Skip to content

Commit

Permalink
config: Don't finalize mount state in selinux_set_policy_root()
Browse files Browse the repository at this point in the history 
This breaks every further call to e.g. `is_selinux_enabled()` after a policy
root has been set.  This tripped up some code landed in libostree:
ostreedev/ostree#797
Since in some cases we initialize a policy twice in process, and we'd
call `is_selinux_enabled()` each time.

More info in: http://marc.info/?l=selinux&m=149323809332417&w=2

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
  • Loading branch information
@cgwalters @stephensmalley
cgwalters authored and stephensmalley committed Apr 27, 2017
1 parent b290a37 commit 15e26ef
Showing 1 changed file with 0 additions and 1 deletion.
1 change: 0 additions & 1 deletion libselinux/src/selinux_config.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -282,7 +282,6 @@ int selinux_set_policy_root(const char *path)
}
policy_type++;

fini_selinuxmnt();
fini_selinux_policyroot();

selinux_policyroot = strdup(path);
Expand Down

0 comments on commit 15e26ef

Please sign in to comment.