[systemd-devel] [PATCH] Set loaded_policy in smack_setup()

Łukasz Stelmach l.stelmach at samsung.com
Thu Dec 19 07:58:34 PST 2013


With loaded_policy set to true mount_setup() relabels /dev properly.

Signed-off-by: Łukasz Stelmach <l.stelmach at samsung.com>
---
 src/core/main.c        |    2 +-
 src/core/smack-setup.c |    6 +++++-
 src/core/smack-setup.h |    2 +-
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/core/main.c b/src/core/main.c
index fe291f8..f91db52 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -1286,7 +1286,7 @@ int main(int argc, char *argv[]) {
                                 goto finish;
                         if (ima_setup() < 0)
                                 goto finish;
-                        if (smack_setup() < 0)
+                        if (smack_setup(&loaded_policy) < 0)
                                 goto finish;
                 }
 
diff --git a/src/core/smack-setup.c b/src/core/smack-setup.c
index 1434dea..d8e96ed 100644
--- a/src/core/smack-setup.c
+++ b/src/core/smack-setup.c
@@ -115,12 +115,14 @@ static int write_rules(const char* dstpath, const char* srcdir) {
 
 #endif
 
-int smack_setup(void) {
+int smack_setup(bool *loaded_policy) {
 
 #ifdef HAVE_SMACK
 
         int r;
 
+	assert(loaded_policy);
+
         r = write_rules("/sys/fs/smackfs/load2", SMACK_CONFIG);
         switch(r) {
         case -ENOENT:
@@ -155,6 +157,8 @@ int smack_setup(void) {
                 return 0;
         }
 
+	*loaded_policy = true;
+
 #endif
 
         return 0;
diff --git a/src/core/smack-setup.h b/src/core/smack-setup.h
index ffe9184..8927096 100644
--- a/src/core/smack-setup.h
+++ b/src/core/smack-setup.h
@@ -23,4 +23,4 @@
   along with systemd; If not, see <http://www.gnu.org/licenses/>.
 ***/
 
-int smack_setup(void);
+int smack_setup(bool *loaded_policy);
-- 
1.7.9.5



More information about the systemd-devel mailing list