libsemanage: store users_extra in the policy store
users_extra is needed by genhomedircon and when listing seusers, so it must be kept in the policy store. Also move the FC_TMPL unlink() closer to where the FC_TMPL is created; not a functional change, but eaiser to follow. Signed-off-by: Steve Lawrence <slawrence@tresys.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
This commit is contained in:
parent
75dd8c062d
commit
dbc639a35a
2 changed files with 4 additions and 4 deletions
|
@ -1272,6 +1272,9 @@ static int semanage_direct_commit(semanage_handle_t * sh)
|
||||||
if (retval < 0)
|
if (retval < 0)
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
|
|
||||||
|
/* remove FC_TMPL now that it is now longer needed */
|
||||||
|
unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL));
|
||||||
|
|
||||||
pfcontexts->dtable->drop_cache(pfcontexts->dbase);
|
pfcontexts->dtable->drop_cache(pfcontexts->dbase);
|
||||||
|
|
||||||
/* SEUsers */
|
/* SEUsers */
|
||||||
|
@ -1413,10 +1416,6 @@ static int semanage_direct_commit(semanage_handle_t * sh)
|
||||||
sepol_policydb_free(out);
|
sepol_policydb_free(out);
|
||||||
out = NULL;
|
out = NULL;
|
||||||
|
|
||||||
/* remove files that are automatically generated and no longer needed */
|
|
||||||
unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL));
|
|
||||||
unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA));
|
|
||||||
|
|
||||||
if (sh->do_rebuild || modified || bools_modified || fcontexts_modified) {
|
if (sh->do_rebuild || modified || bools_modified || fcontexts_modified) {
|
||||||
retval = semanage_install_sandbox(sh);
|
retval = semanage_install_sandbox(sh);
|
||||||
}
|
}
|
||||||
|
|
|
@ -247,6 +247,7 @@ if __name__ == "__main__":
|
||||||
"file_contexts.local",
|
"file_contexts.local",
|
||||||
"seusers",
|
"seusers",
|
||||||
"users.local",
|
"users.local",
|
||||||
|
"users_extra",
|
||||||
"users_extra.local",
|
"users_extra.local",
|
||||||
"disable_dontaudit",
|
"disable_dontaudit",
|
||||||
"preserve_tunables",
|
"preserve_tunables",
|
||||||
|
|
Loading…
Reference in a new issue