RepoMirrors/openssh
1
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2024-12-28 04:52:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

avoid inclusion of deprecated selinux/flask.h

Browse Source 
Use string_to_security_class() instead.
This commit is contained in:
Damien Miller 2018-02-26 12:17:22 +11:00
parent 2e39643936
commit bda709b8e1
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
openbsd-compat/port-linux.c
View File

@ -33,7 +33,6 @@
#ifdef WITH_SELINUX
#include <selinux/selinux.h>
#include <selinux/flask.h>
#include <selinux/get_context_list.h>
#ifndef SSH_SELINUX_UNCONFINED_TYPE
@ -139,6 +138,7 @@ ssh_selinux_setup_pty(char *pwname, const char *tty)
security_context_t new_tty_ctx = NULL;
security_context_t user_ctx = NULL;
security_context_t old_tty_ctx = NULL;
security_class_t chrclass;
if (!ssh_selinux_enabled())
return;
@ -153,9 +153,12 @@ ssh_selinux_setup_pty(char *pwname, const char *tty)
error("%s: getfilecon: %s", __func__, strerror(errno));
goto out;
}
if ((chrclass = string_to_security_class("chr_file")) == 0) {
error("%s: couldn't get security class for chr_file", __func__);
goto out;
}
if (security_compute_relabel(user_ctx, old_tty_ctx,
SECCLASS_CHR_FILE, &new_tty_ctx) != 0) {
chrclass, &new_tty_ctx) != 0) {
error("%s: security_compute_relabel: %s",
__func__, strerror(errno));
goto out;