]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from: 61f3e89)
selinux: add trigger for policy reload to refresh internal selabel cache
authorChristian Göttsche <cgzones@googlemail.com>
Mon, 6 Jan 2020 14:27:23 +0000 (15:27 +0100)
committerChristian Göttsche <cgzones@googlemail.com>
Tue, 3 Mar 2020 19:25:49 +0000 (20:25 +0100)
Reload the internal selabel cache automatically on SELinux policy reloads so non pid-1 daemons are participating.

Run the reload function `mac_selinux_reload()` not manually on daemon-reload, but rather pass it as callback to libselinux.
Trigger the callback prior usage of the systemd internal selabel cache by depleting the selinux netlink socket via `avc_netlink_check_nb()`.

Improves: a9dfac21ec85 ("core: reload SELinux label cache on daemon-reload")
Improves: #13363


No differences found
Unnamed repository; edit this file 'description' to name the repository.