From: Sven Vermeulen Date: Thu, 12 Apr 2012 08:38:27 +0000 (+0200) Subject: setkeycreatecon is not needed. Users should inherited key context if it was already... X-Git-Tag: cronie1.4.9~16 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c98110b45bfaee0e30de4424a0f62060677a3624;p=cronie setkeycreatecon is not needed. Users should inherited key context if it was already set for them. Signed-off-by: Marcela Mašláňová --- diff --git a/src/security.c b/src/security.c index 34c940e..83c7d7e 100644 --- a/src/security.c +++ b/src/security.c @@ -424,7 +424,7 @@ static int cron_change_selinux_range(user * u, security_context_t ucontext) { } } - if (setexeccon(ucontext) < 0 || setkeycreatecon(ucontext) < 0) { + if (setexeccon(ucontext) < 0) { if (security_getenforce() > 0) { if (asprintf (&msg, "Could not set exec or keycreate context to %s for user", @@ -437,7 +437,7 @@ static int cron_change_selinux_range(user * u, security_context_t ucontext) { else { if (asprintf (&msg, - "Could not set exec or keycreate context to %s for user," + "Could not set exec context to %s for user," " but SELinux in permissive mode, continuing", (char *) ucontext) >= 0) { log_it(u->name, getpid(), "WARNING", msg, 0);