You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
100 lines
2.7 KiB
100 lines
2.7 KiB
6 years ago
|
diff -up shadow-4.1.5.1/lib/semanage.c.selinux shadow-4.1.5.1/lib/semanage.c
|
||
|
--- shadow-4.1.5.1/lib/semanage.c.selinux 2012-01-08 17:35:44.000000000 +0100
|
||
|
+++ shadow-4.1.5.1/lib/semanage.c 2014-09-10 10:11:55.417506128 +0200
|
||
|
@@ -294,6 +294,9 @@ int set_seuser (const char *login_name,
|
||
|
|
||
|
ret = 0;
|
||
|
|
||
|
+ /* drop obsolete matchpathcon cache */
|
||
|
+ matchpathcon_fini();
|
||
|
+
|
||
|
done:
|
||
|
semanage_seuser_key_free (key);
|
||
|
semanage_handle_destroy (handle);
|
||
|
@@ -369,6 +372,10 @@ int del_seuser (const char *login_name)
|
||
|
}
|
||
|
|
||
|
ret = 0;
|
||
|
+
|
||
|
+ /* drop obsolete matchpathcon cache */
|
||
|
+ matchpathcon_fini();
|
||
|
+
|
||
|
done:
|
||
|
semanage_handle_destroy (handle);
|
||
|
return ret;
|
||
|
diff -up shadow-4.1.5.1/src/useradd.c.selinux shadow-4.1.5.1/src/useradd.c
|
||
|
--- shadow-4.1.5.1/src/useradd.c.selinux 2014-09-10 10:10:18.791280619 +0200
|
||
|
+++ shadow-4.1.5.1/src/useradd.c 2014-09-10 10:10:18.798280781 +0200
|
||
|
@@ -1850,6 +1850,7 @@ static void create_mail (void)
|
||
|
*/
|
||
|
int main (int argc, char **argv)
|
||
|
{
|
||
|
+ int rv = E_SUCCESS;
|
||
|
#ifdef ACCT_TOOLS_SETUID
|
||
|
#ifdef USE_PAM
|
||
|
pam_handle_t *pamh = NULL;
|
||
|
@@ -2037,10 +2038,33 @@ int main (int argc, char **argv)
|
||
|
|
||
|
usr_update ();
|
||
|
|
||
|
+ close_files ();
|
||
|
+
|
||
|
+ nscd_flush_cache ("passwd");
|
||
|
+ nscd_flush_cache ("group");
|
||
|
+
|
||
|
+#ifdef WITH_SELINUX
|
||
|
+ if (Zflg && *user_selinux) {
|
||
|
+ if (is_selinux_enabled () > 0) {
|
||
|
+ if (set_seuser (user_name, user_selinux) != 0) {
|
||
|
+ fprintf (stderr,
|
||
|
+ _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
|
||
|
+ Prog, user_name, user_selinux);
|
||
|
+#ifdef WITH_AUDIT
|
||
|
+ audit_logger (AUDIT_ADD_USER, Prog,
|
||
|
+ "adding SELinux user mapping",
|
||
|
+ user_name, (unsigned int) user_id, 0);
|
||
|
+#endif /* WITH_AUDIT */
|
||
|
+ rv = E_SE_UPDATE;
|
||
|
+ }
|
||
|
+ }
|
||
|
+ }
|
||
|
+#endif
|
||
|
+
|
||
|
if (mflg) {
|
||
|
create_home ();
|
||
|
if (home_added) {
|
||
|
- copy_tree (def_template, user_home, false, false,
|
||
|
+ copy_tree (def_template, user_home, false, true,
|
||
|
(uid_t)-1, user_id, (gid_t)-1, user_gid);
|
||
|
} else {
|
||
|
fprintf (stderr,
|
||
|
@@ -2056,27 +2080,6 @@ int main (int argc, char **argv)
|
||
|
create_mail ();
|
||
|
}
|
||
|
|
||
|
- close_files ();
|
||
|
-
|
||
|
-#ifdef WITH_SELINUX
|
||
|
- if (Zflg) {
|
||
|
- if (set_seuser (user_name, user_selinux) != 0) {
|
||
|
- fprintf (stderr,
|
||
|
- _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
|
||
|
- Prog, user_name, user_selinux);
|
||
|
-#ifdef WITH_AUDIT
|
||
|
- audit_logger (AUDIT_ADD_USER, Prog,
|
||
|
- "adding SELinux user mapping",
|
||
|
- user_name, (unsigned int) user_id, 0);
|
||
|
-#endif /* WITH_AUDIT */
|
||
|
- fail_exit (E_SE_UPDATE);
|
||
|
- }
|
||
|
- }
|
||
|
-#endif /* WITH_SELINUX */
|
||
|
-
|
||
|
- nscd_flush_cache ("passwd");
|
||
|
- nscd_flush_cache ("group");
|
||
|
-
|
||
|
- return E_SUCCESS;
|
||
|
+ return rv;
|
||
|
}
|
||
|
|