selinux: more context settings

Signed-off-by: Harald Hoyer <harald@redhat.com>

diff --git a/udev_db.c b/udev_db.c
index 518ace9a5d9822c5e1f7bfb6e9bc70adcbae1f80..444725329f22c2de490a8d933478fa117191985d 100644 (file)
--- a/udev_db.c
+++ b/udev_db.c
@@ -144,8 +144,12 @@ int udev_db_add_device(struct udevice *udev)
         */
        if (list_empty(&udev->symlink_list) && list_empty(&udev->env_list) &&
            !udev->partitions && !udev->ignore_remove) {
+               int ret;
                dbg("nothing interesting to store, create symlink");
-               if (symlink(udev->name, filename) != 0) {
+               selinux_setfscreatecon(filename, NULL, S_IFLNK);        
+               ret = symlink(udev->name, filename);
+               selinux_resetfscreatecon();
+               if (ret != 0) {
                        err("unable to create db link '%s': %s", filename, strerror(errno));
                        return -1;
                }

diff --git a/udev_rules_parse.c b/udev_rules_parse.c
index 9e435819f0893e2969cbeb05f976f3ed21eb2ec2..d2392c36e054b144907e0c9b080e2cbc36b05ba9 100644 (file)
--- a/udev_rules_parse.c
+++ b/udev_rules_parse.c
@@ -745,7 +745,9 @@ int udev_rules_init(struct udev_rules *rules, int resolve_names)
        strlcat(filename, "/"RULES_DYN_DIR, sizeof(filename));
        if (stat(filename, &statbuf) != 0) {
                create_path(filename);
+               selinux_setfscreatecon(filename, NULL, S_IFDIR|0755);
                mkdir(filename, 0755);
+               selinux_resetfscreatecon();
        }
        add_matching_files(&dyn_list, filename, RULESFILE_SUFFIX);
 

diff --git a/udev_utils_file.c b/udev_utils_file.c
index 0ceefe17200c68bab8e08a20b0d3be2dc60834ee..9ab34705e2dd70c1d0becdc64c8db13439458273 100644 (file)
--- a/udev_utils_file.c
+++ b/udev_utils_file.c
@@ -35,6 +35,7 @@ int create_path(const char *path)
        char p[PATH_SIZE];
        char *pos;
        struct stat stats;
+       int ret;
 
        strlcpy(p, path, sizeof(p));
        pos = strrchr(p, '/');
@@ -53,8 +54,12 @@ int create_path(const char *path)
                return -1;
 
        dbg("mkdir '%s'", p);
-       if (mkdir(p, 0755) == 0)
+       selinux_setfscreatecon(p, NULL, S_IFDIR|0755);
+       ret = mkdir(p, 0755);
+       selinux_resetfscreatecon();
+       if (ret == 0)
                return 0;
+
        if (errno == EEXIST)
                if (stat(p, &stats) == 0 && (stats.st_mode & S_IFMT) == S_IFDIR)
                        return 0;

diff --git a/udevd.c b/udevd.c
index 530fc59a369a111e5465ec6a23b5bdc2bcf9df6b..7786ae6b8debba13d8c0d3ee76a44fe6aafa82e0 100644 (file)
--- a/udevd.c
+++ b/udevd.c
@@ -168,7 +168,9 @@ static void export_event_state(struct udevd_uevent_msg *msg, enum event_state st
                delete_path(filename_failed);
 
                create_path(filename);
+               selinux_setfscreatecon(filename, NULL, S_IFLNK);        
                symlink(msg->devpath, filename);
+               selinux_resetfscreatecon();
                break;
        case EVENT_FINISHED:
                if (msg->devpath_old != NULL) {