core: don't forget about fallback_smack_process_label

author Łukasz Stelmach <l.stelmach@samsung.com>

Wed, 23 Oct 2024 10:58:36 +0000 (12:58 +0200)

committer Luca Boccassi <luca.boccassi@gmail.com>

Wed, 13 Nov 2024 19:48:10 +0000 (19:48 +0000)
author Łukasz Stelmach <l.stelmach@samsung.com>
Wed, 23 Oct 2024 10:58:36 +0000 (12:58 +0200)
committer Luca Boccassi <luca.boccassi@gmail.com>
Wed, 13 Nov 2024 19:48:10 +0000 (19:48 +0000)
diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c

index 5850a595f0475e637191f7cbe563f05ce2f3f8ca..85322a3f4a33add4f77dbf17bb098a866fa37f2a 100644 (file)
--- a/src/core/exec-invoke.c
+++ b/src/core/exec-invoke.c
@@ -4949,7 +4949,7 @@ int exec_invoke(
  #if ENABLE_SMACK
                  /* LSM Smack needs the capability CAP_MAC_ADMIN to change the current execution security context of the
                   * process. This is the latest place before dropping capabilities. Other MAC context are set later. */
-                if (use_smack && context->smack_process_label) {
+                if (use_smack) {
                          r = setup_smack(params, context, executable_fd);
                          if (r < 0 && !context->smack_process_label_ignore) {
                                  *exit_status = EXIT_SMACK_PROCESS_LABEL;
author	Łukasz Stelmach <l.stelmach@samsung.com>
	Wed, 23 Oct 2024 10:58:36 +0000 (12:58 +0200)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Wed, 13 Nov 2024 19:48:10 +0000 (19:48 +0000)