diff options
Diffstat (limited to 'pam_unix2-rm_selinux_check_access.patch')
-rw-r--r-- | pam_unix2-rm_selinux_check_access.patch | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/pam_unix2-rm_selinux_check_access.patch b/pam_unix2-rm_selinux_check_access.patch new file mode 100644 index 000000000000..054874610099 --- /dev/null +++ b/pam_unix2-rm_selinux_check_access.patch @@ -0,0 +1,54 @@ +diff -aur pam_unix2-2.9.1/src/public.h pam_unix2-2.9.1.new/src/public.h +--- pam_unix2-2.9.1/src/public.h 2008-09-26 16:29:54.000000000 +0200 ++++ pam_unix2-2.9.1.new/src/public.h 2013-02-25 11:10:12.269979021 +0100 +@@ -97,8 +97,6 @@ + #endif + + #ifdef WITH_SELINUX +-extern int selinux_check_access (const char *__chuser, +- unsigned int __access); + extern int set_default_context (pam_handle_t *pamh, + const char *filename, + char **prev_context); +diff -aur pam_unix2-2.9.1/src/selinux_utils.c pam_unix2-2.9.1.new/src/selinux_utils.c +--- pam_unix2-2.9.1/src/selinux_utils.c 2006-01-13 11:49:46.000000000 +0100 ++++ pam_unix2-2.9.1.new/src/selinux_utils.c 2013-02-25 11:10:41.056709132 +0100 +@@ -38,38 +38,6 @@ + #include "public.h" + + int +-selinux_check_access (const char *chuser, unsigned int access) +-{ +- int status = -1; +- security_context_t user_context; +- +- if (getprevcon (&user_context) == 0) +- { +- context_t c = context_new (user_context); +- const char *user = context_user_get (c); +- +- if (strcmp (chuser, user) == 0) +- status = 0; +- else +- { +- struct av_decision avd; +- int retval = security_compute_av (user_context, +- user_context, +- SECCLASS_PASSWD, +- access, +- &avd); +- +- if ((retval == 0) && +- ((access & avd.allowed) == access)) +- status = 0; +- } +- context_free (c); +- freecon (user_context); +- } +- return status; +-} +- +-int + set_default_context (pam_handle_t *pamh, const char *filename, + char **prev_context) + { |