static struct selabel_handle *label_hnd = NULL;
-static inline int use_selinux(void) {
+static inline bool use_selinux(void) {
static int use_selinux_ind = -1;
- if (use_selinux_ind == -1)
- use_selinux_ind = (is_selinux_enabled() == 1);
+ if (use_selinux_ind < 0)
+ use_selinux_ind = is_selinux_enabled() > 0;
return use_selinux_ind;
}
r = getfilecon(path, &dir_con);
if (r >= 0) {
r = -1;
+ errno = EINVAL;
+
if ((sclass = string_to_security_class(class)) != 0)
r = security_compute_create((security_context_t) label, dir_con, sclass, fcon);
}
struct stat st;
security_context_t fcon;
- if (!use_selinux())
+ if (!use_selinux() || !label_hnd)
return 0;
r = lstat(path, &st);
void label_finish(void) {
#ifdef HAVE_SELINUX
- if (use_selinux())
+ if (use_selinux() && label_hnd)
selabel_close(label_hnd);
#endif
}
int r;
security_context_t fcon = NULL;
- if (use_selinux()) {
+ if (use_selinux() && label_hnd) {
if (path[0] == '/') {
r = selabel_lookup_raw(label_hnd, &fcon, path, mode);
}
r = mkdir(path, mode);
finish:
- if (use_selinux()) {
+ if (use_selinux() && label_hnd) {
setfscreatecon(NULL);
freecon(fcon);
}