X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fshared%2Fselinux-util.c;h=6bd3bf1c8027c651a928692b2773e21a32c7b63e;hp=4332c916fa11c248bd7f3bdb85355d4afd9a9f2a;hb=79008bddf679a5e0900369950eb346c9fa687107;hpb=c34255bdb217c2a1d3ac6348252437ab8be9ca46

diff --git a/src/shared/selinux-util.c b/src/shared/selinux-util.c
index 4332c916f..6bd3bf1c8 100644
--- a/src/shared/selinux-util.c
+++ b/src/shared/selinux-util.c
@@ -23,6 +23,7 @@
 #include <unistd.h>
 #include <malloc.h>
 #include <sys/un.h>
+
 #ifdef HAVE_SELINUX
 #include <selinux/selinux.h>
 #include <selinux/label.h>
@@ -328,12 +329,16 @@ int mac_selinux_create_file_prepare(const char *path, mode_t mode) {
                 if (!newpath)
                         return -ENOMEM;
 
-                r = selabel_lookup_raw(label_hnd, &filecon, newpath, S_IFDIR);
+                r = selabel_lookup_raw(label_hnd, &filecon, newpath, mode);
         }
 
-        if (r < 0 && errno != ENOENT)
+        /* No context specified by the policy? Proceed without setting it. */
+        if (r < 0 && errno == ENOENT)
+                return 0;
+
+        if (r < 0)
                 r = -errno;
-        else if (r == 0) {
+        else {
                 r = setfscreatecon(filecon);
                 if (r < 0) {
                         log_enforcing("Failed to set SELinux security context %s for %s: %m", filecon, path);