+void selinux_setfscreatecon(const char *file, const char *devname, unsigned int mode)
+{
+ if (is_selinux_running()) {
+ security_context_t scontext = NULL;
+ char *media;
+ int ret = -1;
+
+ media = get_media(devname, mode);
+ if (media) {
+ ret = matchmediacon(media, &scontext);
+ free(media);
+ }
+
+ if (ret < 0)
+ if (matchpathcon(file, mode, &scontext) < 0) {
+ dbg("matchpathcon(%s) failed\n", file);
+ return;
+ }
+
+ if (setfscreatecon(scontext) < 0)
+ dbg("setfiles %s failed with error '%s'", file, strerror(errno));
+
+ freecon(scontext);
+ }
+}
+
+void selinux_init(void)
+{
+ /*
+ * record the present security context, for file-creation
+ * restoration creation purposes.
+ */
+ if (is_selinux_running()) {
+ if (getfscreatecon(&prev_scontext) < 0)
+ dbg("getfscreatecon failed\n");
+
+ prev_scontext = NULL;
+ }
+}
+
+void selinux_restore(void)
+{
+ if (is_selinux_running()) {
+ /* reset the file create context to its former glory */
+ if (setfscreatecon(prev_scontext) < 0)
+ dbg("setfscreatecon failed\n");
+
+ if (prev_scontext) {
+ freecon(prev_scontext);
+ prev_scontext = NULL;
+ }
+ }
+}