commit 403f2cfeb808d3b3420050434763d9a7689d8388
author Dan Walsh <dwalsh@redhat.com> Wed Oct 09 15:29:50 2013 -0400
committer Stephen Smalley <sds@tycho.nsa.gov> Thu Oct 24 13:58:38 2013 -0400
tree acb2d2630f6745e864d109621cbdbdf5c37e1499
parent f1598dff7e951f0dbfb68d9c45bc15fe6d2e821e

Change get_context_list to return an error rather then guess at a match.

In the past pam_selinux would return a bogus login context if the login program
was running with the wrong context.  If you ran sshd as unconfined_t
you might get the login user loggin in as pam_oddjob_mkhomedir_t or some other bogus
type.  This change fixes the code to return an error if it can not return a good
match.