[systemd-devel] [PATCH] Do not cache use_smack() value unless /sys is mounted
Lennart Poettering
lennart at poettering.net
Mon Mar 10 21:12:11 PDT 2014
On Fri, 28.02.14 17:09, Łukasz Stelmach (l.stelmach at samsung.com) wrote:
> use_smack() is called very early via mkdir_p_label(). This happens
> before /sys is mounted and hence before the authoritative information
> about smack is even available. To prevent caching of the invalid value
> check whether /sys/fs exists.
Hmm, it appears to me that we probably shouldn't invoke mkdir_p_label()
that early? Do you know which invocation this is?
It sounds really wrong trying to relabel a dir before the policy is
actually loaded...
> ---
> src/shared/smack-util.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/src/shared/smack-util.c b/src/shared/smack-util.c
> index df194e0..96f365c 100644
> --- a/src/shared/smack-util.c
> +++ b/src/shared/smack-util.c
> @@ -33,6 +33,9 @@ bool use_smack(void) {
> #ifdef HAVE_SMACK
> static int use_smack_cached = -1;
>
> + if (use_smack_cached < 0 && access("/sys/fs/", F_OK) < 0)
> + return false;
> +
> if (use_smack_cached < 0)
> use_smack_cached = access("/sys/fs/smackfs/", F_OK) >= 0;
>
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list