[libselinux/f15/master] Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data

Daniel J Walsh dwalsh at fedoraproject.org
Tue Apr 5 15:25:45 UTC 2011 

commit ec9f86f97cd8d6ab902ce32da2ce48c01986ed5d
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Tue Apr 5 11:25:33 2011 -0400

    Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data

 libselinux-rhat.patch |   32 +++++++++++++++++++++++++++++++-
 libselinux.spec       |    8 +++++++-
 2 files changed, 38 insertions(+), 2 deletions(-)
---
diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index 3d82ce6..0377168 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -174,8 +174,38 @@ index b245364..7c47222 100644
  	va_start(ap, fmt);
  	rc = vfprintf(stderr, fmt, ap);
  	va_end(ap);
+diff --git a/libselinux/src/load_policy.c b/libselinux/src/load_policy.c
+index 36ce029..83d2143 100644
+--- a/libselinux/src/load_policy.c
++++ b/libselinux/src/load_policy.c
+@@ -329,7 +329,7 @@ int selinux_init_load_policy(int *enforce)
+ 	selinux_getenforcemode(&seconfig);
+ 
+ 	/* Check for an override of the mode via the kernel command line. */
+-	rc = mount("none", "/proc", "proc", 0, 0);
++	rc = mount("proc", "/proc", "proc", 0, 0);
+ 	cfg = fopen("/proc/cmdline", "r");
+ 	if (cfg) {
+ 		char *tmp;
+@@ -369,7 +369,7 @@ int selinux_init_load_policy(int *enforce)
+ 	 * Check for the existence of SELinux via selinuxfs, and 
+ 	 * mount it if present for use in the calls below.  
+ 	 */
+-	if (mount("none", SELINUXMNT, "selinuxfs", 0, 0) < 0 && errno != EBUSY) {
++	if (mount("selinuxfs", SELINUXMNT, "selinuxfs", 0, 0) < 0 && errno != EBUSY) {
+ 		if (errno == ENODEV) {
+ 			/*
+ 			 * SELinux was disabled in the kernel, either
+@@ -398,6 +398,7 @@ int selinux_init_load_policy(int *enforce)
+ 		if (rc == 0) {
+ 			/* Successfully disabled, so umount selinuxfs too. */
+ 			umount(SELINUXMNT);
++			fini_selinuxmnt();
+ 		}
+ 		/*
+ 		 * If we failed to disable, SELinux will still be 
 diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c
-index bb4eb9f..c9ae42f 100644
+index f3e45af..2f3c16a 100644
 --- a/libselinux/src/matchpathcon.c
 +++ b/libselinux/src/matchpathcon.c
 @@ -2,6 +2,7 @@
diff --git a/libselinux.spec b/libselinux.spec
index 81cd4cb..11075b5 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -7,7 +7,7 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 2.0.99
-Release: 1%{?dist}
+Release: 3%{?dist}
 License: Public Domain
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/research/selinux/%{name}-%{version}.tgz
@@ -236,6 +236,12 @@ exit 0
 %{ruby_sitearch}/selinux.so
 
 %changelog
+* Tue Apr 5 2011 Dan Walsh <dwalsh at redhat.com> - 2.0.99-3
+- Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data
+
+* Fri Apr 1 2011 Dan Walsh <dwalsh at redhat.com> - 2.0.99-2
+- Change mount source options to use "proc" and "selinuxfs"
+
 * Tue Mar 1 2011 Dan Walsh <dwalsh at redhat.com> - 2.0.99-1
 - Update to upstream
   * Turn off default user handling when computing user contexts by Dan Walsh

More information about the scm-commits mailing list