[libselinux/f15/master] Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Apr 5 15:25:45 UTC 2011
commit ec9f86f97cd8d6ab902ce32da2ce48c01986ed5d
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Apr 5 11:25:33 2011 -0400
Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data
libselinux-rhat.patch | 32 +++++++++++++++++++++++++++++++-
libselinux.spec | 8 +++++++-
2 files changed, 38 insertions(+), 2 deletions(-)
---
diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index 3d82ce6..0377168 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -174,8 +174,38 @@ index b245364..7c47222 100644
va_start(ap, fmt);
rc = vfprintf(stderr, fmt, ap);
va_end(ap);
+diff --git a/libselinux/src/load_policy.c b/libselinux/src/load_policy.c
+index 36ce029..83d2143 100644
+--- a/libselinux/src/load_policy.c
++++ b/libselinux/src/load_policy.c
+@@ -329,7 +329,7 @@ int selinux_init_load_policy(int *enforce)
+ selinux_getenforcemode(&seconfig);
+
+ /* Check for an override of the mode via the kernel command line. */
+- rc = mount("none", "/proc", "proc", 0, 0);
++ rc = mount("proc", "/proc", "proc", 0, 0);
+ cfg = fopen("/proc/cmdline", "r");
+ if (cfg) {
+ char *tmp;
+@@ -369,7 +369,7 @@ int selinux_init_load_policy(int *enforce)
+ * Check for the existence of SELinux via selinuxfs, and
+ * mount it if present for use in the calls below.
+ */
+- if (mount("none", SELINUXMNT, "selinuxfs", 0, 0) < 0 && errno != EBUSY) {
++ if (mount("selinuxfs", SELINUXMNT, "selinuxfs", 0, 0) < 0 && errno != EBUSY) {
+ if (errno == ENODEV) {
+ /*
+ * SELinux was disabled in the kernel, either
+@@ -398,6 +398,7 @@ int selinux_init_load_policy(int *enforce)
+ if (rc == 0) {
+ /* Successfully disabled, so umount selinuxfs too. */
+ umount(SELINUXMNT);
++ fini_selinuxmnt();
+ }
+ /*
+ * If we failed to disable, SELinux will still be
diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c
-index bb4eb9f..c9ae42f 100644
+index f3e45af..2f3c16a 100644
--- a/libselinux/src/matchpathcon.c
+++ b/libselinux/src/matchpathcon.c
@@ -2,6 +2,7 @@
diff --git a/libselinux.spec b/libselinux.spec
index 81cd4cb..11075b5 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -7,7 +7,7 @@
Summary: SELinux library and simple utilities
Name: libselinux
Version: 2.0.99
-Release: 1%{?dist}
+Release: 3%{?dist}
License: Public Domain
Group: System Environment/Libraries
Source: http://www.nsa.gov/research/selinux/%{name}-%{version}.tgz
@@ -236,6 +236,12 @@ exit 0
%{ruby_sitearch}/selinux.so
%changelog
+* Tue Apr 5 2011 Dan Walsh <dwalsh at redhat.com> - 2.0.99-3
+- Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data
+
+* Fri Apr 1 2011 Dan Walsh <dwalsh at redhat.com> - 2.0.99-2
+- Change mount source options to use "proc" and "selinuxfs"
+
* Tue Mar 1 2011 Dan Walsh <dwalsh at redhat.com> - 2.0.99-1
- Update to upstream
* Turn off default user handling when computing user contexts by Dan Walsh
More information about the scm-commits
mailing list