[Initng-svn] r3771 - initng/trunk/plugins/bash_launcher

[svn at initng.thinktux.net]

Author: danne
Date: Wed Apr 12 09:56:42 2006
New Revision: 3771

Modified:
   initng/trunk/plugins/bash_launcher/initng_bash_launcher.c

Log:
Added support for bash_launcher setting selinux context. Also added new option "selinux_context", for setting individual contexts for services.


Modified: initng/trunk/plugins/bash_launcher/initng_bash_launcher.c
==============================================================================
--- initng/trunk/plugins/bash_launcher/initng_bash_launcher.c	(original)
+++ initng/trunk/plugins/bash_launcher/initng_bash_launcher.c	Wed Apr 12 09:56:42 2006
@@ -32,7 +32,9 @@
 #include <pwd.h>
 #include <sys/stat.h>
 #include <errno.h>
-
+#ifdef SELINUX
+#include <selinux/selinux.h>
+#endif
 
 #ifdef BUSYBOX
 #include "../../busybox-1.00/include/busybox.h"
@@ -56,6 +58,9 @@
 s_entry SCRIPT_OPT = { "script_opt", VARIABLE_STRING, NULL,
 	"The options bash should get."
 };
+s_entry SELINUX_CONTEXT = { "selinux_context", STRING, NULL,
+	"The selinux context to start in."
+};
 
 static void bash_this(const char *bash_code, active_db_h * s,
 					  const char *args);
@@ -109,6 +114,14 @@
 		argtmp[3] = i_strdup(args);
 	argtmp[4] = NULL;
 
+#ifdef SELINUX
+	const char *selinux_context = (&SELINUX_CONTEXT, s);
+	if(selinux_context)
+	  setexeccon(selinux_context);
+	else
+	  setexeccon("initrc_exec_t");
+#endif
+
 	/* execute */
 	execve("/bin/sh", argtmp, new_environ(s));
 
@@ -180,6 +193,7 @@
 
 	initng_service_data_types_add(&SCRIPT);
 	initng_service_data_types_add(&SCRIPT_OPT);
+	initng_service_data_types_add(&SELINUX_CONTEXT);
 
 	initng_plugin_hook_add(&g.LAUNCH, 51, &initng_bash);
 	return (TRUE);
@@ -189,6 +203,7 @@
 {
 	initng_service_data_types_del(&SCRIPT);
 	initng_service_data_types_del(&SCRIPT_OPT);
+	initng_service_data_types_del(&SELINUX_CONTEXT);
 
 	D_("initng_simple_plugin: module_unload();\n");
 	initng_plugin_hook_del(&g.LAUNCH, &initng_bash);