summaryrefslogtreecommitdiff
path: root/src/core/selinux-access.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2022-07-12 16:23:02 +0200
committerLennart Poettering <lennart@poettering.net>2022-07-20 19:09:24 +0200
commit62f174cf1f0c8382b23c178b8ccf5bd353ff57e3 (patch)
tree3492c15e64e5bbe2a6d12322c68962900982f80b /src/core/selinux-access.c
parent23e9a7dde519694120a493c8600c2168456e8a4f (diff)
downloadsystemd-62f174cf1f0c8382b23c178b8ccf5bd353ff57e3.tar.gz
selinux: include precise low-level error string in returned D-Bus errors
Diffstat (limited to 'src/core/selinux-access.c')
-rw-r--r--src/core/selinux-access.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
index 878dea13f1..848ae246a7 100644
--- a/src/core/selinux-access.c
+++ b/src/core/selinux-access.c
@@ -240,7 +240,7 @@ int mac_selinux_access_check_internal(
if (!enforce)
return 0;
- return sd_bus_error_set(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get current context.");
+ return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get current context: %m");
}
acon = fcon;
@@ -259,10 +259,10 @@ int mac_selinux_access_check_internal(
r = selinux_check_access(scon, acon, tclass, permission, &audit_info);
if (r < 0) {
- r = errno_or_else(EPERM);
+ errno = -(r = errno_or_else(EPERM));
if (enforce)
- sd_bus_error_set(error, SD_BUS_ERROR_ACCESS_DENIED, "SELinux policy denies access.");
+ sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "SELinux policy denies access: %m");
}
log_full_errno_zerook(LOG_DEBUG, r,
View Lorry Controller Status