lib/, src/: add SELinux control flag in gr_unlock()

Expand gr_unlock() interface to add a control flag for SELinux file
context processing.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

diff --git a/lib/cleanup_group.c b/lib/cleanup_group.c
index 51e215f815e0a3f4a9c80b5caff3faf175e26d6d..29013a0b221715c9b246850eea53ad8c2864a5a7 100644 (file)
--- a/lib/cleanup_group.c
+++ b/lib/cleanup_group.c
@@ -181,7 +181,7 @@ void cleanup_report_del_group_gshadow (void *group_name)
  */
 void cleanup_unlock_group (MAYBE_UNUSED void *arg)
 {
-       if (gr_unlock () == 0) {
+       if (gr_unlock (true) == 0) {
                fprintf (log_get_logfd(),
                         _("%s: failed to unlock %s\n"),
                         log_get_progname(), gr_dbname ());

diff --git a/lib/groupio.c b/lib/groupio.c
index b47d26fc003674e512ec41ced754b99e35320ffb..b9ef5285417498216b746b0513845a5356d58071 100644 (file)
--- a/lib/groupio.c
+++ b/lib/groupio.c
@@ -190,9 +190,9 @@ int gr_close (bool process_selinux)
        return commonio_close (&group_db, process_selinux);
 }
 
-int gr_unlock (void)
+int gr_unlock (bool process_selinux)
 {
-       return commonio_unlock (&group_db, true);
+       return commonio_unlock (&group_db, process_selinux);
 }
 
 void __gr_set_changed (void)

diff --git a/lib/groupio.h b/lib/groupio.h
index ef9242d04840e5a8f2315c76c027f435786f7e69..eae13cd30b837fb71c7939e02336191376538ee0 100644 (file)
--- a/lib/groupio.h
+++ b/lib/groupio.h
@@ -26,7 +26,7 @@ extern /*@observer@*/ /*@null@*/const struct group *gr_next (void);
 extern int gr_open (int mode);
 extern int gr_remove (const char *name);
 extern int gr_rewind (void);
-extern int gr_unlock (void);
+extern int gr_unlock (bool process_selinux);
 extern int gr_update (const struct group *gr);
 extern int gr_sort (void);
 

diff --git a/src/chgpasswd.c b/src/chgpasswd.c
index e510ecd7a8150dd74a71a1cee5add13edd69a02f..4b18b43e2d776ee5d95a6859ea79a8e6bd761cfb 100644 (file)
--- a/src/chgpasswd.c
+++ b/src/chgpasswd.c
@@ -83,7 +83,7 @@ static void close_files (void);
 static void fail_exit (int code)
 {
        if (gr_locked) {
-               if (gr_unlock () == 0) {
+               if (gr_unlock (true) == 0) {
                        fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                        SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                        /* continue */
@@ -405,7 +405,7 @@ static void close_files (void)
                SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
                fail_exit (1);
        }
-       if (gr_unlock () == 0) {
+       if (gr_unlock (true) == 0) {
                fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                /* continue */

diff --git a/src/groupmems.c b/src/groupmems.c
index 7e302018f7be1b7e4777486fa4e048bc56dd1108..ca3d270652c6f63bcbe590f93a2b1d99f83c873e 100644 (file)
--- a/src/groupmems.c
+++ b/src/groupmems.c
@@ -458,7 +458,7 @@ static void check_perms (void)
 static void fail_exit (int code)
 {
        if (gr_locked) {
-               if (gr_unlock () == 0) {
+               if (gr_unlock (true) == 0) {
                        fprintf (stderr,
                                 _("%s: failed to unlock %s\n"),
                                 Prog, gr_dbname ());
@@ -529,7 +529,7 @@ static void close_files (void)
                fail_exit (EXIT_GROUP_FILE);
        }
        if (gr_locked) {
-               if (gr_unlock () == 0) {
+               if (gr_unlock (true) == 0) {
                        fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                        SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                        /* continue */

diff --git a/src/grpck.c b/src/grpck.c
index e086c3067fb338236d1190eb7e1b81be08571b83..26293b9f0cbea1f57fba974d38a8baf020c11bf4 100644 (file)
--- a/src/grpck.c
+++ b/src/grpck.c
@@ -96,7 +96,7 @@ static void check_sgr_file (bool *errors, bool *changed);
 static void fail_exit (int status)
 {
        if (gr_locked) {
-               if (gr_unlock () == 0) {
+               if (gr_unlock (true) == 0) {
                        fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                        SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                        /* continue */
@@ -353,7 +353,7 @@ static void close_files (bool changed)
        }
 #endif
        if (gr_locked) {
-               if (gr_unlock () == 0) {
+               if (gr_unlock (true) == 0) {
                        fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                        SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                        /* continue */

diff --git a/src/grpconv.c b/src/grpconv.c
index 82dbe73d3e540584e01925d373ca8df960097b0d..bc4c6f5188423269e89fc29af25f8df39d59e5ad 100644 (file)
--- a/src/grpconv.c
+++ b/src/grpconv.c
@@ -57,7 +57,7 @@ static void process_flags (int argc, char **argv);
 static void fail_exit (int status)
 {
        if (gr_locked) {
-               if (gr_unlock () == 0) {
+               if (gr_unlock (true) == 0) {
                        fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                        SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                        /* continue */
@@ -254,7 +254,7 @@ int main (int argc, char **argv)
                SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
                /* continue */
        }
-       if (gr_unlock () == 0) {
+       if (gr_unlock (true) == 0) {
                fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                /* continue */

diff --git a/src/grpunconv.c b/src/grpunconv.c
index abea1d4e64431c3499da3a5f31169793b8699c74..487f9479570d31d75cd3f8bf7c58e1022d9017c8 100644 (file)
--- a/src/grpunconv.c
+++ b/src/grpunconv.c
@@ -56,7 +56,7 @@ static void process_flags (int argc, char **argv);
 static void fail_exit (int status)
 {
        if (gr_locked) {
-               if (gr_unlock () == 0) {
+               if (gr_unlock (true) == 0) {
                        fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                        SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                        /* continue */
@@ -210,7 +210,7 @@ int main (int argc, char **argv)
                fail_exit (3);
        }
 
-       if (gr_unlock () == 0) {
+       if (gr_unlock (true) == 0) {
                fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                /* continue */

diff --git a/src/newusers.c b/src/newusers.c
index 961085a33f33d99f295a9bd3804e1ba57d9d53f2..8fbd3dbe99963c5a9734659dd499c8cea1483f88 100644 (file)
--- a/src/newusers.c
+++ b/src/newusers.c
@@ -180,7 +180,7 @@ static void fail_exit (int code)
                }
        }
        if (gr_locked) {
-               if (gr_unlock () == 0) {
+               if (gr_unlock (true) == 0) {
                        fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                        SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                        /* continue */
@@ -992,7 +992,7 @@ static void close_files (void)
        }
 #endif                         /* ENABLE_SUBIDS */
 
-       if (gr_unlock () == 0) {
+       if (gr_unlock (true) == 0) {
                fprintf (stderr,
                         _("%s: failed to unlock %s\n"),
                         Prog, gr_dbname ());

diff --git a/src/useradd.c b/src/useradd.c
index 66f4ca66efc7b1b0be529fc56f6bced9f7f4ef69..52091d816011b4261e2559669d3deb6eb2a8890a 100644 (file)
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -273,7 +273,7 @@ static void fail_exit (int code)
                SYSLOG((LOG_ERR, "failed to unlock %s", pw_dbname()));
                /* continue */
        }
-       if (gr_locked && gr_unlock() == 0) {
+       if (gr_locked && gr_unlock(true) == 0) {
                fprintf(stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname());
                SYSLOG((LOG_ERR, "failed to unlock %s", gr_dbname()));
                /* continue */
@@ -1688,7 +1688,7 @@ static void close_group_files (void)
  */
 static void unlock_group_files (void)
 {
-       if (gr_unlock () == 0) {
+       if (gr_unlock (true) == 0) {
                fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
 #ifdef WITH_AUDIT

diff --git a/src/userdel.c b/src/userdel.c
index a74eea662ed74032cf60331f16086c160fc0d215..b34177ef8cd2757c995a1fda853831541074bf3e 100644 (file)
--- a/src/userdel.c
+++ b/src/userdel.c
@@ -423,7 +423,7 @@ static void close_files (void)
                SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
                fail_exit (E_GRP_UPDATE);
        }
-       if (gr_unlock () == 0) {
+       if (gr_unlock (true) == 0) {
                fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                /* continue */
@@ -492,7 +492,7 @@ static void fail_exit (int code)
                }
        }
        if (gr_locked) {
-               if (gr_unlock () == 0) {
+               if (gr_unlock (true) == 0) {
                        fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                        SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                        /* continue */

diff --git a/src/usermod.c b/src/usermod.c
index 15c0f26dcf5555bda1c610c8eba00da691aae381..dd2d965e55796ba3f3258bc5f110b7419a820483 100644 (file)
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -635,7 +635,7 @@ static void
 fail_exit (int code)
 {
        if (gr_locked) {
-               if (gr_unlock () == 0) {
+               if (gr_unlock (true) == 0) {
                        fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
                        SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
                        /* continue */
@@ -1525,7 +1525,7 @@ static void close_files (void)
                        }
                }
 #endif
-               if (gr_unlock () == 0) {
+               if (gr_unlock (true) == 0) {
                        fprintf (stderr,
                                 _("%s: failed to unlock %s\n"),
                                 Prog, gr_dbname ());