diff options
| author | Jeremy Katz <katzj@redhat.com> | 2004-04-14 23:05:39 +0000 |
|---|---|---|
| committer | Jeremy Katz <katzj@redhat.com> | 2004-04-14 23:05:39 +0000 |
| commit | eb9d994255ae2d2979f12529bfd62ed3e4981eee (patch) | |
| tree | d38f2bb6b27a883b1f05724dee9c803d294e3d23 | |
| parent | 4c7775d7fa6c761cf16a7c2aa3775f21c01a306d (diff) | |
| download | anaconda-eb9d994255ae2d2979f12529bfd62ed3e4981eee.tar.gz anaconda-eb9d994255ae2d2979f12529bfd62ed3e4981eee.tar.xz anaconda-eb9d994255ae2d2979f12529bfd62ed3e4981eee.zip | |
make selinux a little bit more of an opt-in
| -rw-r--r-- | loader2/loader.c | 8 | ||||
| -rw-r--r-- | loader2/loader.h | 5 |
2 files changed, 8 insertions, 5 deletions
diff --git a/loader2/loader.c b/loader2/loader.c index bd34b64e8..f2e47f4c9 100644 --- a/loader2/loader.c +++ b/loader2/loader.c @@ -551,7 +551,9 @@ static int parseCmdLineFlags(int flags, struct loaderData_s * loaderData, else if (!strncasecmp(argv[i], "allowcddma", 10)) flags |= LOADER_FLAGS_ENABLECDDMA; else if (!strncasecmp(argv[i], "selinux=0", 9)) - flags |= LOADER_FLAGS_NOSELINUX; + flags &= ~LOADER_FLAGS_SELINUX; + else if (!strncasecmp(argv[i], "selinux", 7)) + flags |= LOADER_FLAGS_SELINUX; else if (numExtraArgs < (MAX_EXTRA_ARGS - 1)) { /* go through and append args we just want to pass on to */ /* the anaconda script, but don't want to represent as a */ @@ -1348,14 +1350,14 @@ int main(int argc, char ** argv) { /* now load SELinux policy before exec'ing anaconda (unless we've * specified not to */ - if (!FL_NOSELINUX(flags)) { + if (FL_SELINUX(flags)) { if (mount("/selinux", "/selinux", "selinuxfs", 0, NULL)) { logMessage("failed to mount /selinux: %s", strerror(errno)); } else { if (loadpolicy() == 0) { setexeccon(ANACONDA_CONTEXT); } else { - flags |= LOADER_FLAGS_NOSELINUX; + flags &= ~LOADER_FLAGS_SELINUX; } } } diff --git a/loader2/loader.h b/loader2/loader.h index 10b424219..e692f9f0b 100644 --- a/loader2/loader.h +++ b/loader2/loader.h @@ -34,7 +34,7 @@ #define LOADER_FLAGS_GRAPHICAL (1 << 29) /* FIXME: this should go away */ #define LOADER_FLAGS_ENABLECDDMA (1 << 13) -#define LOADER_FLAGS_NOSELINUX (1 << 14) +#define LOADER_FLAGS_SELINUX (1 << 14) #define FL_TESTING(a) ((a) & LOADER_FLAGS_TESTING) #define FL_EXPERT(a) ((a) & LOADER_FLAGS_EXPERT) @@ -65,7 +65,8 @@ #define FL_CMDLINE(a) ((a) & LOADER_FLAGS_CMDLINE) /* FIXME: this should go away */ #define FL_ENABLECDDMA(a) ((a) & LOADER_FLAGS_ENABLECDDMA) -#define FL_NOSELINUX(a) ((a) & LOADER_FLAGS_NOSELINUX) +#define FL_NOSELINUX(a) ((a) & ~LOADER_FLAGS_SELINUX) +#define FL_SELINUX(a) ((a) & LOADER_FLAGS_SELINUX) void startNewt(int flags); |