diff options
author | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2019-09-28 21:40:31 +0200 |
---|---|---|
committer | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2019-09-28 23:34:17 +0200 |
commit | 9bcb6edfe419d390acddc2ed7d0c04d37b753ac3 (patch) | |
tree | 2d0ca53b10fa413f2e7e8934be11efa93430e548 /mkfs/dirscan.c | |
parent | f415b29255819e19ffde16018fb9ad02cbbfd17c (diff) |
Do the SELinux relabeling while generating the fstree
This commit splits the SELinux relabeling function up into 3 parts:
- open the label file
- apply relabeling rules to a given file
- close the label file
The relabeling is done while building the tree (if reading from an
input directory) or in a post process step if reading from a desription
file.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Diffstat (limited to 'mkfs/dirscan.c')
-rw-r--r-- | mkfs/dirscan.c | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/mkfs/dirscan.c b/mkfs/dirscan.c index 5cb955a..160fbc3 100644 --- a/mkfs/dirscan.c +++ b/mkfs/dirscan.c @@ -109,9 +109,9 @@ fail: #endif static int populate_dir(fstree_t *fs, tree_node_t *root, dev_t devstart, - unsigned int flags) + void *selinux_handle, unsigned int flags) { - char *extra = NULL; + char *extra = NULL, *path; struct dirent *ent; struct stat sb; tree_node_t *n; @@ -177,6 +177,21 @@ static int populate_dir(fstree_t *fs, tree_node_t *root, dev_t devstart, goto fail; } #endif + if (selinux_handle != NULL) { + path = fstree_get_path(n); + if (path == NULL) { + perror("getting full path for " + "SELinux relabeling"); + goto fail; + } + + if (selinux_relable_node(selinux_handle, fs, n, path)) { + free(path); + goto fail; + } + + free(path); + } free(extra); extra = NULL; @@ -189,7 +204,7 @@ static int populate_dir(fstree_t *fs, tree_node_t *root, dev_t devstart, if (pushd(n->name)) return -1; - if (populate_dir(fs, n, devstart, flags)) + if (populate_dir(fs, n, devstart, selinux_handle, flags)) return -1; if (popd()) @@ -206,7 +221,8 @@ fail: return -1; } -int fstree_from_dir(fstree_t *fs, const char *path, unsigned int flags) +int fstree_from_dir(fstree_t *fs, const char *path, void *selinux_handle, + unsigned int flags) { struct stat sb; int ret; @@ -219,7 +235,7 @@ int fstree_from_dir(fstree_t *fs, const char *path, unsigned int flags) if (pushd(path)) return -1; - ret = populate_dir(fs, fs->root, sb.st_dev, flags); + ret = populate_dir(fs, fs->root, sb.st_dev, selinux_handle, flags); if (popd()) ret = -1; |