diff options
author | Jonathan Billings <jsbillin@umich.edu> | 2013-08-21 14:36:23 -0400 |
---|---|---|
committer | Sol Jerome <sol.jerome@gmail.com> | 2013-08-22 11:11:33 -0500 |
commit | 1f0fa73a04a68146cbe3527d5748b82bdb4e5b1e (patch) | |
tree | 1de464e16a4b5c1601562512e47989fd5c18d679 | |
parent | 1c54466ff7d6a2673453042164b8a14cf4fb577d (diff) | |
download | bcfg2-1f0fa73a04a68146cbe3527d5748b82bdb4e5b1e.tar.gz bcfg2-1f0fa73a04a68146cbe3527d5748b82bdb4e5b1e.tar.bz2 bcfg2-1f0fa73a04a68146cbe3527d5748b82bdb4e5b1e.zip |
SELinux: Update the matchpathcon function to use the file's mode
If you don't supply a mode to the selinux.matchpathcon() function, it
fails to properly look up the context in some circumstances related to
context patterns in the SELinux policy. This change looks up the mode
and supplies it to the function.
(cherry picked from commit 20a2c9a8fb6c6ecbed259b5deccb01c01bf3304f)
-rw-r--r-- | src/lib/Bcfg2/Client/Tools/POSIX/base.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/Bcfg2/Client/Tools/POSIX/base.py b/src/lib/Bcfg2/Client/Tools/POSIX/base.py index fb5d06e54..1e73d4f11 100644 --- a/src/lib/Bcfg2/Client/Tools/POSIX/base.py +++ b/src/lib/Bcfg2/Client/Tools/POSIX/base.py @@ -525,7 +525,8 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): if entry.get("secontext") == "__default__": try: wanted_secontext = \ - selinux.matchpathcon(path, 0)[1].split(":")[2] + selinux.matchpathcon( + path, ondisk[stat.ST_MODE])[1].split(":")[2] except OSError: errors.append("%s has no default SELinux context" % entry.get("name")) |