-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk6wT/UACgkQrlYvE4MpobNO/ACffIEw6bZ1uHCvc6vVoEtPoGli
Rt4AoIoA+UQt0+MOoNR14+hNi4Syn2CQ
=GoJz
-----END PGP SIGNATURE-----
>From ea9c699fecc31ab88303f8e46103f2b3c419e559 Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@xxxxxxxxxx>
Date: Fri, 23 Sep 2011 17:38:09 -0400
Subject: [PATCH 39/63] libselinux: rename and export symlink_realpath
symlink_realpath is used by both libselinux and policycoreutils.
Instead of coding it twice, export the libselinux version under a new
name that makes it sound more generic.
Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---
libselinux/include/selinux/selinux.h | 5 +++++
libselinux/src/matchpathcon.c | 4 ++--
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h
index b53b332..d766645 100644
--- a/libselinux/include/selinux/selinux.h
+++ b/libselinux/include/selinux/selinux.h
@@ -421,6 +421,11 @@ extern int matchpathcon_init_prefixes(const char *patch, const char **prefixes);
/* Free the memory allocated by matchpathcon_init. */
extern void matchpathcon_fini(void);
+/* Resolve all of the symlinks and relative portions of a pathname, but NOT
+ * the final component (same a realpath() unless the final component is a
+ * symlink. Resolved path must be a path of size PATH_MAX + 1 */
+extern int realpath_not_final(const char *name, char *resolved_path);
+
/* Match the specified pathname and mode against the file contexts
configuration and set *con to refer to the resulting context.
'mode' can be 0 to disable mode matching.
diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c
index 7a939c3..489ef3a 100644
--- a/libselinux/src/matchpathcon.c
+++ b/libselinux/src/matchpathcon.c
@@ -352,7 +352,7 @@ void matchpathcon_fini(void)
* determine a real path component of the first portion. We then have to
* copy the last part back on to get the final real path. Wheww.
*/
-static int symlink_realpath(const char *name, char *resolved_path)
+int realpath_not_final(const char *name, char *resolved_path)
{
char *last_component;
char *tmp_path, *p;
@@ -414,7 +414,7 @@ int matchpathcon(const char *path, mode_t mode, security_context_t * con)
return -1;
if (S_ISLNK(mode)) {
- if (!symlink_realpath(path, stackpath))
+ if (!realpath_not_final(path, stackpath))
path = stackpath;
} else {
p = realpath(path, stackpath);
--
1.7.7
