[openssh] Do not change context when run under unconfined_t
Jan F. Chadima
jfch2222 at fedoraproject.org
Thu Jul 21 13:04:06 UTC 2011
commit ca6abddd0f192d574e5ac74dcf8314b30f2aed5b
Author: Jan F. Chadima <jfch at eglon.jagda.eu>
Date: Thu Jul 21 14:52:34 2011 +0200
Do not change context when run under unconfined_t
openssh-5.8p2-unconfined.patch | 15 +++++++++++++++
1 files changed, 15 insertions(+), 0 deletions(-)
---
diff --git a/openssh-5.8p2-unconfined.patch b/openssh-5.8p2-unconfined.patch
new file mode 100644
index 0000000..79079d7
--- /dev/null
+++ b/openssh-5.8p2-unconfined.patch
@@ -0,0 +1,15 @@
+diff -up openssh-5.8p2/openbsd-compat/port-linux.c.unconfined openssh-5.8p2/openbsd-compat/port-linux.c
+--- openssh-5.8p2/openbsd-compat/port-linux.c.unconfined 2011-07-21 12:23:53.912418908 +0200
++++ openssh-5.8p2/openbsd-compat/port-linux.c 2011-07-21 13:33:14.188545403 +0200
+@@ -491,6 +491,11 @@ ssh_selinux_change_context(const char *n
+ return;
+ }
+
++ if (!strncmp(cx, ":unconfined_t:", strlen(":unconfined_t:"))) {
++ debug3("%s: do not change unconfined_t", __func__);
++ return;
++ }
++
+ newlen = strlen(oldctx) + strlen(newname) + 1;
+ newctx = xmalloc(newlen);
+ len = cx - oldctx + 1;
More information about the scm-commits
mailing list