2004-11-02 Colin Walters <walters@verbum.org>

	* bus/selinux.c (bus_selinux_init): Split into two functions,
	bus_selinux_pre_init and bus_selinux_post_init.
	(bus_selinux_pre_init): Just determine whether SELinux is
	enabled.
	(bus_selinux_post_init): Do everything else.

	* bus/main.c (main): Call bus_selinux_pre_init before parsing
	config file, and bus_selinux_post_init after.  This ensures that
	we don't lose the policyreload notification thread that
	bus_selinux_init created before forking previously.

	* bus/test-main.c (test_pre_hook): Update for split.

5 files changed, 48 insertions, 7 deletions

diff --git a/ChangeLog b/ChangeLog
index 13bbbcf0..1466ac82 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,18 @@
+2004-11-02  Colin Walters  <walters@verbum.org>
+
+	* bus/selinux.c (bus_selinux_init): Split into two functions,
+	bus_selinux_pre_init and bus_selinux_post_init.
+	(bus_selinux_pre_init): Just determine whether SELinux is
+	enabled.
+	(bus_selinux_post_init): Do everything else.
+
+	* bus/main.c (main): Call bus_selinux_pre_init before parsing
+	config file, and bus_selinux_post_init after.  This ensures that
+	we don't lose the policyreload notification thread that
+	bus_selinux_init created before forking previously.
+	
+	* bus/test-main.c (test_pre_hook): Update for split.
+
 2004-10-31  Owen Fraser-Green  <owen@discobabe.net>
 
 	Patch from Johan Fischer <linux@fischaz.com>
diff --git a/bus/main.c b/bus/main.c
index 95727694..296aa63c 100644
--- a/bus/main.c
+++ b/bus/main.c
@@ -377,9 +377,9 @@ main (int argc, char **argv)
     }
   _dbus_string_free (&pid_fd);
 
-  if (!bus_selinux_init ())
+  if (!bus_selinux_pre_init ())
     {
-      _dbus_warn ("SELinux initialization failed\n");
+      _dbus_warn ("SELinux pre-initialization failed\n");
       exit (1);
     }
 
@@ -396,6 +396,12 @@ main (int argc, char **argv)
       exit (1);
     }
 
+  if (!bus_selinux_full_init ())
+    {
+      _dbus_warn ("SELinux initialization failed\n");
+      exit (1);
+    }
+
   setup_reload_pipe (bus_context_get_loop (context));
  
   _dbus_set_signal_handler (SIGHUP, signal_handler);
diff --git a/bus/selinux.c b/bus/selinux.c
index de68da33..96acddfe 100644
--- a/bus/selinux.c
+++ b/bus/selinux.c
@@ -205,11 +205,10 @@ bus_selinux_enabled (void)
 }
 
 /**
- * Initialize the user space access vector cache (AVC) for D-BUS and set up
- * logging callbacks.
+ * Do early initialization; determine whether SELinux is enabled.
  */
 dbus_bool_t
-bus_selinux_init (void)
+bus_selinux_pre_init (void)
 {
 #ifdef HAVE_SELINUX
   int r;
@@ -227,7 +226,25 @@ bus_selinux_init (void)
     }
 
   selinux_enabled = r != 0;
+  return TRUE;
+#else
+  return TRUE;
+#endif
+}
+
+/**
+ * Initialize the user space access vector cache (AVC) for D-BUS and set up
+ * logging callbacks.
+ */
+dbus_bool_t
+bus_selinux_full_init (void)
+{
+#ifdef HAVE_SELINUX
+  int r;
+  char *bus_context;
 
+  _dbus_assert (bus_sid == SECSID_WILD);
+  
   if (!selinux_enabled)
     {
       _dbus_verbose ("SELinux not enabled in this kernel.\n");
diff --git a/bus/selinux.h b/bus/selinux.h
index 886f9c71..13122520 100644
--- a/bus/selinux.h
+++ b/bus/selinux.h
@@ -27,7 +27,8 @@
 #include <dbus/dbus-connection.h>
 #include "services.h"
 
-dbus_bool_t bus_selinux_init     (void);
+dbus_bool_t bus_selinux_pre_init (void);
+dbus_bool_t bus_selinux_full_init(void);
 void        bus_selinux_shutdown (void);
 
 dbus_bool_t bus_selinux_enabled  (void);
diff --git a/bus/test-main.c b/bus/test-main.c
index 4043f6ed..14e35f5f 100644
--- a/bus/test-main.c
+++ b/bus/test-main.c
@@ -56,7 +56,9 @@ static void
 test_pre_hook (void)
 {
   
-  if (_dbus_getenv ("DBUS_TEST_SELINUX") && !bus_selinux_init ())
+  if (_dbus_getenv ("DBUS_TEST_SELINUX")
+      && !bus_selinux_pre_init ()
+      && !bus_selinux_full_init ())
     die ("could not init selinux support");
 }