
        before_load = now(CLOCK_MONOTONIC);
        r = selinux_init_load_policy(&enforce);
-
        if (r == 0) {
                char timespan[FORMAT_TIMESPAN_MAX];
                char *label;
 
-               label_retest_selinux();
+               retest_selinux();
 
                /* Transition to the new context */
                r = label_get_create_label_from_exe(SYSTEMD_BINARY_PATH, &label);