RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-01-17 10:50:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
241fac2728
selinux/libselinux
History
Will Woods 241fac2728 selinux_init_load_policy: setenforce(0) if security_disable() fails 
If you run selinux_init_load_policy() after a chroot/switch-root, it's
possible that your *previous* root loaded policy, but your *new* root
wants SELinux disabled.

We can't disable SELinux in this case, but we *do* need to make sure
it's permissive. Otherwise we may continue to enforce the old policy.

So, if seconfig = -1, but security_disable() fails, we set *enforce=0,
and then let the existing code handle the security_{get,set}enforce
stuff.

Once that's handled, exit with failure via "goto noload", as before.
2014-05-07 15:24:35 -04:00
..
include Get rid of security_context_t and fix const declarations. 2014-02-19 16:11:48 -05:00
man Get rid of security_context_t and fix const declarations. 2014-02-19 16:11:48 -05:00
src selinux_init_load_policy: setenforce(0) if security_disable() fails 2014-05-07 15:24:35 -04:00
utils Get rid of security_context_t and fix const declarations. 2014-02-19 16:11:48 -05:00
ChangeLog Bump version and update ChangeLog for release. 2014-05-06 13:30:27 -04:00
LICENSE initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
Makefile libselinux: Refactor rpm_execcon() into a new setexecfilecon() 2014-01-06 14:06:03 -05:00
VERSION Bump version and update ChangeLog for release. 2014-05-06 13:30:27 -04:00