On Wed, 18 May 2022 at 15:54, James Carter <jwcart2@xxxxxxxxx> wrote:
>
> On Tue, May 17, 2022 at 3:20 PM Christian Göttsche
> <cgzones@xxxxxxxxxxxxxx> wrote:
> >
> > The variable `curcon` is NULL in case the file has no current security
> > context. Most C standard libraries handle it fine, avoid it nonetheless
> > for standard conformance.
> >
> > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
> > ---
> > "(null)" might not be the best token to display, it was only taken to
> > not change current behavior
> > ---
> > libselinux/src/selinux_restorecon.c | 4 +++-
> > 1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c
> > index 1a185ced..1b21a605 100644
> > --- a/libselinux/src/selinux_restorecon.c
> > +++ b/libselinux/src/selinux_restorecon.c
> > @@ -771,7 +771,9 @@ static int restorecon_sb(const char *pathname, struct rest_flags *flags, bool fi
> > selinux_log(SELINUX_INFO,
> > "%s %s from %s to %s\n",
> > updated ? "Relabeled" : "Would relabel",
> > - pathname, curcon, newcon);
> > + pathname,
> > + curcon ? curcon : "(null)",
>
> Use "<<none>>", this is already used in file context files to indicate
> a file should not have a label.
"<<none>>" used in file contexts definitions does not mean no security
context but never relabel the existing context.
Maybe something like "<no context>" or "<empty context>"?
>
> Thanks,
> Jim
>
> > + newcon);
> >
> > if (flags->syslog_changes && !flags->nochange) {
> > if (curcon)
> > --
> > 2.36.1
> >
