This retrieved context is just passed to libselinux functions and not printed or otherwise made available to the outside, so a context translation to human readable MCS/MLS labels is not needed. (see man:setrans.conf(5)) The typedef security_context_t is deprecated, see https://github.com/SELinuxProject/selinux/commit/9eb9c9327563014ad6a807814e7975424642d5b9 --- src/vipw.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/vipw.c b/src/vipw.c index 04f0b233..465698d1 100644 --- a/src/vipw.c +++ b/src/vipw.c @@ -243,13 +243,13 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) /* if SE Linux is enabled then set the context of all new files to be the context of the file we are editing */ if (is_selinux_enabled () != 0) { - security_context_t passwd_context=NULL; + char *passwd_context_raw = NULL; int ret = 0; - if (getfilecon (file, &passwd_context) < 0) { + if (getfilecon_raw (file, &passwd_context_raw) < 0) { vipwexit (_("Couldn't get file context"), errno, 1); } - ret = setfscreatecon (passwd_context); - freecon (passwd_context); + ret = setfscreatecon_raw (passwd_context_raw); + freecon (passwd_context_raw); if (0 != ret) { vipwexit (_("setfscreatecon () failed"), errno, 1); } @@ -401,7 +401,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) #ifdef WITH_SELINUX /* unset the fscreatecon */ if (is_selinux_enabled () != 0) { - if (setfscreatecon (NULL) != 0) { + if (setfscreatecon_raw (NULL) != 0) { vipwexit (_("setfscreatecon () failed"), errno, 1); } } -- 2.31.0
