diff options
| author | Dominick Grift <dominick.grift@defensec.nl> | 2022-05-01 19:54:04 +0200 |
|---|---|---|
| committer | Daniel Golle <daniel@makrotopia.org> | 2022-05-02 18:56:02 +0100 |
| commit | 5109bd164c8f2273329483f990188fb36cf3ad68 (patch) | |
| tree | 0af07ae4c90c3174b445557a4cb8e4e4826edca6 /package/base-files/files/lib/functions.sh | |
| parent | 7d02fc0951ffcff3ba885374b108d20de92eddbe (diff) | |
| download | openwrt-5109bd164c8f2273329483f990188fb36cf3ad68.tar.gz openwrt-5109bd164c8f2273329483f990188fb36cf3ad68.tar.bz2 openwrt-5109bd164c8f2273329483f990188fb36cf3ad68.zip | |
base-files: address sed in-place without SELinux awareness
sed(1) in busybox does not support this functionality:
https://git.savannah.gnu.org/cgit/sed.git/tree/sed/execute.c#n598
This causes /etc/group to become mislabeled when a package requests
that a uid/gid be added on OpenWrt with SELinux
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[move restorecon inside lock]
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
Diffstat (limited to 'package/base-files/files/lib/functions.sh')
| -rw-r--r-- | package/base-files/files/lib/functions.sh | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/package/base-files/files/lib/functions.sh b/package/base-files/files/lib/functions.sh index ee0c33845c..9db0871d6c 100644 --- a/package/base-files/files/lib/functions.sh +++ b/package/base-files/files/lib/functions.sh @@ -386,6 +386,7 @@ group_add_user() { echo "$grp" | grep -q ":$" && delim="" [ -n "$IPKG_INSTROOT" ] || lock /var/lock/passwd sed -i "s/$grp/$grp$delim$2/g" ${IPKG_INSTROOT}/etc/group + selinuxenabled 2>/dev/null && restorecon /etc/group [ -n "$IPKG_INSTROOT" ] || lock -u /var/lock/passwd } |