From: Iker Pedrosa Date: Tue, 20 May 2025 12:02:16 +0000 (+0200) Subject: lib/: add SELinux control flag in cleanup_unlock_*() X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=db1e4e36317eef52fc8980fd8b45ca45edc2fc59;p=thirdparty%2Fshadow.git lib/: add SELinux control flag in cleanup_unlock_*() Expand cleanup_unlock_passwd(), cleanup_unlock_shadow(), cleanup_unlock_group() and cleanup_unlock_gshadow() interfaces to add a control flag for SELinux file context processing. Signed-off-by: Iker Pedrosa --- diff --git a/lib/cleanup_group.c b/lib/cleanup_group.c index a65260cc3..781141374 100644 --- a/lib/cleanup_group.c +++ b/lib/cleanup_group.c @@ -179,9 +179,11 @@ void cleanup_report_del_group_gshadow (void *group_name) * * It should be registered after the group file is successfully locked. */ -void cleanup_unlock_group (MAYBE_UNUSED void *arg) +void cleanup_unlock_group (void *process_selinux) { - if (gr_unlock (true) == 0) { + bool process = *((bool *) process_selinux); + + if (gr_unlock (process) == 0) { fprintf (log_get_logfd(), _("%s: failed to unlock %s\n"), log_get_progname(), gr_dbname ()); @@ -199,9 +201,11 @@ void cleanup_unlock_group (MAYBE_UNUSED void *arg) * * It should be registered after the gshadow file is successfully locked. */ -void cleanup_unlock_gshadow (MAYBE_UNUSED void *arg) +void cleanup_unlock_gshadow (void *process_selinux) { - if (sgr_unlock (true) == 0) { + bool process = *((bool *) process_selinux); + + if (sgr_unlock (process) == 0) { fprintf (log_get_logfd(), _("%s: failed to unlock %s\n"), log_get_progname(), sgr_dbname ()); diff --git a/lib/cleanup_user.c b/lib/cleanup_user.c index 16fa3f375..38eb8279a 100644 --- a/lib/cleanup_user.c +++ b/lib/cleanup_user.c @@ -96,9 +96,11 @@ void cleanup_report_add_user_shadow (void *user_name) * * It should be registered after the passwd database is successfully locked. */ -void cleanup_unlock_passwd (MAYBE_UNUSED void *arg) +void cleanup_unlock_passwd (void *process_selinux) { - if (pw_unlock (true) == 0) { + bool process = *((bool *) process_selinux); + + if (pw_unlock (process) == 0) { fprintf (log_get_logfd(), _("%s: failed to unlock %s\n"), log_get_progname(), pw_dbname ()); @@ -115,9 +117,11 @@ void cleanup_unlock_passwd (MAYBE_UNUSED void *arg) * * It should be registered after the shadow database is successfully locked. */ -void cleanup_unlock_shadow (MAYBE_UNUSED void *arg) +void cleanup_unlock_shadow (void *process_selinux) { - if (spw_unlock (true) == 0) { + bool process = *((bool *) process_selinux); + + if (spw_unlock (process) == 0) { fprintf (log_get_logfd(), _("%s: failed to unlock %s\n"), log_get_progname(), spw_dbname ()); diff --git a/lib/prototypes.h b/lib/prototypes.h index b5e18e52b..537001f5e 100644 --- a/lib/prototypes.h +++ b/lib/prototypes.h @@ -94,11 +94,11 @@ void cleanup_report_del_group_gshadow (void *group_name); void cleanup_report_mod_passwd (void *cleanup_info); void cleanup_report_mod_group (void *cleanup_info); void cleanup_report_mod_gshadow (void *cleanup_info); -void cleanup_unlock_group (/*@null@*/void *MAYBE_UNUSED); +void cleanup_unlock_group (void *process_selinux); #ifdef SHADOWGRP -void cleanup_unlock_gshadow (/*@null@*/void *MAYBE_UNUSED); +void cleanup_unlock_gshadow (void *process_selinux); #endif -void cleanup_unlock_passwd (/*@null@*/void *MAYBE_UNUSED); +void cleanup_unlock_passwd (void *process_selinux); /* console.c */ extern bool console (const char *);