There are a few references to the "user" prefix that have to be changed to a valid role so that cil_resolve_userprefix can be made to validate the given role.
Fortunately object_r is alway's there. I do not like to hard-code identifiers but I see no other option.
Signed-off-by: Dominick Grift <dac.override@xxxxxxxxx>
---
libsemanage/src/genhomedircon.c | 2 +-
libsemanage/src/user_record.c | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c
index d08c88de..6a21223d 100644
--- a/libsemanage/src/genhomedircon.c
+++ b/libsemanage/src/genhomedircon.c
@@ -85,7 +85,7 @@
#define TEMPLATE_USERID "%{USERID}"
#define FALLBACK_SENAME "user_u"
-#define FALLBACK_PREFIX "user"
+#define FALLBACK_PREFIX "object_r"
#define FALLBACK_LEVEL "s0"
#define FALLBACK_NAME "[^/]+"
#define FALLBACK_UIDGID "[0-9]+"
diff --git a/libsemanage/src/user_record.c b/libsemanage/src/user_record.c
index 45239250..91228eb8 100644
--- a/libsemanage/src/user_record.c
+++ b/libsemanage/src/user_record.c
@@ -240,7 +240,7 @@ int semanage_user_create(semanage_handle_t * handle,
goto err;
/* Initialize the prefix for migration purposes */
- if (semanage_user_extra_set_prefix(handle, tmp_user->extra, "user") < 0)
+ if (semanage_user_extra_set_prefix(handle, tmp_user->extra, "object_r") < 0)
goto err;
*user_ptr = tmp_user;
@@ -349,7 +349,7 @@ hidden int semanage_user_join(semanage_handle_t * handle,
< 0)
goto err;
if (semanage_user_extra_set_prefix
- (handle, tmp_user->extra, "user") < 0)
+ (handle, tmp_user->extra, "object_r") < 0)
goto err;
}
--
2.24.0
