[Reproducible-commits] [dpkg] 13/40: dpkg: Set the SE Linux file context even without a file type in mode
Jérémy Bobbio
lunar at moszumanska.debian.org
Sat May 30 09:52:47 UTC 2015
This is an automated email from the git hooks/post-receive script.
lunar pushed a commit to branch pu/reproducible_builds
in repository dpkg.
commit 2600dd55f20f2921b50a63803c22a2816ec07607
Author: Guillem Jover <guillem at debian.org>
Date: Wed May 27 20:50:51 2015 +0200
dpkg: Set the SE Linux file context even without a file type in mode
If the mode does not have a file type, for whatever reason, the
libselinux labelling code will try to match on the pathname, which
is better than no labelling at all.
This should never happen in practice, but it is a safer assumption
and more future proof.
---
debian/changelog | 1 +
src/selinux.c | 4 ----
2 files changed, 1 insertion(+), 4 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index fc3d823..4c73c28 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,6 +7,7 @@ dpkg (1.18.1) UNRELEASED; urgency=low
Closes: #720761
* Fix setting the SE Linux context when a file has a statoverride.
Closes: #786435
+ * Set the SE Linux file context even when the file mode has no file type.
* Perl modules:
- Add missing strict and warnings pragmas for submodules.
- Use non-destructive substitutions inside map.
diff --git a/src/selinux.c b/src/selinux.c
index fe8fdb6..b582b14 100644
--- a/src/selinux.c
+++ b/src/selinux.c
@@ -95,10 +95,6 @@ dpkg_selabel_set_context(const char *matchpath, const char *path, mode_t mode)
security_context_t scontext = NULL;
int ret;
- /* If there's no file type, just give up. */
- if ((mode & S_IFMT) == 0)
- return;
-
/* If SELinux is not enabled just do nothing. */
sehandle = dpkg_selabel_get_handle();
if (sehandle == NULL)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/dpkg.git
More information about the Reproducible-commits
mailing list