[systemd-devel] [PATCH] condition, man: Add support for ConditionSecurity=smack

Karol Lewandowski k.lewandowsk at samsung.com
Tue May 7 04:21:46 PDT 2013


Signed-off-by: Karol Lewandowski <k.lewandowsk at samsung.com>

diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml
index 49103da..256c813 100644
--- a/man/systemd.unit.xml
+++ b/man/systemd.unit.xml
@@ -984,8 +984,9 @@
                                 may be used to check whether the given
                                 security module is enabled on the
                                 system.  Currently the only recognized
-                                values are <varname>selinux</varname>
-                                and <varname>apparmor</varname>.
+                                values are <varname>selinux</varname>,
+                                <varname>apparmor</varname> and
+                                <varname>smack</varname>.
                                 The test may be negated by prepending
                                 an exclamation
                                 mark.</para>
diff --git a/src/core/condition.c b/src/core/condition.c
index 4aa5530..16cae6d 100644
--- a/src/core/condition.c
+++ b/src/core/condition.c
@@ -164,6 +164,8 @@ static bool test_security(const char *parameter) {
 #endif
 	if (streq(parameter, "apparmor"))
 		return access("/sys/kernel/security/apparmor/", F_OK) == 0;
+	if (streq(parameter, "smack"))
+		return access("/sys/fs/smackfs", F_OK) == 0;
         return false;
 }
 
-- 
1.7.10.4



More information about the systemd-devel mailing list