summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorDenis Vlasenko <vda.linux@googlemail.com>2007-10-19 21:49:48 +0000
committerDenis Vlasenko <vda.linux@googlemail.com>2007-10-19 21:49:48 +0000
commit85ff862753be5b7b5d3855681f9234c131659b8a (patch)
tree03f108c8ef00faa5df9ba37296eac3d518347ed8
parent1a7afb48daf054d8cc9d57e8a569a6ac90acdd7d (diff)
mkswap: selinux support by KaiGai Kohei <kaigai@ak.jp.nec.com>
-rw-r--r--util-linux/mkswap.c45
1 files changed, 44 insertions, 1 deletions
diff --git a/util-linux/mkswap.c b/util-linux/mkswap.c
index af4cc10f7..8e1fbc384 100644
--- a/util-linux/mkswap.c
+++ b/util-linux/mkswap.c
@@ -8,6 +8,48 @@
#include "libbb.h"
+#if ENABLE_SELINUX
+static void mkswap_selinux_setcontext(int fd, const char *path)
+{
+ struct stat stbuf;
+
+ if (!is_selinux_enabled())
+ return;
+
+ if (fstat(fd, &stbuf) < 0)
+ bb_perror_msg_and_die("fstat failed");
+ if (S_ISREG(stbuf.st_mode)) {
+ security_context_t newcon;
+ security_context_t oldcon = NULL;
+ context_t context;
+
+ if (fgetfilecon_raw(fd, &oldcon) < 0) {
+ if (errno != ENODATA)
+ goto error;
+ if (matchpathcon(path, stbuf.st_mode, &oldcon) < 0)
+ goto error;
+ }
+ context = context_new(oldcon);
+ if (!context || context_type_set(context, "swapfile_t"))
+ goto error;
+ newcon = context_str(context);
+ if (!newcon)
+ goto error;
+ if (strcmp(oldcon, newcon) != 0 && fsetfilecon_raw(fd, newcon) < 0)
+ goto error;
+ if (ENABLE_FEATURE_CLEAN_UP) {
+ context_free(context);
+ freecon(oldcon);
+ }
+ }
+ return;
+ error:
+ bb_perror_msg_and_die("SELinux relabeling failed");
+}
+#else
+#define mkswap_selinux_setcontext(fd, path) ((void)0)
+#endif
+
int mkswap_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
int mkswap_main(int argc, char **argv)
{
@@ -26,6 +68,7 @@ int mkswap_main(int argc, char **argv)
pagesize = getpagesize();
printf("Setting up swapspace version 1, size = %"OFF_FMT"d bytes\n",
len - pagesize);
+ mkswap_selinux_setcontext(fd, argv[1]);
// Make a header.
@@ -38,7 +81,7 @@ int mkswap_main(int argc, char **argv)
xlseek(fd, 1024, SEEK_SET);
xwrite(fd, hdr, sizeof(hdr));
- xlseek(fd, pagesize-10, SEEK_SET);
+ xlseek(fd, pagesize - 10, SEEK_SET);
xwrite(fd, "SWAPSPACE2", 10);
fsync(fd);