[patch] more SELinux initialization cleanup
Havoc Pennington
hp at redhat.com
Sun Nov 7 08:07:02 PST 2004
Hi,
Looks OK to me, but be sure to run "make check" and that it still
passes...
Havoc
On Sun, 2004-11-07 at 03:24 -0500, Colin Walters wrote:
> Hi,
>
> The previous patch fixed one issue, but introduced another. Right now,
> the bus converts context->sid during the config file parsing which maps
> service->context. But since the avc isn't initialized yet, it can't
> convert context->sid. This didn't show up in my previous testing
> because my test machine wasn't labeling any services.
>
> The bootstrapping problem here is tricky. The solution I took was to
> simply not convert context->sid during config file parsing; instead, we
> simply store service->context string mappings, and then later convert
> context->sid after everything's initialized. This required breaking the
> config file parsing into separate steps.
>
> I also fixed a bit of code which assumed that avc_context_to_sid could
> only return ENOMEM; it actually can also return EINVAL too.
>
More information about the dbus
mailing list