[systemd-devel] [PATCH v2 2/2] Set loaded_policy in smack_setup()

Łukasz Stelmach l.stelmach at samsung.com
Wed Feb 19 06:14:50 PST 2014 

It was <2014-02-19 śro 14:31>, when Lennart Poettering wrote:
> On Wed, 19.02.14 14:07, Łukasz Stelmach (l.stelmach at samsung.com) wrote:
>
>> With loaded_policy set to true mount_setup() relabels /dev properly.
>> 
>> Signed-off-by: Łukasz Stelmach <l.stelmach at samsung.com>
>
> Patch looks good, but we don't do S-o-b in systemd.

WRT the previous patch how should I describe it as Caysey's work mangled
by me?

>> ---
>>  src/core/main.c        |    2 +-
>>  src/core/smack-setup.c |    6 +++++-
>>  src/core/smack-setup.h |    2 +-
>>  3 files changed, 7 insertions(+), 3 deletions(-)
>> 
>> diff --git a/src/core/main.c b/src/core/main.c
>> index 7566b0a..9c88845 100644
>> --- a/src/core/main.c
>> +++ b/src/core/main.c
>> @@ -1309,7 +1309,7 @@ int main(int argc, char *argv[]) {
>>                                  goto finish;
>>                          if (ima_setup() < 0)
>>                                  goto finish;
>> -                        if (smack_setup() < 0)
>> +                        if (smack_setup(&loaded_policy) < 0)
>>                                  goto finish;
>>                          dual_timestamp_get(&security_finish_timestamp);
>>                  }
>> diff --git a/src/core/smack-setup.c b/src/core/smack-setup.c
>> index 611bfdb..a68605c 100644
>> --- a/src/core/smack-setup.c
>> +++ b/src/core/smack-setup.c
>> @@ -116,12 +116,14 @@ static int write_rules(const char* dstpath, const char* srcdir) {
>>  
>>  #endif
>>  
>> -int smack_setup(void) {
>> +int smack_setup(bool *loaded_policy) {
>>  
>>  #ifdef HAVE_SMACK
>>  
>>          int r;
>>  
>> +        assert(loaded_policy);
>> +
>>          r = write_rules("/sys/fs/smackfs/load2", SMACK_CONFIG);
>>          switch(r) {
>>          case -ENOENT:
>> @@ -163,6 +165,8 @@ int smack_setup(void) {
>>                  return 0;
>>          }
>>  
>> +        *loaded_policy = true;
>> +
>>  #endif
>>  
>>          return 0;
>> diff --git a/src/core/smack-setup.h b/src/core/smack-setup.h
>> index ffe9184..8927096 100644
>> --- a/src/core/smack-setup.h
>> +++ b/src/core/smack-setup.h
>> @@ -23,4 +23,4 @@
>>    along with systemd; If not, see <http://www.gnu.org/licenses/>.
>>  ***/
>>  
>> -int smack_setup(void);
>> +int smack_setup(bool *loaded_policy);
>
>
> Lennart

-- 
Łukasz Stelmach
Samsung R&D Institute Poland
Samsung Electronics
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20140219/471fb35e/attachment-0001.pgp>

More information about the systemd-devel mailing list