selinux: more context settings

[elogind.git] / udev_rules_parse.c

diff --git a/udev_rules_parse.c b/udev_rules_parse.c
index 3afc31a0fad8b7cb35d4a11ea9dc74da61fc4f46..d2392c36e054b144907e0c9b080e2cbc36b05ba9 100644 (file)
--- a/udev_rules_parse.c
+++ b/udev_rules_parse.c
@@ -469,6 +469,11 @@ static int add_to_rules(struct udev_rules *rules, char *line, const char *filena
                }
 
                if (strncasecmp(key, "TEST", sizeof("TEST")-1) == 0) {
+                       if (operation != KEY_OP_MATCH &&
+                           operation != KEY_OP_NOMATCH) {
+                               err("invalid TEST operation");
+                               goto invalid;
+                       }
                        attr = get_key_attribute(key + sizeof("TEST")-1);
                        if (attr != NULL)
                                rule->test_mode_mask = strtol(attr, NULL, 8);
@@ -740,7 +745,9 @@ int udev_rules_init(struct udev_rules *rules, int resolve_names)
        strlcat(filename, "/"RULES_DYN_DIR, sizeof(filename));
        if (stat(filename, &statbuf) != 0) {
                create_path(filename);
+               selinux_setfscreatecon(filename, NULL, S_IFDIR|0755);
                mkdir(filename, 0755);
+               selinux_resetfscreatecon();
        }
        add_matching_files(&dyn_list, filename, RULESFILE_SUFFIX);