if (is_selinux_enabled() <= 0)
return 0;
- if (getseuserbyname(name, &seuser, &level) == 0) {
- retval=get_default_context_with_level(seuser, level, NULL, &scontext);
- free(seuser);
- free(level);
- if (retval) {
- if (security_getenforce() > 0) {
- log_it(name, getpid(), "No SELinux security context",tabname);
- return -1;
- } else {
- log_it(name, getpid(), "No security context but SELinux in permissive mode, continuing",tabname);
- return 0;
- }
+ if (name != NULL) {
+ if (getseuserbyname(name, &seuser, &level) < 0) {
+ log_it(name, getpid(), "getseuserbyname FAILED", name);
+ return (security_getenforce() > 0);
}
- } else {
- log_it(name, getpid(), "getseusername FAILED", name);
- return (security_getenforce() > 0);
}
-
+
+ retval=get_default_context_with_level(name == NULL ? "system_u" : seuser, level, NULL, &scontext);
+ free(seuser);
+ free(level);
+ if (retval) {
+ if (security_getenforce() > 0) {
+ log_it(name, getpid(), "No SELinux security context",tabname);
+ return -1;
+ } else {
+ log_it(name, getpid(), "No security context but SELinux in permissive mode, continuing",tabname);
+ return 0;
+ }
+ }
+
if (fgetfilecon(crontab_fd, &file_context) < OK) {
if (security_getenforce() > 0) {
log_it(name, getpid(), "getfilecon FAILED", tabname);
projects / cronie / commitdiff