diff options
| author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2009-09-04 23:50:35 +0000 |
|---|---|---|
| committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2009-09-04 23:50:35 +0000 |
| commit | 9938544706154aa7849596f68204d152aa564154 (patch) | |
| tree | e50f3c9935ee51654eac8b565111f9eff008e1e8 /options.c | |
| parent | fb7aa54a4573c013dcf3e39bacd8c5d03b66b610 (diff) | |
| download | openvpn-9938544706154aa7849596f68204d152aa564154.tar.gz openvpn-9938544706154aa7849596f68204d152aa564154.tar.xz openvpn-9938544706154aa7849596f68204d152aa564154.zip | |
Added "setcon" directive for interoperability with SELinux
(Sebastien Raveau).
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4932 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'options.c')
| -rw-r--r-- | options.c | 13 |
1 files changed, 13 insertions, 0 deletions
@@ -265,6 +265,9 @@ static const char usage_message[] = "--user user : Set UID to user after initialization.\n" "--group group : Set GID to group after initialization.\n" "--chroot dir : Chroot to this directory after initialization.\n" +#ifdef HAVE_SETCON + "--setcon context: Apply this SELinux context after initialization.\n" +#endif "--cd dir : Change to this directory before initialization.\n" "--daemon [name] : Become a daemon after initialization.\n" " The optional 'name' parameter will be passed\n" @@ -1216,6 +1219,9 @@ show_settings (const struct options *o) SHOW_STR (groupname); SHOW_STR (chroot_dir); SHOW_STR (cd_dir); +#ifdef HAVE_SETCON + SHOW_STR (selinux_context); +#endif SHOW_STR (writepid); SHOW_STR (up_script); SHOW_STR (down_script); @@ -3710,6 +3716,13 @@ add_option (struct options *options, } options->cd_dir = p[1]; } +#ifdef HAVE_SETCON + else if (streq (p[0], "setcon") && p[1]) + { + VERIFY_PERMISSION (OPT_P_GENERAL); + options->selinux_context = p[1]; + } +#endif else if (streq (p[0], "writepid") && p[1]) { VERIFY_PERMISSION (OPT_P_GENERAL); |