diff options
| author | djm <djm> | 2010-03-26 00:04:09 +0000 |
|---|---|---|
| committer | djm <djm> | 2010-03-26 00:04:09 +0000 |
| commit | 7c6d0cc0c2c34c616a460776b249c8643973e5e5 (patch) | |
| tree | 65f6630ab0d22d8590d027d0468346c4badf313f /session.c | |
| parent | 072d9a35a6d5cff769d22cbb6e3fe7d4adb58d40 (diff) | |
| download | openssh-7c6d0cc0c2c34c616a460776b249c8643973e5e5.tar.gz | |
- (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms -
set up SELinux execution context before chroot() call. From Russell
Coker via Colin watson; bz#1726 ok dtucker@
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 8 |
1 files changed, 4 insertions, 4 deletions
@@ -1551,6 +1551,10 @@ do_setusercontext(struct passwd *pw) } #endif /* HAVE_SETPCRED */ +#ifdef WITH_SELINUX + ssh_selinux_setup_exec_context(pw->pw_name); +#endif + if (options.chroot_directory != NULL && strcasecmp(options.chroot_directory, "none") != 0) { tmp = tilde_expand_filename(options.chroot_directory, @@ -1575,10 +1579,6 @@ do_setusercontext(struct passwd *pw) if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); - -#ifdef WITH_SELINUX - ssh_selinux_setup_exec_context(pw->pw_name); -#endif } static void |