struct policy_file {
/*
* A valid file is a keyfile with one ore more groups. All
- * groups are keept in this list.
+ * groups are kept in this list.
*/
GSList *groups;
};
/*
* SELinux combines Role-Based Access Control (RBAC), Type
- * Enforcment (TE) and optionally Multi-Level Security (MLS).
+ * Enforcement (TE) and optionally Multi-Level Security (MLS).
*
* When SELinux is enabled all processes and files are labeled
* with a contex that contains information such as user, role
*
* For identifyng application we (ab)using the type
* information. In the above example the haifux_exec_t type
- * will be transfered to haifux_t as defined in the domain
+ * will be transferred to haifux_t as defined in the domain
* transition and thus we are able to identify the application
* as haifux_t.
*/
DBG("session %p uid %d", policy->session, uid);
- if (err < 0) {
- cleanup_config(policy);
+ if (err < 0)
goto err;
- }
pwd = getpwuid((uid_t)uid);
if (!pwd) {
return;
err:
- failed_create(NULL, cb, cbd->user_data, err);
+ failed_create(policy, cb, cbd->user_data, err);
g_free(cbd);
g_free(groups);
}
str = g_key_file_get_string(keyfile, groupname, "AllowedBearers",
NULL);
if (str) {
+ g_slist_free(config->allowed_bearers);
+ config->allowed_bearers = NULL;
tokens = g_strsplit(str, " ", 0);
for (i = 0; tokens[i]; i++) {
for (i = 0; groupnames[i]; i++) {
group = g_new0(struct policy_group, 1);
- group->config = g_new0(struct connman_session_config, 1);
+ group->config = connman_session_create_default_config();
err = load_policy(keyfile, groupnames[i], group);
if (err < 0) {