tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

replace deprecate selinux matchpathcon function 

This function is apparently deprecated. Documentation on what is the
supposed replacement is is non-existent, so this follows the approach
glibc used https://sourceware.org/git/?p=glibc.git;a=patch;h=f278835f59

ok dtucker@
This commit is contained in:
Damien Miller 2023-07-12 11:41:19 +10:00
parent 7e8800f5d7
commit 8c7203bcee
No known key found for this signature in database
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
openbsd-compat/port-linux.c
View File

@ -34,6 +34,7 @@
#ifdef WITH_SELINUX #ifdef WITH_SELINUX
#include <selinux/selinux.h> #include <selinux/selinux.h>
#include <selinux/label.h>
#include <selinux/get_context_list.h> #include <selinux/get_context_list.h>
#ifndef SSH_SELINUX_UNCONFINED_TYPE #ifndef SSH_SELINUX_UNCONFINED_TYPE
@ -222,6 +223,7 @@ void
ssh_selinux_setfscreatecon(const char *path) ssh_selinux_setfscreatecon(const char *path)
{ {
char *context; char *context;
struct selabel_handle *shandle = NULL;
if (!ssh_selinux_enabled()) if (!ssh_selinux_enabled())
return; return;
@ -229,8 +231,13 @@ ssh_selinux_setfscreatecon(const char *path)
setfscreatecon(NULL); setfscreatecon(NULL);
return; return;
} }
if (matchpathcon(path, 0700, &context) == 0) if ((shandle = selabel_open(SELABEL_CTX_FILE, NULL, 0)) == NULL) {
debug_f("selabel_open failed");
return;
}
if (selabel_lookup(shandle, &context, path, 0700) == 0)
setfscreatecon(context); setfscreatecon(context);
selabel_close(shandle);
} }
#endif /* WITH_SELINUX */ #endif /* WITH_SELINUX */