Add support for relabeling files. Files created or modified by mdev
should now have correct SELinux labels.
---
util-linux/mdev.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/util-linux/mdev.c b/util-linux/mdev.c
index e80b58f..c8ef48d 100644
--- a/util-linux/mdev.c
+++ b/util-linux/mdev.c
@@ -759,6 +759,19 @@ static void make_device(char *device_name, char *path, int
operation)
}
if (mknod(node_name, rule->mode | type, makedev(major,
minor)) && errno != EEXIST)
bb_perror_msg("can't create '%s'", node_name);
+
+#if ENABLE_SELINUX
+ /* relabel file, don't care if it existed before or was
just created */
+ if (is_selinux_enabled()) {
+ security_context_t scontext = NULL;
+ char *node_path = xasprintf("/dev/%s",
node_name);
+
+ if (matchpathcon(node_path, rule->mode | type,
&scontext) == 0)
+ setfilecon(node_path, scontext);
+ freecon(scontext);
+ }
+#endif
+
if (ENABLE_FEATURE_MDEV_CONF) {
chmod(node_name, rule->mode);
chown(node_name, rule->ugid.uid,
rule->ugid.gid);
--
1.8.5.3
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox
