[PATCH] mdev - add SELinux support
Amadeusz Sławiński
amade at asmblr.net
Sun Jan 19 16:23:09 UTC 2014
Add support for relabeling files. Files created or modified by mdev
should now have correct SELinux labels.
---
util-linux/mdev.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/util-linux/mdev.c b/util-linux/mdev.c
index e80b58f..c8ef48d 100644
--- a/util-linux/mdev.c
+++ b/util-linux/mdev.c
@@ -759,6 +759,19 @@ static void make_device(char *device_name, char *path, int operation)
}
if (mknod(node_name, rule->mode | type, makedev(major, minor)) && errno != EEXIST)
bb_perror_msg("can't create '%s'", node_name);
+
+#if ENABLE_SELINUX
+ /* relabel file, don't care if it existed before or was just created */
+ if (is_selinux_enabled()) {
+ security_context_t scontext = NULL;
+ char *node_path = xasprintf("/dev/%s", node_name);
+
+ if (matchpathcon(node_path, rule->mode | type, &scontext) == 0)
+ setfilecon(node_path, scontext);
+ freecon(scontext);
+ }
+#endif
+
if (ENABLE_FEATURE_MDEV_CONF) {
chmod(node_name, rule->mode);
chown(node_name, rule->ugid.uid, rule->ugid.gid);
--
1.8.5.3
More information about the busybox
mailing list