selinux: use string_to_security_class() instead of class ID

SELinux recommends to use string_to_security_class() instead of referencing class IDs directly. This also fixes a build issue for systems that don't include flask.h by default. References: https://selinuxproject.org/page/NB_Imp_SELinux-aware_Apps#Implementing_SELinux-aware_Applications_2 SELinuxProject/selinux@76913d8
cms-externals · Feb 8, 2017 · 007a405 · 007a405
1 parent d63ec5b
commit 007a405
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/plugins/selinux.c b/plugins/selinux.c
@@ -106,7 +106,7 @@ static rpmRC selinux_scriptlet_fork_post(rpmPlugin plugin,
 	goto exit;
     if (getfilecon(path, &fcon) < 0)
 	goto exit;
-    if (security_compute_create(mycon, fcon, SECCLASS_PROCESS, &newcon) < 0)
+    if (security_compute_create(mycon, fcon, string_to_security_class("process"), &newcon) < 0)
 	goto exit;
 
     if (rstreq(mycon, newcon)) {