emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

useradd: check MLS enablement before setting serange Resolves: https://github.com/shadow-maint/shadow/issues/552

Browse Source
This commit is contained in:
genBTC 2022-08-23 10:25:51 -04:00 committed by Serge Hallyn
parent cfc981df2a
commit 23634d8de7
1 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
lib/semanage.c
View File

@ -122,12 +122,14 @@ static int semanage_user_mod (semanage_handle_t *handle,
goto done;
}
ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
if (ret != 0) {
fprintf (shadow_logfd,
_("Could not set serange for %s\n"), login_name);
ret = 1;
goto done;
if (semanage_mls_enabled(handle)) {
ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
if (ret != 0) {
fprintf (shadow_logfd,
_("Could not set serange for %s\n"), login_name);
ret = 1;
goto done;
}
}
ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
@ -179,13 +181,14 @@ static int semanage_user_add (semanage_handle_t *handle,
goto done;
}
ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
if (ret != 0) {
fprintf (shadow_logfd,
_("Could not set serange for %s\n"),
login_name);
ret = 1;
goto done;
if (semanage_mls_enabled(handle)) {
ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
if (ret != 0) {
fprintf (shadow_logfd,
_("Could not set serange for %s\n"), login_name);
ret = 1;
goto done;
}
}
ret = semanage_seuser_set_sename (handle, seuser, seuser_name);