RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2024-12-14 10:05:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

libselinux: do not check fcontext duplicates on use

Browse Source 
Tools like restorecon or systemd, which load the fcontext database to
make labeling decisions do not need to check for duplicate rules.  Only
the first rule will be used.  Instead we should only check for
duplicates when new rules are added to the database.  And fail the
transaction if we find one.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
This commit is contained in:
Eric Paris 2011-06-28 21:37:38 -04:00
parent 874bac80bb
commit 4f621a1686
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libselinux/src/label_file.c
View File

@ -485,7 +485,7 @@ static int init(struct selabel_handle *rec, struct selinux_opt *opts,
pass, ++lineno) != 0)
goto finish;
}
if (pass == 1) {
if (pass == 1 && rec->validating) {
status = nodups_specs(data, path);
if (status)
goto finish;