From: Marcela Mašláňová <mmaslano@redhat.com>
Date: Thu, 6 Oct 2011 07:01:12 +0000 (+0200)
Subject: Raw context should be used. Especially when mcstransd in older
X-Git-Tag: cronie1.4.9~22
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=122ee70e531c447a2e967784b94caf4dfc8aa7ea;p=cronie

Raw context should be used. Especially when mcstransd in older
releases is running.
---

diff --git a/src/security.c b/src/security.c
index f6940a5..34c940e 100644
--- a/src/security.c
+++ b/src/security.c
@@ -456,6 +456,7 @@ get_security_context(const char *name, int crontab_fd,
 #ifdef WITH_SELINUX
 	security_context_t scontext = NULL;
 	security_context_t file_context = NULL;
+	security_context_t rawcontext=NULL;
 	int retval = 0;
 	char *seuser = NULL;
 	char *level = NULL;
@@ -474,6 +475,10 @@ get_security_context(const char *name, int crontab_fd,
 
 	retval = get_default_context_with_level(name == NULL ? "system_u" : seuser,
 		level, NULL, &scontext);
+	if (selinux_trans_to_raw_context(scontext, &rawcontext) == 0) {
+		freecon(scontext);
+		scontext = rawcontext;
+	}
 	free(seuser);
 	free(level);
 	if (retval) {