gcc-config: Check writability in env.d instead of EROOT

SELinux blocks access to / so gcc-config fails even tho the required
dirs are writable. Adding SELinux rules to allow writing to / is pretty
undesirable. The best is to check for writability in the actual dirs
that gcc-config needs to write.

It should be sufficient to check only one dir instead of every dir,
since the check for only EROOT has been sufficient in the past.

avc:  denied  { write } for  pid=17173 comm="gcc-config" name="/" dev="zfs" ino=34 scontext=staff_u:sysadm_r:gcc_config_t:s0-s0:c0.c1023 tcontext=system_u:object_r:root_t:s0 tclass=dir

Bug: https://github.com/perfinion/hardened-refpolicy/pull/20
Bug: https://bugs.gentoo.org/823203
Signed-off-by: Jason Zaman <perfinion@gentoo.org>
Signed-off-by: Sam James <sam@gentoo.org>

1 files changed, 1 insertions, 1 deletions

diff --git a/gcc-config b/gcc-config
index 6b2a1a7..70bb388 100755
--- a/gcc-config
+++ b/gcc-config
@@ -668,7 +668,7 @@ switch_profile() {
 
 	# Make sure we have write access to the dirs.  Do not require `root`
 	# so that we work with prefix/cross/etc... setups that run as user.
-	[[ ! -w ${EROOT} ]] && die "need write access to ${EROOT}"
+	[[ ! -w ${ENV_D} ]] && die "need write access to ${ENV_D}"
 
 	if is_cross_compiler ; then
 		ebegin "Switching cross-compiler to ${CC_COMP}"