If "level" option is used to start sandbox commands, this level is not propagated
to specified homedir and tmpdir directories. See rhbz #1279006.
Signed-off-by: Miroslav Grepl <mgrepl@xxxxxxxxxx>
---
policycoreutils/sandbox/sandbox | 3 ---
1 file changed, 3 deletions(-)
diff --git a/policycoreutils/sandbox/sandbox b/policycoreutils/sandbox/sandbox
index 5109eca..163afa0 100644
--- a/policycoreutils/sandbox/sandbox
+++ b/policycoreutils/sandbox/sandbox
@@ -406,9 +406,6 @@ sandbox [-h] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile ] [-
self.__execcon = "%s:%s:%s:%s" % (con[0], con[1], self.setype, level)
self.__filecon = "%s:object_r:sandbox_file_t:%s" % (con[0], level)
def __setup_dir(self):
- if self.__options.level or self.__options.session:
- return
-
if self.__options.homedir:
selinux.chcon(self.__options.homedir, self.__filecon, recursive=True)
self.__homedir = self.__options.homedir
--
2.6.2
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
