From: Christian Göttsche Date: Fri, 10 Jul 2020 19:48:02 +0000 (+0200) Subject: selinux: create standard user-runtime nodes with default context X-Git-Tag: v246-rc2~92^2~1 X-Git-Url: http://git-history.diyao.me/?a=commitdiff_plain;h=8d9cbd809db492df9d94c0c664bd0d2e53416531;p=systemd%2F.git selinux: create standard user-runtime nodes with default context Currently systemd-user-runtime-dir does not create the files in /run/user/$UID/systemd/inaccessible with the default SELinux label. The user and role part of these labels should be based on the user related to $UID and not based on the process context of systemd-user-runtime-dir. Since v246-rc1 (9664be199af6) /run/user/$UID/systemd is also created by systemd-user-runtime-dir and should also be created with the default SELinux context. --- diff --git a/src/shared/dev-setup.c b/src/shared/dev-setup.c index 6a280cde01..7641909c1b 100644 --- a/src/shared/dev-setup.c +++ b/src/shared/dev-setup.c @@ -103,9 +103,9 @@ int make_inaccessible_nodes( return log_oom(); if (S_ISDIR(table[i].mode)) - r = mkdir(path, table[i].mode & 07777); + r = mkdir_label(path, table[i].mode & 07777); else - r = mknod(path, table[i].mode, makedev(0, 0)); + r = mknod_label(path, table[i].mode, makedev(0, 0)); if (r < 0) { if (errno != EEXIST) log_debug_errno(errno, "Failed to create '%s', ignoring: %m", path);