diff options
| author | Jeremy Katz <katzj@redhat.com> | 2005-03-23 16:32:22 +0000 |
|---|---|---|
| committer | Jeremy Katz <katzj@redhat.com> | 2005-03-23 16:32:22 +0000 |
| commit | 7c4b0854559e7db28ab0c77cd6cf71eb3ec7665e (patch) | |
| tree | 415d48c2cf1d3c70d0cee901e9e81cef1ab0ff8a | |
| parent | 415e3ef47013fa78fc5101925e17dc5b3b22982a (diff) | |
| download | anaconda-10.1.1.17-1.tar.gz anaconda-10.1.1.17-1.tar.xz anaconda-10.1.1.17-1.zip | |
2005-03-23 Jeremy Katz <katzj@redhat.com>anaconda-10.1.1.17-1
* anaconda.spec: Bump version.
* loader2/selinux.c: Load SELinux booleans file if it exists (#151896)
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | anaconda.spec | 5 | ||||
| -rw-r--r-- | loader2/selinux.c | 24 |
3 files changed, 31 insertions, 4 deletions
@@ -1,3 +1,9 @@ +2005-03-23 Jeremy Katz <katzj@redhat.com> + + * anaconda.spec: Bump version. + + * loader2/selinux.c: Load SELinux booleans file if it exists (#151896) + 2005-03-14 Jeremy Katz <katzj@redhat.com> * anaconda.spec: Bump version. diff --git a/anaconda.spec b/anaconda.spec index c7a951837..be83318d1 100644 --- a/anaconda.spec +++ b/anaconda.spec @@ -1,6 +1,6 @@ ExcludeArch: ppc64 Name: anaconda -Version: 10.1.1.16 +Version: 10.1.1.17 Release: 1 License: GPL Summary: Graphical system installer @@ -74,6 +74,9 @@ rm -rf $RPM_BUILD_ROOT /sbin/chkconfig --del reconfig >/dev/null 2>&1 || : %changelog +* Wed Mar 23 2005 Jeremy Katz <katzj@redhat.com> - 10.1.1.17-1 +- Load SElinux booleans file if it exists (#151896) + * Mon Mar 14 2005 Chris Lumens <clumens@redhat.com> - 10.1.1.16-1 - Fix typo in Xvnc parameters (#150498). diff --git a/loader2/selinux.c b/loader2/selinux.c index 41ecb84c8..b32c7d01c 100644 --- a/loader2/selinux.c +++ b/loader2/selinux.c @@ -51,12 +51,17 @@ static char * getpolicyver() { } int loadpolicy() { - char * ver, * fn; + char * ver, * fn, * bfn; char *paths[] = { "/tmp/updates", "/mnt/source/RHupdates", "/mnt/runtime/etc/selinux/targeted/policy", "/mnt/runtime/etc/security/selinux", NULL }; + char *bpaths[] = { "/tmp/updates", + "/mnt/source/RHupdates", + "/mnt/runtime/etc/selinux/targeted", + "/mnt/runtime/etc/security/selinux", + NULL }; int i, pid, status; ver = getpolicyver(); @@ -73,6 +78,15 @@ int loadpolicy() { } } + bfn = malloc(128); + bfn = memset(bfn, 0, 128); + for (i = 0; paths[i]; i++) { + snprintf(bfn, 128, "%s/booleans", (char *) bpaths[i]); + if (!access(bfn, R_OK)) { + break; + } + } + if (access(fn, R_OK)) { logMessage("Unable to load suitable SELinux policy"); return -1; @@ -81,8 +95,12 @@ int loadpolicy() { logMessage("Loading SELinux policy from %s", fn); if (!(pid = fork())) { setenv("LD_LIBRARY_PATH", LIBPATH, 1); - execl("/usr/sbin/load_policy", - "/usr/sbin/load_policy", "-q", fn, NULL); + if (access(bfn, R_OK)) + execl("/usr/sbin/load_policy", + "/usr/sbin/load_policy", "-q", fn, NULL); + else + execl("/usr/sbin/load_policy", + "/usr/sbin/load_policy", "-q", "-b", fn, bfn, NULL); logMessage("exec of load_policy failed: %s", strerror(errno)); exit(1); } |