[systemd-devel] [PATCH 2/2] udev: do NOT re-label smack
WaLyong Cho
walyong.cho at samsung.com
Tue Sep 16 19:51:46 PDT 2014
If selinux is disabled and smack is only enabled, smack label is
relable-ed by label_fix. To avoid, make only be labeled for selinux.
---
src/udev/udev-node.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c
index f46638f..3c49482 100644
--- a/src/udev/udev-node.c
+++ b/src/udev/udev-node.c
@@ -313,8 +313,8 @@ static int node_permissions_apply(struct udev_device *dev, bool apply,
}
/* set the defaults */
- if (!selinux)
- label_fix(devnode, true, false);
+ if (!selinux && use_selinux())
+ mac_selinux_fix(devnode, true, false);
if (!smack)
mac_smack_path(devnode, NULL);
}
--
1.9.3
More information about the systemd-devel
mailing list