From 01a500868f3343489c8b4af08e0e352874bdb04e Mon Sep 17 00:00:00 2001
From: David Rheinsberg <david@readahead.eu>
Date: Mon, 12 Jun 2023 12:09:12 +0200
Subject: [PATCH] util/selinux: follow permissive mode

Make sure to follow the rules of enforcing/permissive mode and avoid
operation denials in permissive mode.

Reported-by: Daan De Meyer <daan.j.demeyer@gmail.com>
Signed-off-by: David Rheinsberg <david@readahead.eu>
---
 src/util/selinux.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/util/selinux.c b/src/util/selinux.c
index 4b61ec7..a72cc0a 100644
--- a/src/util/selinux.c
+++ b/src/util/selinux.c
@@ -242,7 +242,7 @@ int bus_selinux_check_own(BusSELinuxRegistry *registry,
                                  "dbus",
                                  "acquire_svc",
                                  NULL);
-        if (r < 0) {
+        if (r < 0 && bus_selinux_is_enforcing()) {
                 /*
                  * Treat unknown contexts (possibly due to policy reload)
                  * as access denied.
@@ -289,7 +289,7 @@ int bus_selinux_check_send(BusSELinuxRegistry *registry,
                                  "dbus",
                                  "send_msg",
                                  NULL);
-        if (r < 0) {
+        if (r < 0 && bus_selinux_is_enforcing()) {
                 /*
                  * Treat unknown contexts (possibly due to policy reload)
                  * as access denied.
-- 
2.33.0