diff options
Diffstat (limited to 'loader2/selinux.c')
-rw-r--r-- | loader2/selinux.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/loader2/selinux.c b/loader2/selinux.c index 41ecb84c8..b32c7d01c 100644 --- a/loader2/selinux.c +++ b/loader2/selinux.c @@ -51,12 +51,17 @@ static char * getpolicyver() { } int loadpolicy() { - char * ver, * fn; + char * ver, * fn, * bfn; char *paths[] = { "/tmp/updates", "/mnt/source/RHupdates", "/mnt/runtime/etc/selinux/targeted/policy", "/mnt/runtime/etc/security/selinux", NULL }; + char *bpaths[] = { "/tmp/updates", + "/mnt/source/RHupdates", + "/mnt/runtime/etc/selinux/targeted", + "/mnt/runtime/etc/security/selinux", + NULL }; int i, pid, status; ver = getpolicyver(); @@ -73,6 +78,15 @@ int loadpolicy() { } } + bfn = malloc(128); + bfn = memset(bfn, 0, 128); + for (i = 0; paths[i]; i++) { + snprintf(bfn, 128, "%s/booleans", (char *) bpaths[i]); + if (!access(bfn, R_OK)) { + break; + } + } + if (access(fn, R_OK)) { logMessage("Unable to load suitable SELinux policy"); return -1; @@ -81,8 +95,12 @@ int loadpolicy() { logMessage("Loading SELinux policy from %s", fn); if (!(pid = fork())) { setenv("LD_LIBRARY_PATH", LIBPATH, 1); - execl("/usr/sbin/load_policy", - "/usr/sbin/load_policy", "-q", fn, NULL); + if (access(bfn, R_OK)) + execl("/usr/sbin/load_policy", + "/usr/sbin/load_policy", "-q", fn, NULL); + else + execl("/usr/sbin/load_policy", + "/usr/sbin/load_policy", "-q", "-b", fn, bfn, NULL); logMessage("exec of load_policy failed: %s", strerror(errno)); exit(1); } |