[PATCH] udev selinux fix

[PATCH] udev selinux fix

Here is a fix for the SELinux part of udev.

Setfscreatecon() overrides the default labeling behavior of SELinux when
creating files, so it should only be used for as short of a time as
possible, around the mknod or symlink calls.  Without this, the files in
udev_db get the wrong label because the fscreatecon is reset after the
udev_db file creation instead of before.  I'm guessing the Redhat people
missed this because they modify udev_db to be one big file instead of a
directory of small files (at least that's what I'm told).  I created
selinux_resetfscreatecon() to reset the fscreatecon asap after the
file/node is created.

Fixed a memory leak in selinux_init.  Getfscreatecon() allocates memory
for the context, and the udev code was immediately setting the pointer
(security_context_t is actually a typedef'ed char*) to NULL after the
call regardless of success/failure.  If you're wondering about the case
where there's effectively a setfscreatecon(NULL), this is ok, as its
used to tell SELinux to do the default labeling behavior.

Renamed selinux_restore() to selinux_exit() due to the changed behavior.

Fixed a couple of dbg() messages.