libselinux: selabel_open fix processing of substitution files
libselinux selabel_open function always processed the substitution files (if
installed) from the active policy contexts/files/file_contexts.subs and
subs_dist irrespective of the backend type or SELABEL_OPT_PATH setting. This
patch now processes the correct subs files when selabel_open is called with
SELABEL_CTX_FILE. The other backends could also process their own substitution
files if needed in their own areas.
[move the init declaration to label_internal.h - eparis]
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
index 937e509..af7fd8f 100644
--- a/libselinux/src/label_file.c
+++ b/libselinux/src/label_file.c
@@ -406,6 +406,7 @@
FILE *homedirfp = NULL;
char local_path[PATH_MAX + 1];
char homedir_path[PATH_MAX + 1];
+ char subs_file[PATH_MAX + 1];
char *line_buf = NULL;
size_t line_len = 0;
unsigned int lineno, pass, i, j, maxnspec;
@@ -427,6 +428,17 @@
break;
}
+ /* Process local and distribution substitution files */
+ if (!path) {
+ rec->subs = selabel_subs_init(selinux_file_context_subs_dist_path(), rec->subs);
+ rec->subs = selabel_subs_init(selinux_file_context_subs_path(), rec->subs);
+ } else {
+ snprintf(subs_file, sizeof(subs_file), "%s.subs_dist", path);
+ rec->subs = selabel_subs_init(subs_file, rec->subs);
+ snprintf(subs_file, sizeof(subs_file), "%s.subs", path);
+ rec->subs = selabel_subs_init(subs_file, rec->subs);
+ }
+
/* Open the specification file. */
if (!path)
path = selinux_file_context_path();