From: Karel Zak Date: Mon, 14 Dec 2020 14:44:59 +0000 (+0100) Subject: login-utils: don't use deprecated security_context_t X-Git-Tag: v2.37-rc1~223 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e522815027a821634da26a79a78a44d310e961dd;p=thirdparty%2Futil-linux.git login-utils: don't use deprecated security_context_t libselinux >= 3.1 makes security_context_t type deprecated. Let's ifdef it to avoid unwanted warnings. Signed-off-by: Karel Zak --- diff --git a/login-utils/chfn.c b/login-utils/chfn.c index 4b2b42912b..643e6ad369 100644 --- a/login-utils/chfn.c +++ b/login-utils/chfn.c @@ -442,9 +442,14 @@ int main(int argc, char **argv) access_vector_t av = get_access_vector("passwd", "chfn"); if (selinux_check_passwd_access(av) != 0) { - security_context_t user_context; +# ifdef HAVE_SELINUX_CONTEXT_T + security_context_t user_context; /* deprecated */ +# else + char *user_context; /* since libselinux >= 3.1 */ +# endif if (getprevcon(&user_context) < 0) user_context = NULL; + errx(EXIT_FAILURE, _("%s is not authorized to change " "the finger info of %s"), diff --git a/login-utils/chsh.c b/login-utils/chsh.c index 17cc9f1e08..5631c7dc3a 100644 --- a/login-utils/chsh.c +++ b/login-utils/chsh.c @@ -291,10 +291,13 @@ int main(int argc, char **argv) access_vector_t av = get_access_vector("passwd", "chsh"); if (selinux_check_passwd_access(av) != 0) { - security_context_t user_context; +# ifdef HAVE_SELINUX_CONTEXT_T + security_context_t user_context; /* deprecated */ +# else + char *user_context; /* since libselinux >= 3.1 */ +# endif if (getprevcon(&user_context) < 0) - user_context = - (security_context_t) NULL; + user_context = NULL; errx(EXIT_FAILURE, _("%s is not authorized to change the shell of %s"), diff --git a/login-utils/lslogins.c b/login-utils/lslogins.c index 773d13a953..58cb431bb2 100644 --- a/login-utils/lslogins.c +++ b/login-utils/lslogins.c @@ -132,7 +132,11 @@ struct lslogins_user { char *failed_tty; #ifdef HAVE_LIBSELINUX +# ifdef HAVE_SELINUX_CONTEXT_T security_context_t context; +# else + char *context; +# endif #endif char *homedir; char *shell; @@ -884,12 +888,8 @@ static struct lslogins_user *get_user_info(struct lslogins_control *ctl, const c break; case COL_SELINUX: #ifdef HAVE_LIBSELINUX - if (ctl->selinux_enabled) { - /* typedefs and pointers are pure evil */ - security_context_t con = NULL; - if (getcon(&con) == 0) - user->context = con; - } + if (!ctl->selinux_enabled || getcon(&user->context) != 0) + user->context = NULL; #endif break; case COL_NPROCS: diff --git a/login-utils/selinux_utils.c b/login-utils/selinux_utils.c index dfd696f3e8..c40e610be5 100644 --- a/login-utils/selinux_utils.c +++ b/login-utils/selinux_utils.c @@ -16,7 +16,11 @@ access_vector_t get_access_vector(const char *tclass, const char *op) int setupDefaultContext(char *orig_file) { if (is_selinux_enabled() > 0) { - security_context_t scontext; +#ifdef HAVE_SELINUX_CONTEXT_T + security_context_t scontext = NULL; /* deprecated */ +#else + char *scontext = NULL; /* since libselinux >= 3.1 */ +#endif if (getfilecon(orig_file, &scontext) < 0) return 1; if (setfscreatecon(scontext) < 0) { diff --git a/login-utils/sulogin.c b/login-utils/sulogin.c index bac2754cad..08c3808205 100644 --- a/login-utils/sulogin.c +++ b/login-utils/sulogin.c @@ -775,9 +775,14 @@ static void sushell(struct passwd *pwd) #ifdef HAVE_LIBSELINUX if (is_selinux_enabled() > 0) { - security_context_t scon=NULL; +# ifdef HAVE_SELINUX_CONTEXT_T + security_context_t scon = NULL; /* deprecated */ +# else + char *scon = NULL; /* since libselinux >= 3.1 */ +# endif char *seuser=NULL; char *level=NULL; + if (getseuserbyname("root", &seuser, &level) == 0) { if (get_default_context_with_level(seuser, level, 0, &scon) == 0) { if (setexeccon(scon) != 0) diff --git a/login-utils/vipw.c b/login-utils/vipw.c index dd84c01468..eef2c5e453 100644 --- a/login-utils/vipw.c +++ b/login-utils/vipw.c @@ -150,7 +150,11 @@ static void pw_write(void) #ifdef HAVE_LIBSELINUX if (is_selinux_enabled() > 0) { - security_context_t passwd_context = NULL; +# ifdef HAVE_SELINUX_CONTEXT_T + security_context_t passwd_context = NULL; /* deprecated */ +# else + char *passwd_context = NULL; /* since libselinux >= 3.1 */ +# endif int ret = 0; if (getfilecon(orig_file, &passwd_context) < 0) { warnx(_("Can't get context for %s"), orig_file);