If no policy has been loaded yet and thus the current context is still
"kernel" avoid logging failures in get_ordered_context_list(), like:
get_ordered_context_list: error in processing configuration file /etc/selinux/debian/contexts/users/root
get_ordered_context_list: error in processing configuration file /etc/selinux/debian/contexts/default_contexts
Since get_context_user() needs a valid context, because it tries to split
it into its parts, jump right to the failsafe.
---
libselinux/src/get_context_list.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c
index 7e23be05..ec3775a8 100644
--- a/libselinux/src/get_context_list.c
+++ b/libselinux/src/get_context_list.c
@@ -427,6 +427,12 @@ int get_ordered_context_list(const char *user,
fromcon = backup_fromcon;
}
+ if (strcmp(fromcon, "kernel") == 0)
+ /* get_context_user() needs a valid context, avoid
+ * unnecessary log messages if no policy has been loaded
+ * yet. */
+ goto failsafe;
+
/* Determine the ordering to apply from the optional per-user config
and from the global config. */
fname_len = strlen(user_contexts_path) + strlen(user) + 2;
--
2.43.0
