Merge branch 'dmverity' of https://github.com/bluca/util-linux

[thirdparty/util-linux.git] / libmount / src / context.c

diff --git a/libmount/src/context.c b/libmount/src/context.c
index 43a88c7c7919f167b79347bec9584abc4b05f6ef..be71764d8cafa005615566e396e082a9eb353a1f 100644 (file)
--- a/libmount/src/context.c
+++ b/libmount/src/context.c
@@ -426,6 +426,31 @@ int mnt_context_is_restricted(struct libmnt_context *cxt)
        return cxt->restricted;
 }
 
+/**
+ * mnt_context_force_unrestricted:
+ * @cxt: mount context
+ *
+ * This function is DANGEROURS as it disables all security policies in libmount.
+ * Don't use if not sure. It removes "restricted" flag from the context, so
+ * libmount will use the current context as for root user.
+ *
+ * This function is designed for case you have no any suid permissions, so you
+ * can depend on kernel.
+ *
+ * Returns: 0 on success, negative number in case of error.
+ *
+ * Since: 2.35
+ */
+int mnt_context_force_unrestricted(struct libmnt_context *cxt)
+{
+       if (mnt_context_is_restricted(cxt)) {
+               DBG(CXT, ul_debugobj(cxt, "force UNRESTRICTED"));
+               cxt->restricted = 0;
+       }
+
+       return 0;
+}
+
 /**
  * mnt_context_set_optsmode
  * @cxt: mount context
@@ -2105,7 +2130,7 @@ int mnt_context_prepare_helper(struct libmnt_context *cxt, const char *name,
                        continue;
 
                xrc = stat(helper, &st);
-               if (rc == -1 && errno == ENOENT && strchr(type, '.')) {
+               if (xrc == -1 && errno == ENOENT && strchr(type, '.')) {
                        /* If type ends with ".subtype" try without it */
                        char *hs = strrchr(helper, '.');
                        if (hs)