[systemd-devel] Patch for Smack labelling support in udev
Reshetova, Elena
elena.reshetova at intel.com
Wed Jul 24 03:15:20 PDT 2013
-----Original Message-----
From: Kay Sievers [mailto:kay at vrfy.org]
Sent: Tuesday, July 16, 2013 10:12 PM
To: Reshetova, Elena
Cc: Lennart Poettering; systemd-devel at lists.freedesktop.org; Ware, Ryan R;
Schaufler, Casey; walyong.cho at samsung.com
Subject: Re: [systemd-devel] Patch for Smack labelling support in udev
On Tue, Jul 9, 2013 at 4:34 PM, Reshetova, Elena <elena.reshetova at intel.com>
wrote:
>> -static int node_permissions_apply(struct udev_device *dev, bool
>> apply, mode_t mode, uid_t uid, gid_t gid)
>> +static int node_permissions_apply(struct udev_device *dev, bool
>> +apply,
>> mode_t mode,
>> + uid_t uid, gid_t gid, struct
>> +udev_list xattr_list)
>
>>Guess we better pass the udev_list as a const pointer here.
>
> Ups, sorry, missed this one, of course it won't even work this way (I
> haven't tried to run it yet ...
>It looks like it could work, but please test it and make sure it does the
>right thing before we go ahead from here.
OK, so now I have tested it and with one minor fix (passing a list entry and
not the whole list in udev-node) it works just fine.
I am able to setup one or more xattrs on device node using the syntax
XATTR{attr_name}="value"
For example, I can set a couple of smack-related xattrs in one go like
XATTR{security.SMACK64}="*", XATTR{security.SMACK64EXEC}="*".
Doesn't make sense from smack point of view (only smack64 is really meaningful
on device nodes), but proves that functionality works.
I am attaching the patch.
Best Regards,
Elena.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Adding-extended-attribute-support-for-udev-nodes-lab.patch
Type: application/octet-stream
Size: 10185 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20130724/eac75a30/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7220 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20130724/eac75a30/attachment-0001.bin>
More information about the systemd-devel
mailing list