restorecond is coded to always skip digests.
Signed-off-by: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
---
restorecond/restore.c | 8 ++++----
restorecond/restore.h | 2 +-
restorecond/restorecond.c | 5 ++---
3 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/restorecond/restore.c b/restorecond/restore.c
index f6e3000..26ddec2 100644
--- a/restorecond/restore.c
+++ b/restorecond/restore.c
@@ -21,11 +21,10 @@ void restore_init(struct restore_opts *opts)
r_opts = opts;
struct selinux_opt selinux_opts[] = {
{ SELABEL_OPT_VALIDATE, r_opts->selabel_opt_validate },
- { SELABEL_OPT_PATH, r_opts->selabel_opt_path },
- { SELABEL_OPT_DIGEST, r_opts->selabel_opt_digest }
+ { SELABEL_OPT_PATH, r_opts->selabel_opt_path }
};
- r_opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 3);
+ r_opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 2);
if (!r_opts->hnd) {
perror(r_opts->selabel_opt_path);
exit(1);
@@ -38,7 +37,8 @@ void restore_init(struct restore_opts *opts)
r_opts->recurse | r_opts->userealpath |
r_opts->xdev | r_opts->abort_on_error |
r_opts->syslog_changes | r_opts->log_matches |
- r_opts->ignore_noent | r_opts->ignore_mounts;
+ r_opts->ignore_noent | r_opts->ignore_mounts |
+ r_opts->skip_digest;
/* Use setfiles, restorecon and restorecond own handles */
selinux_restorecon_set_sehandle(r_opts->hnd);
diff --git a/restorecond/restore.h b/restorecond/restore.h
index 97fbdf4..a493031 100644
--- a/restorecond/restore.h
+++ b/restorecond/restore.h
@@ -32,6 +32,7 @@ struct restore_opts {
unsigned int set_specctx;
unsigned int add_assoc;
unsigned int ignore_digest;
+ unsigned int skip_digest;
unsigned int recurse;
unsigned int userealpath;
unsigned int xdev;
@@ -47,7 +48,6 @@ struct restore_opts {
struct selabel_handle *hnd;
const char *selabel_opt_validate;
const char *selabel_opt_path;
- const char *selabel_opt_digest;
int debug;
FILE *outfile;
};
diff --git a/restorecond/restorecond.c b/restorecond/restorecond.c
index d5f70fc..26d2c59 100644
--- a/restorecond/restorecond.c
+++ b/restorecond/restorecond.c
@@ -150,12 +150,11 @@ int main(int argc, char **argv)
watch_file = server_watch_file;
- /* Set all options to zero/NULL except for ignore_noent & digest. */
+ /* Set all options to zero except for ignore_noent & skip_digest */
memset(&r_opts, 0, sizeof(r_opts));
r_opts.ignore_noent = SELINUX_RESTORECON_IGNORE_NOENTRY;
- r_opts.ignore_digest = SELINUX_RESTORECON_IGNORE_DIGEST;
+ r_opts.skip_digest = SELINUX_RESTORECON_SKIP_DIGEST;
- /* As r_opts.selabel_opt_digest = NULL, no digest will be requested. */
restore_init(&r_opts);
/* Register sighandlers */
--
2.20.1
