packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

checkout: don't apply SELinux labeling in user mode 

If the user requested a user checkout, we don't want to set the SELinux
label xattr.

Closes: #903
Approved by: cgwalters
This commit is contained in:
Jonathan Lebon 2017-06-02 10:06:50 -04:00 committed by Atomic Bot
parent c651982929
commit 3ec2b5773e
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/libostree/ostree-repo-checkout.c
View File

@ -261,14 +261,14 @@ create_file_copy_from_input_at (OstreeRepo *repo,
&tmpf, error)) &tmpf, error))
return FALSE; return FALSE;
if (sepolicy_enabled) if (sepolicy_enabled && options->mode != OSTREE_REPO_CHECKOUT_MODE_USER)
{ {
g_autofree char *label = NULL; g_autofree char *label = NULL;
if (!ostree_sepolicy_get_label (options->sepolicy, if (!ostree_sepolicy_get_label (options->sepolicy, state->selabel_path_buf->str,
state->selabel_path_buf->str,
g_file_info_get_attribute_uint32 (file_info, "unix::mode"), g_file_info_get_attribute_uint32 (file_info, "unix::mode"),
&label, cancellable, error)) &label, cancellable, error))
return FALSE; return FALSE;
if (fsetxattr (tmpf.fd, "security.selinux", label, strlen (label), 0) < 0) if (fsetxattr (tmpf.fd, "security.selinux", label, strlen (label), 0) < 0)
return glnx_throw_errno_prefix (error, "Setting security.selinux"); return glnx_throw_errno_prefix (error, "Setting security.selinux");
} }