From 49339525a98b5f472c902144706a663f8a9903d1 Mon Sep 17 00:00:00 2001
From: "Robin H. Johnson" <robbat2@gentoo.org>
Date: Mon, 17 Jan 2011 07:37:38 +0000
Subject: Bug #351712: Implement --applet selection mode for SELinux wrappers.

In addition to detecting what multicall applet we want via argv[0],
provide an explicit override mode with a --applet initial argument.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
---
 src/rc/rc.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'src/rc/rc.c')

diff --git a/src/rc/rc.c b/src/rc/rc.c
index b062349..a2e095d 100644
--- a/src/rc/rc.c
+++ b/src/rc/rc.c
@@ -804,6 +804,7 @@ main(int argc, char **argv)
 	int opt;
 	bool parallel;
 	int regen = 0;
+	int i;
 #ifdef __linux__
 	char *proc;
 	char *p;
@@ -816,6 +817,18 @@ main(int argc, char **argv)
 	signal_setup(SIGSEGV, handle_bad_signal);
 #endif
 
+	/* Bug 351712: We need an extra way to explicitly select an applet OTHER
+	 * than trusting argv[0], as argv[0] is not going to be the applet value if
+	 * we are doing SELinux context switching. For this, we allow calls such as
+	 * 'rc --applet APPLET', and shift ALL of argv down by two array items. */
+	if(strcmp(basename_c(argv[0]), "rc") == 0 && strcmp(argv[1], "--applet") == 0) { 
+		for(i = 2; i < argc; i++) 
+			argv[i-2] = argv[i]; 
+		argv[argc-2] = NULL;
+		argv[argc-1] = NULL;
+		argc -= 2;
+	}
+	/* Now we can trust our applet value in argv[0] */
 	applet = basename_c(argv[0]);
 	LIST_INIT(&service_pids);
 	atexit(cleanup);
-- 
cgit v1.2.3