search for: secclass_chr_file

Displaying 2 results from an estimated 2 matches for "secclass_chr_file".

2015 Oct 22
3
[Bug 2482] New: SELinux integration
.../bugzilla.mindrot.org/attachment.cgi?id=2733&action=edit selinux patches (1 - 4) Our bugzilla [1] was another impulse to review SELinux integration in openssh and preferably contribute the changes back to upstream in some understandable format after the years: 1) Usage of hard-coded constant (SECCLASS_CHR_FILE) is not advised anymore, we should use string_to_security_class instead. This is related to removal of selinux/flash header file. [2] 2) The second part is about context handling. We get new context as exec context, from PAM or from ssh_selinux_setup_exec_context. We can't (and don't want...
2004 Sep 07
0
Please review openssh patch for selinux
...L, old_tty_context=NULL; + + user_context=selinux_get_user_context(name); + + if (getfilecon(tty, &old_tty_context) < 0) { + error("getfilecon(%.100s) failed: %.100s", tty, strerror(errno)); + } else { + if (security_compute_relabel(user_context,old_tty_context, + SECCLASS_CHR_FILE, + &new_tty_context) != 0) { + error("security_compute_relabel(%.100s) failed: %.100s", tty, + strerror(errno)); + } else { + if (setfilecon (tty, new_tty_context) != 0) + error("setfilecon(%.100s, %s) failed: %.100s", + tty, new_tty...