X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=udev_selinux.c;h=94c213d297aca46c0d3927709db2789119bb57fc;hp=72381f0d0d450e19d97d9019084efe308c9fde01;hb=f83cccb9798d6ce70c6cc39d2100794813b3615b;hpb=fbda4a34d846946bf8ed63deadfd6e65b2299792

diff --git a/udev_selinux.c b/udev_selinux.c
index 72381f0d0..94c213d29 100644
--- a/udev_selinux.c
+++ b/udev_selinux.c
@@ -30,8 +30,8 @@
 #include <errno.h>
 #include <selinux/selinux.h>
 
+#include "udev.h"
 #include "udev_selinux.h"
-#include "logging.h"
 
 static security_context_t prev_scontext = NULL;
 
@@ -100,12 +100,12 @@ void selinux_setfilecon(const char *file, const char *devname, unsigned int mode
 
 		if (ret < 0)
 			if (matchpathcon(file, mode, &scontext) < 0) {
-				dbg("matchpathcon(%s) failed\n", file);
+				err("matchpathcon(%s) failed\n", file);
 				return;
 			} 
 
 		if (setfilecon(file, scontext) < 0)
-			dbg("setfiles %s failed with error '%s'", file, strerror(errno));
+			err("setfilecon %s failed: %s", file, strerror(errno));
 
 		freecon(scontext);
 	}
@@ -126,17 +126,25 @@ void selinux_setfscreatecon(const char *file, const char *devname, unsigned int
 
 		if (ret < 0)
 			if (matchpathcon(file, mode, &scontext) < 0) {
-				dbg("matchpathcon(%s) failed\n", file);
+				err("matchpathcon(%s) failed\n", file);
 				return;
 			}
 
 		if (setfscreatecon(scontext) < 0)
-			dbg("setfiles %s failed with error '%s'", file, strerror(errno));
+			err("setfscreatecon %s failed: %s", file, strerror(errno));
 
 		freecon(scontext);
 	}
 }
 
+void selinux_resetfscreatecon(void)
+{
+	if (is_selinux_running()) {
+		if (setfscreatecon(prev_scontext) < 0)
+			err("setfscreatecon failed: %s", strerror(errno));
+	}
+}
+
 void selinux_init(void)
 {
 	/*
@@ -144,23 +152,18 @@ void selinux_init(void)
 	 * restoration creation purposes.
 	 */
 	if (is_selinux_running()) {
-		if (getfscreatecon(&prev_scontext) < 0)
-			dbg("getfscreatecon failed\n");
-
-		prev_scontext = NULL;
+		matchpathcon_init_prefix(NULL, udev_root);
+		if (getfscreatecon(&prev_scontext) < 0) {
+			err("getfscreatecon failed\n");
+			prev_scontext = NULL;
+		}
 	}
 }
 
-void selinux_restore(void)
+void selinux_exit(void)
 {
-	if (is_selinux_running()) {
-		/* reset the file create context to its former glory */
-		if (setfscreatecon(prev_scontext) < 0)
-			dbg("setfscreatecon failed\n");
-
-		if (prev_scontext) {
-			freecon(prev_scontext);
-			prev_scontext = NULL;
-		}
+	if (is_selinux_running() && prev_scontext) {
+		freecon(prev_scontext);
+		prev_scontext = NULL;
 	}
 }