[PATCH] Fix problem where call involving the SELinux AVC occurs before the AVC is initialized
James Carter
jwcart2 at tycho.nsa.gov
Wed Oct 1 12:32:38 PDT 2008
This patch moves the call to bus_selinux_full_init so that it is before
the call to process_config_postinit.
---
diff --git a/bus/bus.c b/bus/bus.c
index a28a267..6255330 100644
--- a/bus/bus.c
+++ b/bus/bus.c
@@ -736,6 +736,11 @@ bus_context_new (const DBusString *config_file,
if (print_pid_pipe && _dbus_pipe_is_valid (print_pid_pipe) &&
!_dbus_pipe_is_stdout_or_stderr (print_pid_pipe))
_dbus_pipe_close (print_pid_pipe, NULL);
+
+ if (!bus_selinux_full_init ())
+ {
+ _dbus_warn ("SELinux initialization failed\n");
+ }
if (!process_config_postinit (context, parser, error))
{
@@ -765,11 +770,6 @@ bus_context_new (const DBusString *config_file,
bus_selinux_audit_init ();
#endif
}
-
- if (!bus_selinux_full_init ())
- {
- _dbus_warn ("SELinux initialization failed\n");
- }
dbus_server_free_data_slot (&server_data_slot);
--
James Carter <jwcart2 at tycho.nsa.gov>
National Security Agency
More information about the dbus
mailing list