[patch] more SELinux initialization cleanup
walters at verbum.org
Sun Nov 7 00:24:32 PST 2004
The previous patch fixed one issue, but introduced another. Right now,
the bus converts context->sid during the config file parsing which maps
service->context. But since the avc isn't initialized yet, it can't
convert context->sid. This didn't show up in my previous testing
because my test machine wasn't labeling any services.
The bootstrapping problem here is tricky. The solution I took was to
simply not convert context->sid during config file parsing; instead, we
simply store service->context string mappings, and then later convert
context->sid after everything's initialized. This required breaking the
config file parsing into separate steps.
I also fixed a bit of code which assumed that avc_context_to_sid could
only return ENOMEM; it actually can also return EINVAL too.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 15880 bytes
Desc: not available
Url : http://freedesktop.org/pipermail/dbus/attachments/20041107/647d1dd2/dbus-selinux-init-post.bin
More information about the dbus