On Thu, 21.08.14 12:58, WaLyong Cho ([email protected]) wrote: > If selinux is disabled and smack is only enabled, smack label is > relable-ed by label_fix. To avoid, make only be labeled for selinux. > --- > src/udev/udev-node.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c > index 6a9788b..00ade2c 100644 > --- a/src/udev/udev-node.c > +++ b/src/udev/udev-node.c > @@ -314,8 +314,8 @@ static int node_permissions_apply(struct udev_device > *dev, bool apply, > } > > /* set the defaults */ > - if (!selinux) > - label_fix(devnode, true, false); > + if (!selinux && use_selinux()) > + mac_selinux_fix(devnode, true, false);
Shouldn't mac_selinux_fix() simply become a NOP returning ENOTSUP if selinux is disabled? Then, we can just invoke it here always, with no ill effects... > if (!smack) > mac_smack_path(devnode, NULL); > } Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
