[systemd-devel] [PATCH] Do not cache use_smack() value unless /sys is mounted

Lennart Poettering lennart at poettering.net
Mon Mar 10 21:12:11 PDT 2014


On Fri, 28.02.14 17:09, Łukasz Stelmach (l.stelmach at samsung.com) wrote:

> use_smack() is called very early via mkdir_p_label(). This happens
> before /sys is mounted and hence before the authoritative information
> about smack is even available. To prevent caching of the invalid value
> check whether /sys/fs exists.

Hmm, it appears to me that we probably shouldn't invoke mkdir_p_label()
that early? Do you know which invocation this is?

It sounds really wrong trying to relabel a dir before the policy is
actually loaded...

> ---
>  src/shared/smack-util.c |    3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/src/shared/smack-util.c b/src/shared/smack-util.c
> index df194e0..96f365c 100644
> --- a/src/shared/smack-util.c
> +++ b/src/shared/smack-util.c
> @@ -33,6 +33,9 @@ bool use_smack(void) {
>  #ifdef HAVE_SMACK
>          static int use_smack_cached = -1;
>  
> +        if (use_smack_cached < 0 && access("/sys/fs/", F_OK) < 0)
> +                return false;
> +
>          if (use_smack_cached < 0)
>                  use_smack_cached = access("/sys/fs/smackfs/", F_OK) >= 0;
>  


Lennart

-- 
Lennart Poettering, Red Hat


More information about the systemd-devel mailing list