chiark / gitweb /
~ianmdlvl / elogind.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e2b99e6)
logind: apply selinux label to XDG_RUNTIME_DIR
authorLennart Poettering <lennart@poettering.net>
Wed, 17 Jun 2015 14:29:03 +0000 (16:29 +0200)
committerSven Eden <yamakuzure@gmx.net>
Tue, 14 Mar 2017 09:03:03 +0000 (10:03 +0100)
As discussed in #257: we should ensure the selinux label is correctly
applied to each user's XDG_RUNTIME_DIR.

src/login/logind-user.c patch | blob | history

diff --git a/src/login/logind-user.c b/src/login/logind-user.c
index 6720899def35326046503295c152f49b2fab27ad..738e69ccede5be4acbda32d3dc18e5d52eb0bbec 100644 (file)
--- a/src/login/logind-user.c
+++ b/src/login/logind-user.c
@@ -36,9 +36,10 @@
 #include "bus-error.h"
 #include "conf-parser.h"
 #include "clean-ipc.h"
 #include "bus-error.h"
 #include "conf-parser.h"
 #include "clean-ipc.h"
-#include "logind-user.h"
 #include "smack-util.h"
 #include "formats-util.h"
 #include "smack-util.h"
 #include "formats-util.h"
+#include "label.h"
+#include "logind-user.h"
 
 User* user_new(Manager *m, uid_t uid, gid_t gid, const char *name) {
         User *u;
 
 User* user_new(Manager *m, uid_t uid, gid_t gid, const char *name) {
         User *u;
@@ -323,7 +324,7 @@ static int user_mkdir_runtime_path(User *u) {
         if (path_is_mount_point(p, 0) <= 0) {
                 _cleanup_free_ char *t = NULL;
 
         if (path_is_mount_point(p, 0) <= 0) {
                 _cleanup_free_ char *t = NULL;
 
-                (void) mkdir(p, 0700);
+                (void) mkdir_label(p, 0700);
 
                 if (mac_smack_use())
                         r = asprintf(&t, "mode=0700,smackfsroot=*,uid=" UID_FMT ",gid=" GID_FMT ",size=%zu", u->uid, u->gid, u->manager->runtime_dir_size);
 
                 if (mac_smack_use())
                         r = asprintf(&t, "mode=0700,smackfsroot=*,uid=" UID_FMT ",gid=" GID_FMT ",size=%zu", u->uid, u->gid, u->manager->runtime_dir_size);
@@ -351,6 +352,10 @@ static int user_mkdir_runtime_path(User *u) {
                                 goto fail;
                         }
                 }
                                 goto fail;
                         }
                 }
+
+                r = label_fix(p, false, false);
+                if (r < 0)
+                        log_warning_errno(r, "Failed to fix label of '%s', ignoring: %m", p);
         }
 
         u->runtime_path = p;
         }
 
         u->runtime_path = p;
Unnamed repository; edit this file 'description' to name the repository.