Call selinux_restore_tty() as part of cleanup() so it gets called

from error()/errorx()
2010-06-14 15:09:15 -04:00
parent e1e0ac22b2
commit d27223b4c7
2 changed files with 10 additions and 3 deletions
--- a/src/exec_pty.c
+++ b/src/exec_pty.c
@@ -121,6 +121,9 @@ cleanup(int gotsignal)
 {
    if (!tq_empty(&io_plugins))
 	term_restore(io_fds[SFD_USERTTY], 0);
+#ifdef HAVE_SELINUX
+    selinux_restore_tty();
+#endif
 }

 /*
--- a/src/selinux.c
+++ b/src/selinux.c
@@ -66,7 +66,6 @@ static struct selinux_state {
 *
 * Returns zero on success, non-zero otherwise
 */
-/* XXX - should also be called as part of cleanup() */
 int
 selinux_restore_tty(void)
 {
@@ -91,9 +90,14 @@ selinux_restore_tty(void)
 	warning("unable to restore context for %s", se_state.ttyn);

 skip_relabel:
-    if (se_state.ttyfd != -1)
+    if (se_state.ttyfd != -1) {
 	close(se_state.ttyfd);
+	se_state.ttyfd = -1;
+    }
+    if (chk_tty_context != NULL) {
 	freecon(chk_tty_context);
+	chk_tty_context = NULL;
+    }
    return retval;
 }