From c7ca67d03cb8b21ceb56e925deb34a6c3337c23b Mon Sep 17 00:00:00 2001
From: Christian Göttsche <cgzones@googlemail.com>
Date: Mon, 3 Aug 2020 20:05:00 +0200
Subject: pam_unix: skip context translation

These retrieved contexts are just passed to libselinux functions and not
printed or otherwise made available to the outside, so a context
translation to human readable MCS/MLS labels is not needed.
(see man:setrans.conf(5))
---
 modules/pam_unix/lckpwdf.-c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'modules/pam_unix/lckpwdf.-c')

diff --git a/modules/pam_unix/lckpwdf.-c b/modules/pam_unix/lckpwdf.-c
index 0bc9c5ad..c3e63155 100644
--- a/modules/pam_unix/lckpwdf.-c
+++ b/modules/pam_unix/lckpwdf.-c
@@ -73,17 +73,17 @@ static int lckpwdf(void)
 		lockfd = open(LOCKFILE, O_WRONLY);
 		if(lockfd == -1 && errno == ENOENT)
 		{
-			char *create_context;
+			char *create_context_raw;
 			int rc;
 
-			if(getfilecon("/etc/passwd", &create_context))
+			if(getfilecon_raw("/etc/passwd", &create_context_raw))
 				return -1;
-			rc = setfscreatecon(create_context);
-			freecon(create_context);
+			rc = setfscreatecon_raw(create_context_raw);
+			freecon(create_context_raw);
 			if(rc)
 				return -1;
 			lockfd = open(LOCKFILE, O_CREAT | O_WRONLY, 0600);
-			if(setfscreatecon(NULL))
+			if(setfscreatecon_raw(NULL))
 				return -1;
 		}
 	}
-- 
cgit v1.2.3