diff options
Diffstat (limited to 'debian/patches/0006-402_cppw_selinux.patch')
| -rw-r--r-- | debian/patches/0006-402_cppw_selinux.patch | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/debian/patches/0006-402_cppw_selinux.patch b/debian/patches/0006-402_cppw_selinux.patch new file mode 100644 index 0000000..d258b0d --- /dev/null +++ b/debian/patches/0006-402_cppw_selinux.patch @@ -0,0 +1,69 @@ +From: Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org> +Date: Mon, 4 Jun 2012 01:37:48 +0000 +Subject: 402_cppw_selinux + +Fix: + +Status wrt upstream: cppw is not available upstream. + The patch was made based on the + 302_vim_selinux_support patch. It needs to be + reviewed by an SE-Linux aware person. + +Depends on 401_cppw_src.dpatch +--- + src/cppw.c | 28 ++++++++++++++++++++++++++++ + 1 file changed, 28 insertions(+) + +diff --git a/src/cppw.c b/src/cppw.c +index beb4c36..2cbbbc0 100644 +--- a/src/cppw.c ++++ b/src/cppw.c +@@ -34,6 +34,9 @@ + #include <sys/types.h> + #include <signal.h> + #include <utime.h> ++#ifdef WITH_SELINUX ++#include <selinux/selinux.h> ++#endif /* WITH_SELINUX */ + #include "exitcodes.h" + #include "prototypes.h" + #include "pwio.h" +@@ -139,6 +142,22 @@ static void cppwcopy (const char *file, + if (access (file, F_OK) != 0) { + cppwexit (file, 1, 1); + } ++#ifdef WITH_SELINUX ++ /* if SE Linux is enabled then set the context of all new files ++ * to be the context of the file we are editing */ ++ if (is_selinux_enabled () > 0) { ++ security_context_t passwd_context=NULL; ++ int ret = 0; ++ if (getfilecon (file, &passwd_context) < 0) { ++ cppwexit (_("Couldn't get file context"), errno, 1); ++ } ++ ret = setfscreatecon (passwd_context); ++ freecon (passwd_context); ++ if (0 != ret) { ++ cppwexit (_("setfscreatecon () failed"), errno, 1); ++ } ++ } ++#endif /* WITH_SELINUX */ + if (file_lock () == 0) { + cppwexit (_("Couldn't lock file"), 0, 5); + } +@@ -167,6 +186,15 @@ static void cppwcopy (const char *file, + cppwexit (NULL,0,1); + } + ++#ifdef WITH_SELINUX ++ /* unset the fscreatecon */ ++ if (is_selinux_enabled () > 0) { ++ if (setfscreatecon (NULL)) { ++ cppwexit (_("setfscreatecon() failed"), errno, 1); ++ } ++ } ++#endif /* WITH_SELINUX */ ++ + (*file_unlock) (); + } + |