introduce and use setfscreatecon_or_die
(patch by Yuichi Nakamura <ynakam@hitachisoft.jp>)
runcon: *yet another* fix for vda's brainfart :(
diff --git a/coreutils/install.c b/coreutils/install.c
index 1f65407..a58a23b 100644
--- a/coreutils/install.c
+++ b/coreutils/install.c
@@ -110,9 +110,7 @@
}
if (flags & OPT_SET_SECURITY_CONTEXT) {
selinux_or_die();
- if (setfscreatecon(scontext) < 0) {
- bb_error_msg_and_die("setfscreatecon(%s)", scontext); // perror?
- }
+ setfscreatecon_or_die(scontext);
use_default_selinux_context = 0;
copy_flags |= FILEUTILS_SET_SECURITY_CONTEXT;
}
diff --git a/coreutils/libcoreutils/getopt_mk_fifo_nod.c b/coreutils/libcoreutils/getopt_mk_fifo_nod.c
index 2e0c274..32fa9be 100644
--- a/coreutils/libcoreutils/getopt_mk_fifo_nod.c
+++ b/coreutils/libcoreutils/getopt_mk_fifo_nod.c
@@ -43,10 +43,7 @@
#if ENABLE_SELINUX
if (opt & 2) {
selinux_or_die();
- if (setfscreatecon(scontext)) {
- bb_error_msg_and_die("cannot set default file creation context "
- "to %s", scontext);
- }
+ setfscreatecon_or_die(scontext);
}
#endif
diff --git a/coreutils/mkdir.c b/coreutils/mkdir.c
index 93ded1d..690e4ab 100644
--- a/coreutils/mkdir.c
+++ b/coreutils/mkdir.c
@@ -62,10 +62,7 @@
#if ENABLE_SELINUX
if (opt & 4) {
selinux_or_die();
- if (setfscreatecon(scontext)) {
- bb_error_msg_and_die("cannot set default file creation context "
- "to %s", scontext);
- }
+ setfscreatecon_or_die(scontext);
}
#endif
diff --git a/include/libbb.h b/include/libbb.h
index 69652b6..401fce4 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -601,6 +601,7 @@
extern void set_current_security_context(security_context_t sid);
extern context_t set_security_context_component(security_context_t cur_context,
char *user, char *role, char *type, char *range);
+extern void setfscreatecon_or_die(security_context_t scontext);
#endif
extern void selinux_or_die(void);
extern int restricted_shell(const char *shell);
diff --git a/libbb/copy_file.c b/libbb/copy_file.c
index 6391824..07564af 100644
--- a/libbb/copy_file.c
+++ b/libbb/copy_file.c
@@ -74,7 +74,7 @@
}
} else {
if (errno == ENOTSUP || errno == ENODATA) {
- setfscreatecon(NULL);
+ setfscreatecon_or_die(NULL);
} else {
bb_perror_msg("cannot lgetfilecon %s", source);
return -1;
diff --git a/libbb/selinux_common.c b/libbb/selinux_common.c
index 70d63a4..d506f06 100644
--- a/libbb/selinux_common.c
+++ b/libbb/selinux_common.c
@@ -28,3 +28,13 @@
context_free(con);
return NULL;
}
+
+void setfscreatecon_or_die(security_context_t scontext)
+{
+ if (setfscreatecon(scontext) < 0) {
+ /* Can be NULL. All known printf implementations
+ * display "(null)", "<null>" etc */
+ bb_perror_msg_and_die("cannot set default "
+ "file creation context to %s", scontext);
+ }
+}
diff --git a/selinux/runcon.c b/selinux/runcon.c
index 24e436f..8888ccc 100644
--- a/selinux/runcon.c
+++ b/selinux/runcon.c
@@ -132,6 +132,6 @@
execvp(argv[0], argv);
- bb_perror_msg_and_die("cannot execute '%s'", command);
+ bb_perror_msg_and_die("cannot execute '%s'", argv[0]);
return 1;
}