diff mbox series

[5/5] libselinux/utils/selabel_digest: pass BASEONLY only for file backend

Message ID 20240313111025.43720-5-cgzones@googlemail.com (mailing list archive)
State Accepted
Commit fb497895e1df
Delegated to: Petr Lautrbach
Headers show
Series [1/5] libselinux/utils/selabel_digest: drop unsupported option -d | expand

Commit Message

Christian Göttsche March 13, 2024, 11:10 a.m. UTC 
Since commit 65c8fd45 ("libselinux: fail selabel_open(3) on invalid
option") selabel_open(3) rejects options not supported for the
respective backend.  Pass SELABEL_OPT_BASEONLY only if the file backend
is selected.

Reported-by: zgzxx (https://github.com/SELinuxProject/selinux/issues/427)
Fixes: 65c8fd45 ("libselinux: fail selabel_open(3) on invalid option")
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 libselinux/utils/selabel_digest.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)
diff mbox series

Patch

diff --git a/libselinux/utils/selabel_digest.c b/libselinux/utils/selabel_digest.c
index 64051070..47aad21f 100644
--- a/libselinux/utils/selabel_digest.c
+++ b/libselinux/utils/selabel_digest.c
@@ -71,8 +71,8 @@  int main(int argc, char **argv)
 	struct selabel_handle *hnd;
 	struct selinux_opt selabel_option[] = {
 		{ SELABEL_OPT_PATH, file },
-		{ SELABEL_OPT_BASEONLY, baseonly },
-		{ SELABEL_OPT_DIGEST, digest }
+		{ SELABEL_OPT_DIGEST, digest },
+		{ SELABEL_OPT_BASEONLY, baseonly }
 	};
 
 	if (argc < 3)
@@ -119,10 +119,10 @@  int main(int argc, char **argv)
 	memset(cmd_buf, 0, sizeof(cmd_buf));
 
 	selabel_option[0].value = file;
-	selabel_option[1].value = baseonly;
-	selabel_option[2].value = digest;
+	selabel_option[1].value = digest;
+	selabel_option[2].value = baseonly;
 
-	hnd = selabel_open(backend, selabel_option, 3);
+	hnd = selabel_open(backend, selabel_option, backend == SELABEL_CTX_FILE ? 3 : 2);
 	if (!hnd) {
 		switch (errno) {
 		case EOVERFLOW: