Use matchpathcon mode parameterold-dm_v1_01_03dm_v1_01_03

4 files changed, 12 insertions, 10 deletions

diff --git a/WHATS_NEW_DM b/WHATS_NEW_DM
index d47a653dd..cca2e24fb 100644
--- a/WHATS_NEW_DM
+++ b/WHATS_NEW_DM
@@ -1,5 +1,6 @@
-Version 1.01.03 - 10 Jun 2005
+Version 1.01.03 - 13 Jun 2005
 =============================
+  Use matchpathcon mode parameter.
   Fix configure script to re-enable selinux.
 
 Version 1.01.02 - 17 May 2005
diff --git a/libdm/ioctl/libdm-iface.c b/libdm/ioctl/libdm-iface.c
index 471ca851a..cd1cd6f09 100644
--- a/libdm/ioctl/libdm-iface.c
+++ b/libdm/ioctl/libdm-iface.c
@@ -219,7 +219,7 @@ static int _create_control(const char *control, uint32_t major, uint32_t minor)
 	}
 
 #ifdef HAVE_SELINUX
-        if (!set_selinux_context(control)) {
+        if (!set_selinux_context(control, S_IFCHR)) {
                 stack;
                 return 0;
         }
diff --git a/libdm/libdm-common.c b/libdm/libdm-common.c
index 7f50fa255..f08ae6630 100644
--- a/libdm/libdm-common.c
+++ b/libdm/libdm-common.c
@@ -200,27 +200,28 @@ int dm_task_add_target(struct dm_task *dmt, uint64_t start, uint64_t size,
 }
 
 #ifdef HAVE_SELINUX
-int set_selinux_context(const char *path)
+int set_selinux_context(const char *path, mode_t mode)
 {
 	security_context_t scontext;
 
 	if (is_selinux_enabled() <= 0)
 		return 1;
 
-	if (matchpathcon(path, 0, &scontext) < 0) {
-		log_error("%s: matchpathcon failed: %s", path, strerror(errno));
+	if (matchpathcon(path, mode, &scontext) < 0) {
+		log_error("%s: matchpathcon %07o failed: %s", path, mode,
+			  strerror(errno));
 		return 0;
 	}
 
-	log_debug("Setting SELinux context for %s to %s", path, scontext);
+	log_debug("Setting SELinux context for %s to %s.", path, scontext);
 
 	if ((lsetfilecon(path, scontext) < 0) && (errno != ENOTSUP)) {
 		log_error("%s: lsetfilecon failed: %s", path, strerror(errno));
-		free(scontext);
+		freecon(scontext);
 		return 0;
 	}
 
-	free(scontext);
+	freecon(scontext);
 	return 1;
 }
 #endif
@@ -266,7 +267,7 @@ static int _add_dev_node(const char *dev_name, uint32_t major, uint32_t minor,
 	}
 
 #ifdef HAVE_SELINUX
-	if (!set_selinux_context(path))
+	if (!set_selinux_context(path, S_IFBLK))
 		return 0;
 #endif
 
diff --git a/libdm/libdm-common.h.in b/libdm/libdm-common.h.in
index 5129e4576..c2ae54380 100644
--- a/libdm/libdm-common.h.in
+++ b/libdm/libdm-common.h.in
@@ -28,7 +28,7 @@ int rm_dev_node(const char *dev_name);
 int rename_dev_node(const char *old_name, const char *new_name);
 void update_devs(void);
 
-int set_selinux_context(const char *path);
+int set_selinux_context(const char *path, mode_t mode);
 
 #define DM_LIB_VERSION @DM_LIB_VERSION@