hwdb: selinuxify a bit (#3460)

-bash-4.3# rm /etc/udev/hwdb.bin
-bash-4.3# systemd-hwdb update
-bash-4.3# ls -Z /etc/udev/hwdb.bin
system_u:object_r:systemd_hwdb_etc_t:s0 /etc/udev/hwdb.bin

Fixes: #3458

diff --git a/src/hwdb/hwdb.c b/src/hwdb/hwdb.c
index 1160dacdf1f97c31b9c6d4a757f6411c82508ac8..e12cd93d1cc310f9f09233e7c0615fec5297a139 100644 (file)
--- a/src/hwdb/hwdb.c
+++ b/src/hwdb/hwdb.c
@@ -29,7 +29,9 @@
 #include "fs-util.h"
 #include "hwdb-internal.h"
 #include "hwdb-util.h"
+#include "label.h"
 #include "mkdir.h"
+#include "selinux-util.h"
 #include "strbuf.h"
 #include "string-util.h"
 #include "strv.h"
@@ -643,12 +645,12 @@ static int hwdb_update(int argc, char *argv[], void *userdata) {
         if (!hwdb_bin)
                 return -ENOMEM;
 
-        mkdir_parents(hwdb_bin, 0755);
+        mkdir_parents_label(hwdb_bin, 0755);
         r = trie_store(trie, hwdb_bin);
         if (r < 0)
                 return log_error_errno(r, "Failure writing database %s: %m", hwdb_bin);
 
-        return 0;
+        return label_fix(hwdb_bin, false, false);
 }
 
 static void help(void) {
@@ -732,6 +734,8 @@ int main (int argc, char *argv[]) {
         if (r <= 0)
                 goto finish;
 
+        mac_selinux_init();
+
         r = hwdb_main(argc, argv);
 
 finish: