From: Nicolas Iooss Date: Tue, 2 Feb 2016 19:07:46 +0000 (+0100) Subject: logind: load SELinux labelling system X-Git-Tag: v229.1~1^2~31 X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=f5ce2eabeda330f36bb89649db00a8e030baaa93 logind: load SELinux labelling system elogind-logind uses mkdir_label and label_fix functions without calling first mac_selinux_init. This makes /run/user/$UID/ directories not labelled correctly on an Arch Linux system using SELinux. Fix this by calling mac_selinux_init("/run") early in elogind-logind. This makes files created in /etc/udev/rules.d and /var/lib/elogind to be labelled through transitions in the SELinux policy instead of using setfscreatecon (with mac_selinux_create_file_prepare). --- diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c index 5dfe5aab2..a54071800 100644 --- a/src/login/logind-dbus.c +++ b/src/login/logind-dbus.c @@ -1235,7 +1235,6 @@ static int attach_device(Manager *m, const char *seat, const char *sysfs) { return -ENOMEM; mkdir_p_label("/etc/udev/rules.d", 0755); - mac_selinux_init("/etc"); r = write_string_file_atomic_label(file, rule); if (r < 0) return r;