|
 |
af13db9 |
diff -up shadow-4.1.5.1/lib/semanage.c.selinux shadow-4.1.5.1/lib/semanage.c
|
|
|
af13db9 |
--- shadow-4.1.5.1/lib/semanage.c.selinux 2012-01-08 17:35:44.000000000 +0100
|
|
|
af13db9 |
+++ shadow-4.1.5.1/lib/semanage.c 2014-09-10 10:11:55.417506128 +0200
|
|
|
af13db9 |
@@ -294,6 +294,9 @@ int set_seuser (const char *login_name,
|
|
|
af13db9 |
|
|
|
af13db9 |
ret = 0;
|
|
|
af13db9 |
|
|
|
af13db9 |
+ /* drop obsolete matchpathcon cache */
|
|
|
af13db9 |
+ matchpathcon_fini();
|
|
|
af13db9 |
+
|
|
|
af13db9 |
done:
|
|
|
af13db9 |
semanage_seuser_key_free (key);
|
|
|
af13db9 |
semanage_handle_destroy (handle);
|
|
|
af13db9 |
@@ -369,6 +372,10 @@ int del_seuser (const char *login_name)
|
|
|
af13db9 |
}
|
|
|
af13db9 |
|
|
|
af13db9 |
ret = 0;
|
|
|
af13db9 |
+
|
|
|
af13db9 |
+ /* drop obsolete matchpathcon cache */
|
|
|
af13db9 |
+ matchpathcon_fini();
|
|
|
af13db9 |
+
|
|
|
af13db9 |
done:
|
|
|
af13db9 |
semanage_handle_destroy (handle);
|
|
|
af13db9 |
return ret;
|
|
|
44a40b2 |
diff -up shadow-4.1.5.1/src/useradd.c.selinux shadow-4.1.5.1/src/useradd.c
|
|
|
af13db9 |
--- shadow-4.1.5.1/src/useradd.c.selinux 2014-09-10 10:10:18.791280619 +0200
|
|
|
af13db9 |
+++ shadow-4.1.5.1/src/useradd.c 2014-09-10 10:10:18.798280781 +0200
|
|
|
4c1ef1c |
@@ -1850,6 +1850,7 @@ static void create_mail (void)
|
|
|
4c1ef1c |
*/
|
|
|
4c1ef1c |
int main (int argc, char **argv)
|
|
|
4c1ef1c |
{
|
|
|
4c1ef1c |
+ int rv = E_SUCCESS;
|
|
|
4c1ef1c |
#ifdef ACCT_TOOLS_SETUID
|
|
|
4c1ef1c |
#ifdef USE_PAM
|
|
|
4c1ef1c |
pam_handle_t *pamh = NULL;
|
|
|
4c1ef1c |
@@ -2037,10 +2038,33 @@ int main (int argc, char **argv)
|
|
|
4c1ef1c |
|
|
|
4c1ef1c |
usr_update ();
|
|
|
4c1ef1c |
|
|
|
4c1ef1c |
+ close_files ();
|
|
|
4c1ef1c |
+
|
|
|
4c1ef1c |
+ nscd_flush_cache ("passwd");
|
|
|
4c1ef1c |
+ nscd_flush_cache ("group");
|
|
|
4c1ef1c |
+
|
|
|
4c1ef1c |
+#ifdef WITH_SELINUX
|
|
|
4c1ef1c |
+ if (Zflg && *user_selinux) {
|
|
|
4c1ef1c |
+ if (is_selinux_enabled () > 0) {
|
|
|
4c1ef1c |
+ if (set_seuser (user_name, user_selinux) != 0) {
|
|
|
4c1ef1c |
+ fprintf (stderr,
|
|
|
4c1ef1c |
+ _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
|
|
|
4c1ef1c |
+ Prog, user_name, user_selinux);
|
|
|
4c1ef1c |
+#ifdef WITH_AUDIT
|
|
|
4c1ef1c |
+ audit_logger (AUDIT_ADD_USER, Prog,
|
|
|
4c1ef1c |
+ "adding SELinux user mapping",
|
|
|
4c1ef1c |
+ user_name, (unsigned int) user_id, 0);
|
|
|
4c1ef1c |
+#endif /* WITH_AUDIT */
|
|
|
4c1ef1c |
+ rv = E_SE_UPDATE;
|
|
|
4c1ef1c |
+ }
|
|
|
4c1ef1c |
+ }
|
|
|
4c1ef1c |
+ }
|
|
|
4c1ef1c |
+#endif
|
|
|
4c1ef1c |
+
|
|
|
44a40b2 |
if (mflg) {
|
|
|
44a40b2 |
create_home ();
|
|
|
44a40b2 |
if (home_added) {
|
|
|
44a40b2 |
- copy_tree (def_template, user_home, false, false,
|
|
|
44a40b2 |
+ copy_tree (def_template, user_home, false, true,
|
|
|
44a40b2 |
(uid_t)-1, user_id, (gid_t)-1, user_gid);
|
|
|
44a40b2 |
} else {
|
|
|
44a40b2 |
fprintf (stderr,
|
|
|
4c1ef1c |
@@ -2056,27 +2080,6 @@ int main (int argc, char **argv)
|
|
|
4c1ef1c |
create_mail ();
|
|
|
4c1ef1c |
}
|
|
|
4c1ef1c |
|
|
|
4c1ef1c |
- close_files ();
|
|
|
4c1ef1c |
-
|
|
|
4c1ef1c |
-#ifdef WITH_SELINUX
|
|
|
4c1ef1c |
- if (Zflg) {
|
|
|
4c1ef1c |
- if (set_seuser (user_name, user_selinux) != 0) {
|
|
|
4c1ef1c |
- fprintf (stderr,
|
|
|
4c1ef1c |
- _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
|
|
|
4c1ef1c |
- Prog, user_name, user_selinux);
|
|
|
4c1ef1c |
-#ifdef WITH_AUDIT
|
|
|
4c1ef1c |
- audit_logger (AUDIT_ADD_USER, Prog,
|
|
|
4c1ef1c |
- "adding SELinux user mapping",
|
|
|
4c1ef1c |
- user_name, (unsigned int) user_id, 0);
|
|
|
4c1ef1c |
-#endif /* WITH_AUDIT */
|
|
|
4c1ef1c |
- fail_exit (E_SE_UPDATE);
|
|
|
4c1ef1c |
- }
|
|
|
4c1ef1c |
- }
|
|
|
4c1ef1c |
-#endif /* WITH_SELINUX */
|
|
|
4c1ef1c |
-
|
|
|
4c1ef1c |
- nscd_flush_cache ("passwd");
|
|
|
4c1ef1c |
- nscd_flush_cache ("group");
|
|
|
4c1ef1c |
-
|
|
|
4c1ef1c |
- return E_SUCCESS;
|
|
|
4c1ef1c |
+ return rv;
|
|
|
4c1ef1c |
}
|
|
|
4c1ef1c |
|