mkswap: selinux support by KaiGai Kohei <kaigai@ak.jp.nec.com>
authorDenis Vlasenko <vda.linux@googlemail.com>
Fri, 19 Oct 2007 21:49:48 +0000 (21:49 -0000)
committerDenis Vlasenko <vda.linux@googlemail.com>
Fri, 19 Oct 2007 21:49:48 +0000 (21:49 -0000)
util-linux/mkswap.c

index af4cc10f74732453628c420673b7018558a4f6c5..8e1fbc38460d666223e0ed60b1a0c8acbd601c63 100644 (file)
@@ -8,6 +8,48 @@
 
 #include "libbb.h"
 
+#if ENABLE_SELINUX
+static void mkswap_selinux_setcontext(int fd, const char *path)
+{
+       struct stat stbuf;
+
+       if (!is_selinux_enabled())
+               return;
+
+       if (fstat(fd, &stbuf) < 0)
+               bb_perror_msg_and_die("fstat failed");
+       if (S_ISREG(stbuf.st_mode)) {
+               security_context_t newcon;
+               security_context_t oldcon = NULL;
+               context_t context;
+
+               if (fgetfilecon_raw(fd, &oldcon) < 0) {
+                       if (errno != ENODATA)
+                               goto error;
+                       if (matchpathcon(path, stbuf.st_mode, &oldcon) < 0)
+                               goto error;
+               }
+               context = context_new(oldcon);
+               if (!context || context_type_set(context, "swapfile_t"))
+                       goto error;
+               newcon = context_str(context);
+               if (!newcon)
+                       goto error;
+               if (strcmp(oldcon, newcon) != 0 && fsetfilecon_raw(fd, newcon) < 0)
+                       goto error;
+               if (ENABLE_FEATURE_CLEAN_UP) {
+                       context_free(context);
+                       freecon(oldcon);
+               }
+       }
+       return;
+ error:
+       bb_perror_msg_and_die("SELinux relabeling failed");
+}
+#else
+#define mkswap_selinux_setcontext(fd, path) ((void)0)
+#endif
+
 int mkswap_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
 int mkswap_main(int argc, char **argv)
 {
@@ -26,6 +68,7 @@ int mkswap_main(int argc, char **argv)
        pagesize = getpagesize();
        printf("Setting up swapspace version 1, size = %"OFF_FMT"d bytes\n",
                        len - pagesize);
+       mkswap_selinux_setcontext(fd, argv[1]);
 
        // Make a header.
 
@@ -38,7 +81,7 @@ int mkswap_main(int argc, char **argv)
 
        xlseek(fd, 1024, SEEK_SET);
        xwrite(fd, hdr, sizeof(hdr));
-       xlseek(fd, pagesize-10, SEEK_SET);
+       xlseek(fd, pagesize - 10, SEEK_SET);
        xwrite(fd, "SWAPSPACE2", 10);
        fsync(fd);