Prep v234: Apply missing upstream fixes in src/basic (1/6)

[elogind.git] / src / basic / selinux-util.c

diff --git a/src/basic/selinux-util.c b/src/basic/selinux-util.c
index 021041cbdccd195558bebe2111b9b1b6cb5850a6..c7a04ad7644402f23f10a52f8097f7df2f383d65 100644 (file)
--- a/src/basic/selinux-util.c
+++ b/src/basic/selinux-util.c
@@ -50,10 +50,10 @@ DEFINE_TRIVIAL_CLEANUP_FUNC(context_t, context_free);
 static int cached_use = -1;
 static struct selabel_handle *label_hnd = NULL;
 
-#define log_enforcing(...) log_full(security_getenforce() == 1 ? LOG_ERR : LOG_DEBUG, __VA_ARGS__)
+#define log_enforcing(...) log_full_errno(security_getenforce() == 1 ? LOG_ERR : LOG_DEBUG, errno, __VA_ARGS__)
 #endif
 
-bool mac_selinux_have(void) {
+bool mac_selinux_use(void) {
 #ifdef HAVE_SELINUX
         if (cached_use < 0)
                 cached_use = is_selinux_enabled() > 0;
@@ -64,23 +64,11 @@ bool mac_selinux_have(void) {
 #endif
 }
 
-bool mac_selinux_use(void) {
-        if (!mac_selinux_have())
-                return false;
-
-        /* Never try to configure SELinux features if we aren't
-         * root */
-
-        return getuid() == 0;
-}
-
-#if 0 /// UNNEEDED by elogind
 void mac_selinux_retest(void) {
 #ifdef HAVE_SELINUX
         cached_use = -1;
 #endif
 }
-#endif // 0
 
 int mac_selinux_init(void) {
         int r = 0;
@@ -120,7 +108,6 @@ int mac_selinux_init(void) {
         return r;
 }
 
-#if 0 /// UNNEEDED by elogind
 void mac_selinux_finish(void) {
 
 #ifdef HAVE_SELINUX
@@ -131,7 +118,6 @@ void mac_selinux_finish(void) {
         label_hnd = NULL;
 #endif
 }
-#endif // 0
 
 int mac_selinux_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
 
@@ -210,7 +196,7 @@ int mac_selinux_get_create_label_from_exe(const char *exe, char **label) {
         assert(exe);
         assert(label);
 
-        if (!mac_selinux_have())
+        if (!mac_selinux_use())
                 return -EOPNOTSUPP;
 
         r = getcon_raw(&mycon);
@@ -236,7 +222,7 @@ int mac_selinux_get_our_label(char **label) {
         assert(label);
 
 #ifdef HAVE_SELINUX
-        if (!mac_selinux_have())
+        if (!mac_selinux_use())
                 return -EOPNOTSUPP;
 
         r = getcon_raw(label);
@@ -260,7 +246,7 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *
         assert(exe);
         assert(label);
 
-        if (!mac_selinux_have())
+        if (!mac_selinux_use())
                 return -EOPNOTSUPP;
 
         r = getcon_raw(&mycon);
@@ -315,7 +301,7 @@ char* mac_selinux_free(char *label) {
         if (!label)
                 return NULL;
 
-        if (!mac_selinux_have())
+        if (!mac_selinux_use())
                 return NULL;