diff options
author | Reiner Herrmann <reiner@reiner-h.de> | 2020-10-06 18:42:30 +0200 |
---|---|---|
committer | Reiner Herrmann <reiner@reiner-h.de> | 2020-10-06 18:42:30 +0200 |
commit | da13836d202c286a1d8cf837f506fa2ffe80d76f (patch) | |
tree | 469ab74b8a90d86a0182e49a6cdb6b19a4688ec8 /src | |
parent | selinux: don't try to relabel path when selinux is not enabled (diff) | |
download | firejail-da13836d202c286a1d8cf837f506fa2ffe80d76f.tar.gz firejail-da13836d202c286a1d8cf837f506fa2ffe80d76f.tar.zst firejail-da13836d202c286a1d8cf837f506fa2ffe80d76f.zip |
selinux: exit when selinux is enabled but opening handle fails
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/selinux.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/firejail/selinux.c b/src/firejail/selinux.c index b29c484b4..dd776fcce 100644 --- a/src/firejail/selinux.c +++ b/src/firejail/selinux.c | |||
@@ -49,6 +49,9 @@ void selinux_relabel_path(const char *path, const char *inside_path) | |||
49 | if (!label_hnd) | 49 | if (!label_hnd) |
50 | label_hnd = selabel_open(SELABEL_CTX_FILE, NULL, 0); | 50 | label_hnd = selabel_open(SELABEL_CTX_FILE, NULL, 0); |
51 | 51 | ||
52 | if (!label_hnd) | ||
53 | errExit("selabel_open"); | ||
54 | |||
52 | /* Open the file as O_PATH, to pin it while we determine and adjust the label */ | 55 | /* Open the file as O_PATH, to pin it while we determine and adjust the label */ |
53 | fd = open(path, O_NOFOLLOW|O_CLOEXEC|O_PATH); | 56 | fd = open(path, O_NOFOLLOW|O_CLOEXEC|O_PATH); |
54 | if (fd < 0) | 57 | if (fd < 0) |