[BACK]Return to selinux.c CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / src

Diff for /embedaddon/sudo/src/selinux.c between versions 1.1.1.2 and 1.1.1.3

version 1.1.1.2, 2012/05/29 12:26:49 version 1.1.1.3, 2013/07/22 10:46:13
Line 1 Line 1
 /*  /*
 * Copyright (c) 2009-2010 Todd C. Miller <Todd.Miller@courtesan.com> * Copyright (c) 2009-2013 Todd C. Miller <Todd.Miller@courtesan.com>
  * Copyright (c) 2008 Dan Walsh <dwalsh@redhat.com>   * Copyright (c) 2008 Dan Walsh <dwalsh@redhat.com>
  *   *
  * Borrowed heavily from newrole source code   * Borrowed heavily from newrole source code
Line 74  audit_role_change(const security_context_t old_context Line 74  audit_role_change(const security_context_t old_context
         /* Kernel may not have audit support. */          /* Kernel may not have audit support. */
         if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT          if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT
 )  )
            error(1, _("unable to open audit system"));            fatal(_("unable to open audit system"));
     } else {      } else {
         /* audit role change using the same format as newrole(1) */          /* audit role change using the same format as newrole(1) */
         easprintf(&message, "newrole: old-context=%s new-context=%s",          easprintf(&message, "newrole: old-context=%s new-context=%s",
Line 366  selinux_execve(const char *path, char *const argv[], c Line 366  selinux_execve(const char *path, char *const argv[], c
     int noexec)      int noexec)
 {  {
     char **nargv;      char **nargv;
       const char *sesh;
     int argc, serrno;      int argc, serrno;
     debug_decl(selinux_execve, SUDO_DEBUG_SELINUX)      debug_decl(selinux_execve, SUDO_DEBUG_SELINUX)
   
       sesh = sudo_conf_sesh_path();
       if (sesh == NULL) {
           warningx("internal error: sesh path not set");
           errno = EINVAL;
           debug_return;
       }
   
     if (setexeccon(se_state.new_context)) {      if (setexeccon(se_state.new_context)) {
         warning(_("unable to set exec context to %s"), se_state.new_context);          warning(_("unable to set exec context to %s"), se_state.new_context);
         if (se_state.enforcing)          if (se_state.enforcing)
Line 399  selinux_execve(const char *path, char *const argv[], c Line 407  selinux_execve(const char *path, char *const argv[], c
     memcpy(&nargv[2], &argv[1], argc * sizeof(char *)); /* copies NULL */      memcpy(&nargv[2], &argv[1], argc * sizeof(char *)); /* copies NULL */
   
     /* sesh will handle noexec for us. */      /* sesh will handle noexec for us. */
    sudo_execve(_PATH_SUDO_SESH, nargv, envp, 0);    sudo_execve(sesh, nargv, envp, 0);
     serrno = errno;      serrno = errno;
     free(nargv);      free(nargv);
     errno = serrno;      errno = serrno;
Removed from v.1.1.1.2  
changed lines
  Added in v.1.1.1.3

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>