diff options
author | Jeremy Katz <katzj@redhat.com> | 2005-03-23 16:32:22 +0000 |
---|---|---|
committer | Jeremy Katz <katzj@redhat.com> | 2005-03-23 16:32:22 +0000 |
commit | 7c4b0854559e7db28ab0c77cd6cf71eb3ec7665e (patch) | |
tree | 415d48c2cf1d3c70d0cee901e9e81cef1ab0ff8a /loader2/selinux.c | |
parent | 415e3ef47013fa78fc5101925e17dc5b3b22982a (diff) | |
download | anaconda-7c4b0854559e7db28ab0c77cd6cf71eb3ec7665e.tar.gz anaconda-7c4b0854559e7db28ab0c77cd6cf71eb3ec7665e.tar.xz anaconda-7c4b0854559e7db28ab0c77cd6cf71eb3ec7665e.zip |
2005-03-23 Jeremy Katz <katzj@redhat.com>anaconda-10.1.1.17-1
* anaconda.spec: Bump version.
* loader2/selinux.c: Load SELinux booleans file if it exists (#151896)
Diffstat (limited to 'loader2/selinux.c')
-rw-r--r-- | loader2/selinux.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/loader2/selinux.c b/loader2/selinux.c index 41ecb84c8..b32c7d01c 100644 --- a/loader2/selinux.c +++ b/loader2/selinux.c @@ -51,12 +51,17 @@ static char * getpolicyver() { } int loadpolicy() { - char * ver, * fn; + char * ver, * fn, * bfn; char *paths[] = { "/tmp/updates", "/mnt/source/RHupdates", "/mnt/runtime/etc/selinux/targeted/policy", "/mnt/runtime/etc/security/selinux", NULL }; + char *bpaths[] = { "/tmp/updates", + "/mnt/source/RHupdates", + "/mnt/runtime/etc/selinux/targeted", + "/mnt/runtime/etc/security/selinux", + NULL }; int i, pid, status; ver = getpolicyver(); @@ -73,6 +78,15 @@ int loadpolicy() { } } + bfn = malloc(128); + bfn = memset(bfn, 0, 128); + for (i = 0; paths[i]; i++) { + snprintf(bfn, 128, "%s/booleans", (char *) bpaths[i]); + if (!access(bfn, R_OK)) { + break; + } + } + if (access(fn, R_OK)) { logMessage("Unable to load suitable SELinux policy"); return -1; @@ -81,8 +95,12 @@ int loadpolicy() { logMessage("Loading SELinux policy from %s", fn); if (!(pid = fork())) { setenv("LD_LIBRARY_PATH", LIBPATH, 1); - execl("/usr/sbin/load_policy", - "/usr/sbin/load_policy", "-q", fn, NULL); + if (access(bfn, R_OK)) + execl("/usr/sbin/load_policy", + "/usr/sbin/load_policy", "-q", fn, NULL); + else + execl("/usr/sbin/load_policy", + "/usr/sbin/load_policy", "-q", "-b", fn, bfn, NULL); logMessage("exec of load_policy failed: %s", strerror(errno)); exit(1); } |