New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Non-cached is_selinux_enabled() variant? #419
Comments
A call to |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Consider that the caller does
chroot()
first, and then asks foris_selinux_enabled()
. The current implementation uses cached static variable values to report if SELinux is enabled, these values are initiated by the library constructor (before the caller has the chance to callchroot()
).selinux/libselinux/src/enabled.c
Lines 11 to 21 in 82195e7
selinux/libselinux/src/init.c
Lines 146 to 154 in 82195e7
The thing is that tools like
useradd --root /some/chroot
need some API to detect that SELinux is disabled in the chroot for further logic.The text was updated successfully, but these errors were encountered: