socket_address_listen - do not rely on errno

Currently socket_address_listen() calls mac_selinux_bind() to bind a UNIX
socket and checks its return value and errno for EADDRINUSE. This is not
correct. When there's an SELinux context change made for the new socket,
bind() is not the last function called in mac_selinux_bind(). In that
case the last call is setfscreatecon() from libselinux which can change
errno as it uses access() to check if /proc/thread-self is available.
It fails on kernels before 3.17 and errno is set to ENOENT.

It's safe to check only the return value at it's set to -errno.

diff --git a/src/basic/socket-label.c b/src/basic/socket-label.c
index 35e9573aa4a69b8bfc41f9d20ff37676169aaba2..65509be901fab65c5bfe3469c203c48532e60e00 100644 (file)
--- a/src/basic/socket-label.c
+++ b/src/basic/socket-label.c
@@ -122,7 +122,7 @@ int socket_address_listen(
 
                 r = mac_selinux_bind(fd, &a->sockaddr.sa, a->size);
 
-                if (r < 0 && errno == EADDRINUSE) {
+                if (r == -EADDRINUSE) {
                         /* Unlink and try again */
                         unlink(a->sockaddr.un.sun_path);
                         r = bind(fd, &a->sockaddr.sa, a->size);