[PATCH]: chcon: no longer abort on SELinux disabled kernel

Mon, 05 Oct 2009 00:32:32 -0700 

Hello,
as reported in https://bugzilla.redhat.com/show_bug.cgi?id=527142 by
Yanko Kaneti, chcon aborts on SELinux disabled kernel due to missing
check for SELinux enabled kernel. Attached patch is fixing the issue. 

Additionally - for consistency - error message of this check in runcon
was changed to not hardcode "runcon" program name.

Greetings,
         Ondřej Vašík

From 3dbd792b3e9379a4795d1becdc4252de236429bc Mon Sep 17 00:00:00 2001
From: =?utf-8?q?Ond=C5=99ej=20Va=C5=A1=C3=ADk?= <ova...@redhat.com>
Date: Mon, 5 Oct 2009 09:20:48 +0200
Subject: [PATCH] chcon: no longer abort on SELinux disabled kernel

* src/chcon.c (main): Check SELinux enabled kernel.
  Reported in https://bugzilla.redhat.com/show_bug.cgi?id=527142 by
  Yanko Kaneti.
* src/runcon.c (main): Do not hardcode program name in error message
  of SELinux enabled kernel check.
* NEWS: Mention it.
* THANKS: Update.
---
 NEWS         |    3 +++
 THANKS       |    1 +
 src/chcon.c  |    4 ++++
 src/runcon.c |    2 +-
 4 files changed, 9 insertions(+), 1 deletions(-)

diff --git a/NEWS b/NEWS
index aff0744..3ed2d75 100644
--- a/NEWS
+++ b/NEWS
@@ -28,6 +28,9 @@ GNU coreutils NEWS                                    -*- outline -*-
   [The race was introduced in coreutils-7.5,
    and the unnecessary delay was present since textutils-1.22o]
 
+  chcon no longer aborts on SELinux disabled system.
+  [the bug dates back to the initial implementation]
+
 ** Portability
 
   On Solaris 9, many commands would mistakenly treat file/ the same as
diff --git a/THANKS b/THANKS
index e0e14e5..65ac1bb 100644
--- a/THANKS
+++ b/THANKS
@@ -612,6 +612,7 @@ Wis Macomson                        wis.macom...@intel.com
 Wojciech Purczynski                 cl...@isec.pl
 Wolfram Kleff                       kl...@cs.uni-bonn.de
 Won-kyu Park                        wkp...@chem.skku.ac.kr
+Yanko Kaneti                        yan...@declera.com
 Yann Dirson                         dir...@debian.org
 Zvi Har'El                          r...@math.technion.ac.il
 
diff --git a/src/chcon.c b/src/chcon.c
index fbfdb4d..c0da694 100644
--- a/src/chcon.c
+++ b/src/chcon.c
@@ -519,6 +519,10 @@ main (int argc, char **argv)
       usage (EXIT_FAILURE);
     }
 
+  if (is_selinux_enabled () != 1)
+    error (EXIT_FAILURE, 0,
+           _("%s may be used only on a SELinux kernel"), program_name);
+
   if (reference_file)
     {
       if (getfilecon (reference_file, &ref_context) < 0)
diff --git a/src/runcon.c b/src/runcon.c
index e0019da..f87eada 100644
--- a/src/runcon.c
+++ b/src/runcon.c
@@ -195,7 +195,7 @@ main (int argc, char **argv)
 
   if (is_selinux_enabled () != 1)
     error (EXIT_FAILURE, 0,
-           _("runcon may be used only on a SELinux kernel"));
+           _("%s may be used only on a SELinux kernel"), program_name);
 
   if (context)
     {
-- 
1.5.6.1.156.ge903b

Attachment: signature.asc
Description: Toto je digitálně podepsaná část zprávy

Reply via email to