Skip to content

Commit

Permalink
Start tincd inside sub-shell to switch selinux context to "u:r:init_s…
Browse files Browse the repository at this point in the history 
…hell:s0". Fixes #26.
  • Loading branch information
@Vilbrekin
Vilbrekin committed Dec 15, 2014
1 parent 526a20f commit bb562d8
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/org/poirsouille/tinc_gui/TincdService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -207,7 +207,7 @@ public void run()
// Register a broadcast receiver to get notified on network state change
_broadcastReceiver.register();
// Use exec to replace shell with executable. umask is used to ensure pidfile will be world readable.
TincdService.this.run("umask 022; exec " + getFileStreamPath(TINCBIN) + " -D -d" + _debugLvl + " -c " + _configPath + " --pidfile=" + getFileStreamPath(PIDFILE), TincdService.this);
TincdService.this.run("sh -c'umask 022; id; exec " + getFileStreamPath(TINCBIN) + " -D -d" + _debugLvl + " -c " + _configPath + " --pidfile=" + getFileStreamPath(PIDFILE) + "'", TincdService.this);

This comment has been minimized.

Sign in to view

Copy link
@luckyhacky

luckyhacky Dec 26, 2014

Contributor

TincdService.this.run("sh -c'umask 022; id; exec " + getFileStreamPath(TINCBIN) + " -D -d" + _debugLvl + " -c " + _configPath + " --pidfile=" + getFileStreamPath(PIDFILE) + "'", TincdService.this);

Should be:
TincdService.this.run("sh -c 'umask 022; id; exec " + getFileStreamPath(TINCBIN) + " -D -d" + _debugLvl + " -c " + _configPath + " --pidfile=" + getFileStreamPath(PIDFILE) + "'", TincdService.this);

after -c a space is required.
// Process returns only when ended
_started = false;
_broadcastReceiver.unregister();
Expand Down

0 comments on commit bb562d8

Please sign in to comment.