libsemanage: store users_extra in the policy store

users_extra is needed by genhomedircon and when listing seusers, so it
must be kept in the policy store. Also move the FC_TMPL unlink() closer
to where the FC_TMPL is created; not a functional change, but eaiser to
follow.

Signed-off-by: Steve Lawrence <slawrence@tresys.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
This commit is contained in:
Steve Lawrence 2015-09-03 13:07:36 -04:00
parent 75dd8c062d
commit dbc639a35a
2 changed files with 4 additions and 4 deletions

View file

@ -1272,6 +1272,9 @@ static int semanage_direct_commit(semanage_handle_t * sh)
if (retval < 0) if (retval < 0)
goto cleanup; goto cleanup;
/* remove FC_TMPL now that it is now longer needed */
unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL));
pfcontexts->dtable->drop_cache(pfcontexts->dbase); pfcontexts->dtable->drop_cache(pfcontexts->dbase);
/* SEUsers */ /* SEUsers */
@ -1413,10 +1416,6 @@ static int semanage_direct_commit(semanage_handle_t * sh)
sepol_policydb_free(out); sepol_policydb_free(out);
out = NULL; out = NULL;
/* remove files that are automatically generated and no longer needed */
unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL));
unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA));
if (sh->do_rebuild || modified || bools_modified || fcontexts_modified) { if (sh->do_rebuild || modified || bools_modified || fcontexts_modified) {
retval = semanage_install_sandbox(sh); retval = semanage_install_sandbox(sh);
} }

View file

@ -247,6 +247,7 @@ if __name__ == "__main__":
"file_contexts.local", "file_contexts.local",
"seusers", "seusers",
"users.local", "users.local",
"users_extra",
"users_extra.local", "users_extra.local",
"disable_dontaudit", "disable_dontaudit",
"preserve_tunables", "preserve_tunables",