Bug#851933: udev: /lib/udev/hwdb.bin gets wrong SE Linux label
Michael Biebl
biebl at debian.org
Wed May 31 23:34:36 BST 2017
Am 31.05.2017 um 19:32 schrieb Michael Biebl:
> The selinux context should be set by label_fix:
> https://github.com/systemd/systemd/blob/master/src/hwdb/hwdb.c#L682
>
> I haven't debugged yet, why that doesn't work for --usr.
I have a better picture now what's going on/wrong:
https://github.com/systemd/systemd/blob/master/src/hwdb/hwdb.c#L673
This computes the path to the cache file:
hwdb_bin = strjoin(arg_root, "/", arg_hwdb_bin_dir, "/hwdb.bin");
The result is //lib/udev/hwdb.bin, note the double //
This path is passed to mac_selinux_fix() in
https://github.com/systemd/systemd/blob/master/src/basic/selinux-util.c#L122
I supposed either selabel_lookup_raw() or lsetfilecon_raw() doesn't
properly deal with the double //.
If I change the strjoin to omit the "/", the context is applied correctly.
Afaics, this looks like a libselinux bug to me. It should properly deal
with paths that have double //.
Laurent, Russel, should we reassign this to libselinux?
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20170601/9c695d83/attachment-0002.sig>
More information about the Pkg-systemd-maintainers
mailing list