Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: William Hubbs <williamh@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/openrc:master commit in: src/rc/
Date: Fri, 02 Nov 2018 23:24:43
Message-Id: 1541200931.ee3c4afdb75b98cd472b7ffbb46adc9d8a1e1b15.williamh@OpenRC
1 commit: ee3c4afdb75b98cd472b7ffbb46adc9d8a1e1b15
2 Author: William Hubbs <w.d.hubbs <AT> gmail <DOT> com>
3 AuthorDate: Fri Nov 2 23:22:11 2018 +0000
4 Commit: William Hubbs <williamh <AT> gentoo <DOT> org>
5 CommitDate: Fri Nov 2 23:22:11 2018 +0000
6 URL: https://gitweb.gentoo.org/proj/openrc.git/commit/?id=ee3c4afd
7
8 openrc-init: add SELinux support
9
10 This is for #173.
11
12 src/rc/openrc-init.c | 30 ++++++++++++++++++++++++++++++
13 1 file changed, 30 insertions(+)
14
15 diff --git a/src/rc/openrc-init.c b/src/rc/openrc-init.c
16 index e557c63d..c57a3b06 100644
17 --- a/src/rc/openrc-init.c
18 +++ b/src/rc/openrc-init.c
19 @@ -31,6 +31,10 @@
20 #include <sys/reboot.h>
21 #include <sys/wait.h>
22
23 +#ifdef HAVE_SELINUX
24 +# include <selinux/selinux.h>
25 +#endif
26 +
27 #include "helpers.h"
28 #include "rc.h"
29 #include "rc-wtmp.h"
30 @@ -161,10 +165,36 @@ int main(int argc, char **argv)
31 bool reexec = false;
32 sigset_t signals;
33 struct sigaction sa;
34 +#ifdef HAVE_SELINUX
35 + int enforce = 0;
36 +#endif
37
38 if (getpid() != 1)
39 return 1;
40
41 +#ifdef HAVE_SELINUX
42 + if (getenv("SELINUX_INIT") == NULL) {
43 + if (is_selinux_enabled() != 1) {
44 + if (selinux_init_load_policy(&enforce) == 0) {
45 + putenv("SELINUX_INIT=YES");
46 + execv(argv[0], argv);
47 + } else {
48 + if (enforce > 0) {
49 + /*
50 + * SELinux in enforcing mode but load_policy failed
51 + * At this point, we probably can't open /dev/console,
52 + * so log() won't work
53 + */
54 + fprintf(stderr,"Unable to load SELinux Policy.\n");
55 + fprintf(stderr,"Machine is in enforcing mode.\n");
56 + fprintf(stderr,"Halting now.\n");
57 + exit(1);
58 + }
59 + }
60 + }
61 + }
62 +#endif
63 +
64 printf("OpenRC init version %s starting\n", VERSION);
65
66 if (argc > 1)
Report Message
Find on MARC Find on Google Groups