lib/: add SELinux control flag in cleanup_unlock_*()

Expand cleanup_unlock_passwd(), cleanup_unlock_shadow(),
cleanup_unlock_group() and cleanup_unlock_gshadow() interfaces to add a
control flag for SELinux file context processing.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

diff --git a/lib/cleanup_group.c b/lib/cleanup_group.c
index a65260cc3e285043f6da724ab716ccfb1c16621b..7811413744fcd2e0e74d31aac7b304f0a7bc05f1 100644 (file)
--- a/lib/cleanup_group.c
+++ b/lib/cleanup_group.c
@@ -179,9 +179,11 @@ void cleanup_report_del_group_gshadow (void *group_name)
  *
  * It should be registered after the group file is successfully locked.
  */
-void cleanup_unlock_group (MAYBE_UNUSED void *arg)
+void cleanup_unlock_group (void *process_selinux)
 {
-       if (gr_unlock (true) == 0) {
+       bool process = *((bool *) process_selinux);
+
+       if (gr_unlock (process) == 0) {
                fprintf (log_get_logfd(),
                         _("%s: failed to unlock %s\n"),
                         log_get_progname(), gr_dbname ());
@@ -199,9 +201,11 @@ void cleanup_unlock_group (MAYBE_UNUSED void *arg)
  *
  * It should be registered after the gshadow file is successfully locked.
  */
-void cleanup_unlock_gshadow (MAYBE_UNUSED void *arg)
+void cleanup_unlock_gshadow (void *process_selinux)
 {
-       if (sgr_unlock (true) == 0) {
+       bool process = *((bool *) process_selinux);
+
+       if (sgr_unlock (process) == 0) {
                fprintf (log_get_logfd(),
                         _("%s: failed to unlock %s\n"),
                         log_get_progname(), sgr_dbname ());

diff --git a/lib/cleanup_user.c b/lib/cleanup_user.c
index 16fa3f375c0c4bc09a81da026731c3f99ae48091..38eb8279a060431f3ac1704d91108b94766add8c 100644 (file)
--- a/lib/cleanup_user.c
+++ b/lib/cleanup_user.c
@@ -96,9 +96,11 @@ void cleanup_report_add_user_shadow (void *user_name)
  *
  * It should be registered after the passwd database is successfully locked.
  */
-void cleanup_unlock_passwd (MAYBE_UNUSED void *arg)
+void cleanup_unlock_passwd (void *process_selinux)
 {
-       if (pw_unlock (true) == 0) {
+       bool process = *((bool *) process_selinux);
+
+       if (pw_unlock (process) == 0) {
                fprintf (log_get_logfd(),
                         _("%s: failed to unlock %s\n"),
                         log_get_progname(), pw_dbname ());
@@ -115,9 +117,11 @@ void cleanup_unlock_passwd (MAYBE_UNUSED void *arg)
  *
  * It should be registered after the shadow database is successfully locked.
  */
-void cleanup_unlock_shadow (MAYBE_UNUSED void *arg)
+void cleanup_unlock_shadow (void *process_selinux)
 {
-       if (spw_unlock (true) == 0) {
+       bool process = *((bool *) process_selinux);
+
+       if (spw_unlock (process) == 0) {
                fprintf (log_get_logfd(),
                         _("%s: failed to unlock %s\n"),
                         log_get_progname(), spw_dbname ());

diff --git a/lib/prototypes.h b/lib/prototypes.h
index b5e18e52beffd8d9a5bc424332652874e7c76c7e..537001f5e479d8711fcc9cb8a654ca44bc6ee35b 100644 (file)
--- a/lib/prototypes.h
+++ b/lib/prototypes.h
@@ -94,11 +94,11 @@ void cleanup_report_del_group_gshadow (void *group_name);
 void cleanup_report_mod_passwd (void *cleanup_info);
 void cleanup_report_mod_group (void *cleanup_info);
 void cleanup_report_mod_gshadow (void *cleanup_info);
-void cleanup_unlock_group (/*@null@*/void *MAYBE_UNUSED);
+void cleanup_unlock_group (void *process_selinux);
 #ifdef SHADOWGRP
-void cleanup_unlock_gshadow (/*@null@*/void *MAYBE_UNUSED);
+void cleanup_unlock_gshadow (void *process_selinux);
 #endif
-void cleanup_unlock_passwd (/*@null@*/void *MAYBE_UNUSED);
+void cleanup_unlock_passwd (void *process_selinux);
 
 /* console.c */
 extern bool console (const char *);