aboutsummaryrefslogtreecommitdiff
path: root/src/rc
diff options
context:
space:
mode:
authorRobin H. Johnson <robbat2@gentoo.org>2011-01-17 07:37:38 +0000
committerRobin H. Johnson <robbat2@gentoo.org>2011-01-17 07:37:43 +0000
commit49339525a98b5f472c902144706a663f8a9903d1 (patch)
tree2375df306e2f93cd5b423f15df36256f233bed99 /src/rc
parent1f578cdbad61ebb7e8a6d389022a8d1915f62259 (diff)
Bug #351712: Implement --applet selection mode for SELinux wrappers.
In addition to detecting what multicall applet we want via argv[0], provide an explicit override mode with a --applet initial argument. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
Diffstat (limited to 'src/rc')
-rw-r--r--src/rc/rc.c13
1 files changed, 13 insertions, 0 deletions
diff --git a/src/rc/rc.c b/src/rc/rc.c
index b062349a..a2e095db 100644
--- a/src/rc/rc.c
+++ b/src/rc/rc.c
@@ -804,6 +804,7 @@ main(int argc, char **argv)
int opt;
bool parallel;
int regen = 0;
+ int i;
#ifdef __linux__
char *proc;
char *p;
@@ -816,6 +817,18 @@ main(int argc, char **argv)
signal_setup(SIGSEGV, handle_bad_signal);
#endif
+ /* Bug 351712: We need an extra way to explicitly select an applet OTHER
+ * than trusting argv[0], as argv[0] is not going to be the applet value if
+ * we are doing SELinux context switching. For this, we allow calls such as
+ * 'rc --applet APPLET', and shift ALL of argv down by two array items. */
+ if(strcmp(basename_c(argv[0]), "rc") == 0 && strcmp(argv[1], "--applet") == 0) {
+ for(i = 2; i < argc; i++)
+ argv[i-2] = argv[i];
+ argv[argc-2] = NULL;
+ argv[argc-1] = NULL;
+ argc -= 2;
+ }
+ /* Now we can trust our applet value in argv[0] */
applet = basename_c(argv[0]);
LIST_INIT(&service_pids);
atexit(cleanup);