"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "vendor/github.com/opencontainers/selinux/go-selinux/label/label_selinux.go" between
buildah-1.11.2.tar.gz and buildah-1.11.3.tar.gz

About: Buildah is a tool that facilitates building Open Container Initiative (OCI) container images.

label_selinux.go  (buildah-1.11.2):label_selinux.go  (buildah-1.11.3)
skipping to change at line 16 skipping to change at line 16
"fmt" "fmt"
"os" "os"
"os/user" "os/user"
"strings" "strings"
"github.com/opencontainers/selinux/go-selinux" "github.com/opencontainers/selinux/go-selinux"
) )
// Valid Label Options // Valid Label Options
var validOptions = map[string]bool{ var validOptions = map[string]bool{
"disable": true, "disable": true,
"type": true, "type": true,
"user": true, "filetype": true,
"role": true, "user": true,
"level": true, "role": true,
"level": true,
} }
var ErrIncompatibleLabel = fmt.Errorf("Bad SELinux option z and Z can not be use d together") var ErrIncompatibleLabel = fmt.Errorf("Bad SELinux option z and Z can not be use d together")
// InitLabels returns the process label and file labels to be used within // InitLabels returns the process label and file labels to be used within
// the container. A list of options can be passed into this function to alter // the container. A list of options can be passed into this function to alter
// the labels. The labels returned will include a random MCS String, that is // the labels. The labels returned will include a random MCS String, that is
// guaranteed to be unique. // guaranteed to be unique.
func InitLabels(options []string) (plabel string, mlabel string, Err error) { func InitLabels(options []string) (plabel string, mlabel string, Err error) {
if !selinux.GetEnabled() { if !selinux.GetEnabled() {
skipping to change at line 54 skipping to change at line 55
mcon, err := selinux.NewContext(mountLabel) mcon, err := selinux.NewContext(mountLabel)
if err != nil { if err != nil {
return "", "", err return "", "", err
} }
for _, opt := range options { for _, opt := range options {
if opt == "disable" { if opt == "disable" {
return "", mountLabel, nil return "", mountLabel, nil
} }
if i := strings.Index(opt, ":"); i == -1 { if i := strings.Index(opt, ":"); i == -1 {
return "", "", fmt.Errorf("Bad label option %q, v alid options 'disable' or \n'user, role, level, type' followed by ':' and a valu e", opt) return "", "", fmt.Errorf("Bad label option %q, v alid options 'disable' or \n'user, role, level, type, filetype' followed by ':' and a value", opt)
} }
con := strings.SplitN(opt, ":", 2) con := strings.SplitN(opt, ":", 2)
if !validOptions[con[0]] { if !validOptions[con[0]] {
return "", "", fmt.Errorf("Bad label option %q, v alid options 'disable, user, role, level, type'", con[0]) return "", "", fmt.Errorf("Bad label option %q, v alid options 'disable, user, role, level, type, filetype'", con[0])
} }
if con[0] == "filetype" {
mcon["type"] = con[1]
}
pcon[con[0]] = con[1] pcon[con[0]] = con[1]
if con[0] == "level" || con[0] == "user" { if con[0] == "level" || con[0] == "user" {
mcon[con[0]] = con[1] mcon[con[0]] = con[1]
} }
} }
_ = ReleaseLabel(processLabel) _ = ReleaseLabel(processLabel)
processLabel = pcon.Get() processLabel = pcon.Get()
mountLabel = mcon.Get() mountLabel = mcon.Get()
_ = ReserveLabel(processLabel) _ = ReserveLabel(processLabel)
} }
 End of changes. 4 change blocks. 
7 lines changed or deleted 11 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)