• Download Gist
selinux_check_access-function_removal.patch
Diff
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52
--- ./src/public.h 2008-09-26 09:29:54.000000000 -0500
+++ ./src/public.h 2013-02-24 03:18:30.539564953 -0600
@@ -97,8 +97,6 @@
#endif
 
#ifdef WITH_SELINUX
-extern int selinux_check_access (const char *__chuser,
- unsigned int __access);
extern int set_default_context (pam_handle_t *pamh,
const char *filename,
char **prev_context);
--- ./src/selinux_utils.c 2006-01-13 04:49:46.000000000 -0600
+++ ./src/selinux_utils.c 2013-02-24 03:22:42.824847218 -0600
@@ -38,38 +38,6 @@
#include "public.h"
 
int
-selinux_check_access (const char *chuser, unsigned int access)
-{
- int status = -1;
- security_context_t user_context;
-
- if (getprevcon (&user_context) == 0)
- {
- context_t c = context_new (user_context);
- const char *user = context_user_get (c);
-
- if (strcmp (chuser, user) == 0)
- status = 0;
- else
- {
- struct av_decision avd;
- int retval = security_compute_av (user_context,
- user_context,
- SECCLASS_PASSWD,
- access,
- &avd);
-
- if ((retval == 0) &&
- ((access & avd.allowed) == access))
- status = 0;
- }
- context_free (c);
- freecon (user_context);
- }
- return status;
-}
-
-int
set_default_context (pam_handle_t *pamh, const char *filename,
char **prev_context)
{

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.