diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-11-27 20:22:56 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-11-27 20:28:13 +0100 |
commit | 6355e75610a8d47fc3ba5ab8bd442172a2cfe574 (patch) | |
tree | e71ec8fc1fdb2cef3d06a2b50f1f27b22199391e /src/journal/journald-syslog.c | |
parent | Merge pull request #2052 from poettering/export-cleanup (diff) | |
download | systemd-6355e75610a8d47fc3ba5ab8bd442172a2cfe574.tar.xz systemd-6355e75610a8d47fc3ba5ab8bd442172a2cfe574.zip |
selinux: split up mac_selinux_have() from mac_selinux_use()
Let's distuingish the cases where our code takes an active role in
selinux management, or just passively reports whatever selinux
properties are set.
mac_selinux_have() now checks whether selinux is around for the passive
stuff, and mac_selinux_use() for the active stuff. The latter checks the
former, plus also checks UID == 0, under the assumption that only when
we run priviliged selinux management really makes sense.
Fixes: #1941
Diffstat (limited to 'src/journal/journald-syslog.c')
-rw-r--r-- | src/journal/journald-syslog.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c index f3ac1a7ae0..cfc50d889b 100644 --- a/src/journal/journald-syslog.c +++ b/src/journal/journald-syslog.c @@ -415,7 +415,7 @@ int server_open_syslog_socket(Server *s) { return log_error_errno(errno, "SO_PASSCRED failed: %m"); #ifdef HAVE_SELINUX - if (mac_selinux_use()) { + if (mac_selinux_have()) { r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)); if (r < 0) log_warning_errno(errno, "SO_PASSSEC failed: %m"); |