From 708312da5a1b76a370e84f5152f78f0d816f805a Mon Sep 17 00:00:00 2001
From: Laurent Bigonville <bigon@bigon.be>
Date: Tue, 6 Jun 2017 16:06:11 +0200
Subject: [PATCH] Return the dbus-daemon SELinux context when asiking about
 org.freedesktop.DBus

Currently when asked the SELinux context of the owner of
org.freedesktop.DBus, the dbus-daemon is returning an error.

In the same situation when asked about the Unix user or the PID, the
daemon would return its own user or pid.

This patch is doing the same for the SELinux context by returning the
daemon one.

https://bugs.freedesktop.org/show_bug.cgi?id=101315
---
 bus/driver.c  |  5 +++--
 bus/selinux.c | 15 +++++++++++++++
 bus/selinux.h |  2 ++
 3 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/bus/driver.c b/bus/driver.c
index 4e9b67cb..f4f77f2d 100644
--- a/bus/driver.c
+++ b/bus/driver.c
@@ -1854,8 +1854,9 @@ bus_driver_handle_get_connection_selinux_security_context (DBusConnection *conne
   if (reply == NULL)
     goto oom;
 
-  /* FIXME: Obtain the SELinux security context for the bus daemon itself */
-  if (found == BUS_DRIVER_FOUND_PEER)
+  if (found == BUS_DRIVER_FOUND_SELF)
+    context = bus_selinux_get_self ();
+  else if (found == BUS_DRIVER_FOUND_PEER)
     context = bus_connection_get_selinux_id (conn);
   else
     context = NULL;
diff --git a/bus/selinux.c b/bus/selinux.c
index cc111467..dacef2f4 100644
--- a/bus/selinux.c
+++ b/bus/selinux.c
@@ -272,6 +272,21 @@ bus_selinux_enabled (void)
 #endif /* HAVE_SELINUX */
 }
 
+BusSELinuxID*
+bus_selinux_get_self (void)
+{
+#ifdef HAVE_SELINUX
+  if(bus_selinux_enabled ())
+    {
+      return BUS_SID_FROM_SELINUX (bus_sid);
+    }
+  else
+    return NULL;
+#else
+  return NULL;
+#endif /* HAVE_SELINUX */
+}
+
 /**
  * Do early initialization; determine whether SELinux is enabled.
  */
diff --git a/bus/selinux.h b/bus/selinux.h
index 8c7cb0a3..a0383cdd 100644
--- a/bus/selinux.h
+++ b/bus/selinux.h
@@ -33,6 +33,8 @@ void        bus_selinux_shutdown (void);
 
 dbus_bool_t bus_selinux_enabled  (void);
 
+BusSELinuxID *bus_selinux_get_self (void);
+
 DBusHashTable* bus_selinux_id_table_new    (void);
 BusSELinuxID*  bus_selinux_id_table_lookup (DBusHashTable    *service_table,
                                             const DBusString *service_name);
-- 
2.11.0