* NEWS, src/userdel.c: Fixed SE Linux support. semanage should be

called at the end. * src/useradd.c: Always call selinux_update_mapping() (i.e. semanage), not only when -Z is used.
2009-04-15 21:14:08 +00:00 · 2009-04-15 21:14:08 +00:00 · 4d2bee2e23
commit 4d2bee2e23
parent a24058d660
4 changed files with 24 additions and 16 deletions
--- a/7
+++ b/7
@ -1,3 +1,10 @@
+2009-04-15  Peter Vrabec <pvrabec@redhat.com>
+
+	* NEWS, src/userdel.c: Fixed SE Linux support. semanage should be
+	called at the end.
+	* src/useradd.c: Always call selinux_update_mapping() (i.e.
+	semanage), not only when -Z is used.
+
 2009-04-15  Peter Vrabec <pvrabec@redhat.com>

 	* NEWS, srclib/getlong.c: Fix parsing of octal numbers.
--- a/6
+++ b/6
@ -8,12 +8,14 @@ shadow-4.1.3 -> shadow-4.1.3.1						2009-04-15
  weirdly). Only shadow-4.1.3 was affected.

 *** general
+- login
+  * Fix regression when no user is specified on the command line.
+- userdel
+  * Fixed SE Linux support
 - vipw
  * SE Linux: Set the default context to the context of the file being
    edited. This ensures that the backup file inherit from the file's
    context.
- login
-  * Fix regression when no user is specified on the command line.

 shadow-4.1.2.2 -> shadow-4.1.3						2009-04-12

--- a/src/useradd.c
+++ b/src/useradd.c
@ -2010,9 +2010,7 @@ int main (int argc, char **argv)
 	close_files ();

 #ifdef WITH_SELINUX
-	if (Zflg) {
-		selinux_update_mapping ();
-	}
+	selinux_update_mapping ();
 #endif

 	nscd_flush_cache ("passwd");
--- a/src/userdel.c
+++ b/src/userdel.c
@ -797,17 +797,6 @@ int main (int argc, char **argv)
 	audit_help_open ();
 #endif

-#ifdef WITH_SELINUX
-	if (is_selinux_enabled () > 0) {
-		const char *args[5];
-		args[0] = "/usr/sbin/semanage";
-		args[1] = "login";
-		args[2] = "-d";
-		args[3] = user_name;
-		args[4] = NULL;
-		safe_system (args[0], args, NULL, 1);
-	}
-#endif
 	/*
 	 * Get my name so that I can use it to report errors.
 	 */
@ -1010,6 +999,18 @@ int main (int argc, char **argv)
 	}
 #endif

+#ifdef WITH_SELINUX
+	if (is_selinux_enabled () > 0) {
+		const char *args[5];
+		args[0] = "/usr/sbin/semanage";
+		args[1] = "login";
+		args[2] = "-d";
+		args[3] = user_name;
+		args[4] = NULL;
+		safe_system (args[0], args, NULL, 1);
+	}
+#endif
+
 	/*
 	 * Cancel any crontabs or at jobs. Have to do this before we remove
 	 * the entry from /etc/passwd.