libsemanage: only try to compile file contexts if they exist

It is not a requirement that all file context files exists (e.g.
file_contexts.local is not mandatory). However, sefcontext_compile is
executed for all file contexts files regardless of existance, which
results in an error when they do not exist and causes policy load to
fail. This modifies libsemanage so that sefcontext_compile is only
executed on file contexts that do exist.

Signed-off-by: Steve Lawrence <slawrence@tresys.com>
This commit is contained in:
Steve Lawrence 2014-05-20 16:05:32 -04:00
parent c74516b5a3
commit fa095ad7a1

View File

@ -1081,6 +1081,11 @@ int semanage_split_fc(semanage_handle_t * sh)
static int sefcontext_compile(semanage_handle_t * sh, const char *path) {
int r;
if (access(path, F_OK) != 0) {
return 0;
}
if ((r = semanage_exec_prog(sh, sh->conf->sefcontext_compile, path, "")) != 0) {
ERR(sh, "sefcontext_compile returned error code %d. Compiling %s", r, path);
return -1;