From 084e027d0ba78d0a62aa011ba9c49f92f4ff1fc2 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Fri, 23 Feb 2024 13:02:42 -0500 Subject: [PATCH] sepolicy: Fix publicity mismatch for ostree_sepolicy_host_enabled As this is only used by internal code, just drop the `_OSTREE_PUBLIC` marker for now. If we have a reason to export it we can do that later. Closes: https://github.com/ostreedev/ostree/issues/3182 --- src/libostree/ostree-repo-checkout.c | 4 ++-- src/libostree/ostree-sepolicy-private.h | 2 ++ src/libostree/ostree-sepolicy.c | 4 ++-- src/libostree/ostree-sepolicy.h | 3 --- 4 files changed, 6 insertions(+), 7 deletions(-) diff --git a/src/libostree/ostree-repo-checkout.c b/src/libostree/ostree-repo-checkout.c index 530a40f8a1..f506545529 100644 --- a/src/libostree/ostree-repo-checkout.c +++ b/src/libostree/ostree-repo-checkout.c @@ -195,7 +195,7 @@ create_file_copy_from_input_at (OstreeRepo *repo, OstreeRepoCheckoutAtOptions *o g_autoptr (GVariant) modified_xattrs = NULL; /* If we're doing SELinux labeling, prepare it */ - if (sepolicy_enabled && ostree_sepolicy_host_enabled (options->sepolicy)) + if (sepolicy_enabled && _ostree_sepolicy_host_enabled (options->sepolicy)) { /* If doing sepolicy path-based labeling, we don't want to set the * security.selinux attr via the generic xattr paths in either the symlink @@ -1045,7 +1045,7 @@ checkout_tree_at_recurse (OstreeRepo *self, OstreeRepoCheckoutAtOptions *options }; /* If we're doing SELinux labeling, prepare it */ - if (sepolicy_enabled && ostree_sepolicy_host_enabled (options->sepolicy)) + if (sepolicy_enabled && _ostree_sepolicy_host_enabled (options->sepolicy)) { /* We'll set the xattr via setfscreatecon(), so don't do it via generic xattrs below. */ modified_xattrs = _ostree_filter_selinux_xattr (xattrs); diff --git a/src/libostree/ostree-sepolicy-private.h b/src/libostree/ostree-sepolicy-private.h index 350ef4074f..b526d867c6 100644 --- a/src/libostree/ostree-sepolicy-private.h +++ b/src/libostree/ostree-sepolicy-private.h @@ -36,4 +36,6 @@ gboolean _ostree_sepolicy_preparefscreatecon (OstreeSepolicyFsCreatecon *con, Os GVariant *_ostree_filter_selinux_xattr (GVariant *xattrs); +gboolean _ostree_sepolicy_host_enabled (OstreeSePolicy *self); + G_END_DECLS diff --git a/src/libostree/ostree-sepolicy.c b/src/libostree/ostree-sepolicy.c index 66cbb55a5f..54be6f59ad 100644 --- a/src/libostree/ostree-sepolicy.c +++ b/src/libostree/ostree-sepolicy.c @@ -755,13 +755,13 @@ _ostree_filter_selinux_xattr (GVariant *xattrs) } /** - * ostree_sepolicy_host_enabled: + * _ostree_sepolicy_host_enabled: * @self: Policy * * Return if the host has selinux enabled */ gboolean -ostree_sepolicy_host_enabled (OstreeSePolicy *self) +_ostree_sepolicy_host_enabled (OstreeSePolicy *self) { #ifdef HAVE_SELINUX return cached_is_selinux_enabled (); diff --git a/src/libostree/ostree-sepolicy.h b/src/libostree/ostree-sepolicy.h index a7e14c2b5b..2098456701 100644 --- a/src/libostree/ostree-sepolicy.h +++ b/src/libostree/ostree-sepolicy.h @@ -77,7 +77,4 @@ void ostree_sepolicy_fscreatecon_cleanup (void **unused); #define ostree_cleanup_sepolicy_fscreatecon \ __attribute__ ((cleanup (ostree_sepolicy_fscreatecon_cleanup))) -_OSTREE_PUBLIC -gboolean ostree_sepolicy_host_enabled (OstreeSePolicy *self); - G_END_DECLS