1 diff -ur sysvinit-2.86.org/src/init.c sysvinit-2.86/src/init.c
2 --- sysvinit-2.86.org/src/init.c 2004-07-30 14:16:20.000000000 +0200
3 +++ sysvinit-2.86/src/init.c 2005-12-24 23:22:51.000000000 +0100
6 #include <sys/syslog.h>
8 +#include <selinux/selinux.h>
20 if ((p = strrchr(argv[0], '/')) != NULL)
21 @@ -2662,6 +2665,20 @@
22 maxproclen += strlen(argv[f]) + 1;
25 + if (getenv("SELINUX_INIT") == NULL) {
26 + putenv("SELINUX_INIT=YES");
27 + if (selinux_init_load_policy(&enforce) == 0 ) {
28 + execv(myname, argv);
31 + /* SELinux in enforcing mode but load_policy failed */
32 + /* At this point, we probably can't open /dev/console, so log() won't work */
33 + initlog(L_VB,"Unable to load SELinux Policy. Machine is in enforcing mode. Halting now.");
42 diff -ur sysvinit-2.86.org/src/Makefile sysvinit-2.86/src/Makefile
43 --- sysvinit-2.86.org/src/Makefile 2005-12-24 23:21:59.000000000 +0100
44 +++ sysvinit-2.86/src/Makefile 2005-12-24 23:23:14.000000000 +0100
46 all: $(BIN) $(SBIN) $(USRBIN)
48 init: init.o init_utmp.o
49 - $(CC) $(LDFLAGS) $(STATIC) -o $@ init.o init_utmp.o
50 + $(CC) $(LDFLAGS) $(STATIC) -o $@ init.o init_utmp.o -lsepol -lselinux
52 halt: halt.o ifdown.o hddown.o utmp.o reboot.h
53 $(CC) $(LDFLAGS) -o $@ halt.o ifdown.o hddown.o utmp.o
55 $(CC) $(LDFLAGS) -o $@ runlevel.o
57 sulogin: sulogin.o md5_broken.o md5_crypt_broken.o arc4random.o bcrypt.o blowfish.o
58 - $(CC) $(LDFLAGS) $(STATIC) -o $@ $^ $(LCRYPT)
59 + $(CC) $(LDFLAGS) $(STATIC) -o $@ $^ $(LCRYPT) -lselinux
62 $(CC) $(LDFLAGS) -o $@ dowall.o wall.o
63 diff -ur sysvinit-2.86.org/src/sulogin.c sysvinit-2.86/src/sulogin.c
64 --- sysvinit-2.86.org/src/sulogin.c 2005-12-24 23:21:59.000000000 +0100
65 +++ sysvinit-2.86/src/sulogin.c 2005-12-24 23:23:33.000000000 +0100
70 +#include <selinux/selinux.h>
71 +#include <selinux/get_context_list.h>
75 #define CHECK_BLOWFISH 1
77 signal(SIGINT, SIG_DFL);
78 signal(SIGTSTP, SIG_DFL);
79 signal(SIGQUIT, SIG_DFL);
80 + if (is_selinux_enabled > 0) {
81 + security_context_t scon=NULL;
84 + if (getseuserbyname("root", &seuser, &level) == 0)
85 + if (get_default_context_with_level(seuser, level, 0, &scon) > 0) {
86 + if (setexeccon(scon) != 0)
87 + fprintf(stderr, "setexeccon faile\n");
93 execl(sushell, shell, NULL);