9ec39d0745
Signed-off-by: Xin Shi <shixin21@huawei.com> (cherry picked from commit decc956d9cea842432cea9e6d6f03e520b9b9414)
37 lines
1.1 KiB
Diff
37 lines
1.1 KiB
Diff
From eae8bc192e19dbdce118bf7b936befb3953a21ea Mon Sep 17 00:00:00 2001
|
|
From: Xin Shi <shixin21@huawei.com>
|
|
Date: Thu, 24 Aug 2023 09:34:46 +0800
|
|
Subject: [PATCH 3/5] add support to relabel systemd process for embedded
|
|
|
|
Signed-off-by: Xin Shi <shixin21@huawei.com>
|
|
---
|
|
src/core/selinux-setup.c | 5 +++++
|
|
1 file changed, 5 insertions(+)
|
|
|
|
diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c
|
|
index 2bafbee..74e2a2f 100644
|
|
--- a/src/core/selinux-setup.c
|
|
+++ b/src/core/selinux-setup.c
|
|
@@ -6,6 +6,7 @@
|
|
|
|
#if HAVE_SELINUX
|
|
#include <selinux/selinux.h>
|
|
+#include <selinux/restorecon.h>
|
|
#endif
|
|
|
|
#include "log.h"
|
|
@@ -68,6 +69,10 @@ int mac_selinux_setup(bool *loaded_policy) {
|
|
|
|
mac_selinux_retest();
|
|
|
|
+ int ret = selinux_restorecon(SYSTEMD_BINARY_PATH, 0);
|
|
+ if (ret != 0)
|
|
+ log_warning("Failed to relabel %s, errno=%d.", SYSTEMD_BINARY_PATH, errno);
|
|
+
|
|
/* Transition to the new context */
|
|
r = mac_selinux_get_create_label_from_exe(SYSTEMD_BINARY_PATH, &label);
|
|
if (r < 0 || !label) {
|
|
--
|
|
2.27.0
|
|
|