diff options
author | Lennart Poettering <lennart@poettering.net> | 2022-07-12 16:23:02 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2022-07-20 19:09:24 +0200 |
commit | 62f174cf1f0c8382b23c178b8ccf5bd353ff57e3 (patch) | |
tree | 3492c15e64e5bbe2a6d12322c68962900982f80b /src/core/selinux-access.c | |
parent | 23e9a7dde519694120a493c8600c2168456e8a4f (diff) | |
download | systemd-62f174cf1f0c8382b23c178b8ccf5bd353ff57e3.tar.gz |
selinux: include precise low-level error string in returned D-Bus errors
Diffstat (limited to 'src/core/selinux-access.c')
-rw-r--r-- | src/core/selinux-access.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c index 878dea13f1..848ae246a7 100644 --- a/src/core/selinux-access.c +++ b/src/core/selinux-access.c @@ -240,7 +240,7 @@ int mac_selinux_access_check_internal( if (!enforce) return 0; - return sd_bus_error_set(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get current context."); + return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get current context: %m"); } acon = fcon; @@ -259,10 +259,10 @@ int mac_selinux_access_check_internal( r = selinux_check_access(scon, acon, tclass, permission, &audit_info); if (r < 0) { - r = errno_or_else(EPERM); + errno = -(r = errno_or_else(EPERM)); if (enforce) - sd_bus_error_set(error, SD_BUS_ERROR_ACCESS_DENIED, "SELinux policy denies access."); + sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "SELinux policy denies access: %m"); } log_full_errno_zerook(LOG_DEBUG, r, |