On 7/21/20 3:08 PM, Stephen Smalley wrote:
> On Tue, Jul 21, 2020 at 7:27 AM Dominick Grift
> <dominick.grift@xxxxxxxxxxx> wrote:
>>
>> strdup(selinux_policy_root()) does not return a path that can be used to derive "Loaded policy name"
>> instead if returns a path that can be used to derive "Policy name from config file".
>>
>> Signed-off-by: Dominick Grift <dominick.grift@xxxxxxxxxxx>
>
> My only concern with this is whether it might break scripts that
> extract bits of information from sestatus output by matching on the
> existing prefix, especially since it has been this way for a long time
> (approaching 9 years?). OTOH, it looks like it was labeled "Policy
> from config file" prior to that commit. No strong feelings either way
> except that we don't want to break things for users unnecessarily.
Thanks
I think I argee. pity that this slipped through the cracks in the first
place. Probably best to leave this be. I will just make a mental note
not to use sestatus in from of a camera to avoid embarrassment.
>
>> ---
>> policycoreutils/sestatus/sestatus.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/policycoreutils/sestatus/sestatus.c b/policycoreutils/sestatus/sestatus.c
>> index b37f0353..8b03b028 100644
>> --- a/policycoreutils/sestatus/sestatus.c
>> +++ b/policycoreutils/sestatus/sestatus.c
>> @@ -268,7 +268,7 @@ int main(int argc, char **argv)
>> free(root_path);
>>
>> /* Dump all the path information */
>> - printf_tab("Loaded policy name:");
>> + printf_tab("Policy name from config file:");
>> pol_path = strdup(selinux_policy_root());
>> if (pol_path) {
>> pol_name = basename(pol_path);
>> --
>> 2.27.0
>>
