security: rework selinux, smack, ima, apparmor detection logic

[elogind.git] / src / journal / journald-server.c

diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 4f47eb1c11ccdee5fa2a13507afc8c57f14c2e02..9732e1b25ed4cec5d33eb6dc942b791d1e0de21f 100644 (file)
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -321,8 +321,10 @@ void server_rotate(Server *s) {
                 if (r < 0)
                         if (f)
                                 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
-                        else
+                        else {
                                 log_error("Failed to create user journal: %s", strerror(-r));
+                                hashmap_remove(s->user_journals, k);
+                        }
                 else {
                         hashmap_replace(s->user_journals, k, f);
                         server_fix_perms(s, f, PTR_TO_UINT32(k));
@@ -627,19 +629,21 @@ static void dispatch_message_real(
                 }
 
 #ifdef HAVE_SELINUX
-                if (label) {
-                        x = alloca(sizeof("_SELINUX_CONTEXT=") + label_len);
+                if (use_selinux()) {
+                        if (label) {
+                                x = alloca(sizeof("_SELINUX_CONTEXT=") + label_len);
 
-                        *((char*) mempcpy(stpcpy(x, "_SELINUX_CONTEXT="), label, label_len)) = 0;
-                        IOVEC_SET_STRING(iovec[n++], x);
-                } else {
-                        security_context_t con;
+                                *((char*) mempcpy(stpcpy(x, "_SELINUX_CONTEXT="), label, label_len)) = 0;
+                                IOVEC_SET_STRING(iovec[n++], x);
+                        } else {
+                                security_context_t con;
 
-                        if (getpidcon(ucred->pid, &con) >= 0) {
-                                x = strappenda("_SELINUX_CONTEXT=", con);
+                                if (getpidcon(ucred->pid, &con) >= 0) {
+                                        x = strappenda("_SELINUX_CONTEXT=", con);
 
-                                freecon(con);
-                                IOVEC_SET_STRING(iovec[n++], x);
+                                        freecon(con);
+                                        IOVEC_SET_STRING(iovec[n++], x);
+                                }
                         }
                 }
 #endif