Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5f7b017f authored by Stephen Smalley's avatar Stephen Smalley Committed by William Roberts
Browse files

Update ueventd set the SELinux context on sysfs 



This change enables labeling of dynamically created sysfs nodes
with specific SELinux security contexts.

Change-Id: If8b8d66120453123c1371ce063b6f20e8b96b6ef
Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
parent f5562cb6

init/devices.c

+9 −0
Original line number Diff line number Diff line
@@ -127,6 +127,7 @@ void fixup_sys_perms(const char *upath) 
    char buf[512];

    struct listnode *node;

    struct perms_ *dp;

    char *secontext;



        /* upaths omit the "/sys" that paths in this list

         * contain, so we add 4 when comparing...
@@ -148,6 +149,14 @@ void fixup_sys_perms(const char *upath) 
        INFO("fixup %s %d %d 0%o\n", buf, dp->uid, dp->gid, dp->perm);

        chown(buf, dp->uid, dp->gid);

        chmod(buf, dp->perm);

        if (sehandle) {

            secontext = NULL;

            selabel_lookup(sehandle, &secontext, buf, 0);

            if (secontext) {

                setfilecon(buf, secontext);

                freecon(secontext);

           }

        }

    }

}