[systemd-devel] [PATCH] mac: add mac_ prefix to distinguish origin security apis
Lennart Poettering
lennart at poettering.net
Tue Oct 28 06:33:58 PDT 2014
On Fri, 24.10.14 21:15, WaLyong Cho (walyong.cho at samsung.com) wrote:
Thanks! Applied!
> ---
> src/core/dbus-job.c | 2 +-
> src/core/dbus-manager.c | 68 +++++++++++++++++++++++------------------------
> src/core/dbus-snapshot.c | 2 +-
> src/core/dbus-unit.c | 8 +++---
> src/core/dbus.c | 8 +++---
> src/core/main.c | 4 +--
> src/core/selinux-access.c | 46 +++++++++++---------------------
> src/core/selinux-access.h | 18 ++++++-------
> src/core/selinux-setup.c | 2 +-
> src/core/selinux-setup.h | 2 +-
> src/core/smack-setup.c | 2 +-
> src/core/smack-setup.h | 2 +-
> 12 files changed, 74 insertions(+), 90 deletions(-)
>
> diff --git a/src/core/dbus-job.c b/src/core/dbus-job.c
> index 3f7a28a..09f5739 100644
> --- a/src/core/dbus-job.c
> +++ b/src/core/dbus-job.c
> @@ -80,7 +80,7 @@ int bus_job_method_cancel(sd_bus *bus, sd_bus_message *message, void *userdata,
> if (r < 0)
> return r;
>
> - r = selinux_unit_access_check(j->unit, message, "stop", error);
> + r = mac_selinux_unit_access_check(j->unit, message, "stop", error);
> if (r < 0)
> return r;
>
> diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
> index 57db1c9..c54abd3 100644
> --- a/src/core/dbus-manager.c
> +++ b/src/core/dbus-manager.c
> @@ -363,7 +363,7 @@ static int method_get_unit(sd_bus *bus, sd_bus_message *message, void *userdata,
> if (!u)
> return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", name);
>
> - r = selinux_unit_access_check(u, message, "status", error);
> + r = mac_selinux_unit_access_check(u, message, "status", error);
> if (r < 0)
> return r;
>
> @@ -409,7 +409,7 @@ static int method_get_unit_by_pid(sd_bus *bus, sd_bus_message *message, void *us
> if (!u)
> return sd_bus_error_setf(error, BUS_ERROR_NO_UNIT_FOR_PID, "PID %u does not belong to any loaded unit.", pid);
>
> - r = selinux_unit_access_check(u, message, "status", error);
> + r = mac_selinux_unit_access_check(u, message, "status", error);
> if (r < 0)
> return r;
>
> @@ -441,7 +441,7 @@ static int method_load_unit(sd_bus *bus, sd_bus_message *message, void *userdata
> if (r < 0)
> return r;
>
> - r = selinux_unit_access_check(u, message, "status", error);
> + r = mac_selinux_unit_access_check(u, message, "status", error);
> if (r < 0)
> return r;
>
> @@ -648,7 +648,7 @@ static int method_start_transient_unit(sd_bus *bus, sd_bus_message *message, voi
> if (mode < 0)
> return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job mode %s is invalid.", smode);
>
> - r = selinux_access_check(message, "start", error);
> + r = mac_selinux_access_check(message, "start", error);
> if (r < 0)
> return r;
>
> @@ -702,7 +702,7 @@ static int method_get_job(sd_bus *bus, sd_bus_message *message, void *userdata,
> if (!j)
> return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_JOB, "Job %u does not exist.", (unsigned) id);
>
> - r = selinux_unit_access_check(j->unit, message, "status", error);
> + r = mac_selinux_unit_access_check(j->unit, message, "status", error);
> if (r < 0)
> return r;
>
> @@ -742,7 +742,7 @@ static int method_clear_jobs(sd_bus *bus, sd_bus_message *message, void *userdat
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "reboot", error);
> + r = mac_selinux_access_check(message, "reboot", error);
> if (r < 0)
> return r;
>
> @@ -759,7 +759,7 @@ static int method_reset_failed(sd_bus *bus, sd_bus_message *message, void *userd
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "reload", error);
> + r = mac_selinux_access_check(message, "reload", error);
> if (r < 0)
> return r;
>
> @@ -782,7 +782,7 @@ static int list_units_filtered(sd_bus *bus, sd_bus_message *message, void *userd
>
> /* Anyone can call this method */
>
> - r = selinux_access_check(message, "status", error);
> + r = mac_selinux_access_check(message, "status", error);
> if (r < 0)
> return r;
>
> @@ -870,7 +870,7 @@ static int method_list_jobs(sd_bus *bus, sd_bus_message *message, void *userdata
>
> /* Anyone can call this method */
>
> - r = selinux_access_check(message, "status", error);
> + r = mac_selinux_access_check(message, "status", error);
> if (r < 0)
> return r;
>
> @@ -922,7 +922,7 @@ static int method_subscribe(sd_bus *bus, sd_bus_message *message, void *userdata
>
> /* Anyone can call this method */
>
> - r = selinux_access_check(message, "status", error);
> + r = mac_selinux_access_check(message, "status", error);
> if (r < 0)
> return r;
>
> @@ -957,7 +957,7 @@ static int method_unsubscribe(sd_bus *bus, sd_bus_message *message, void *userda
>
> /* Anyone can call this method */
>
> - r = selinux_access_check(message, "status", error);
> + r = mac_selinux_access_check(message, "status", error);
> if (r < 0)
> return r;
>
> @@ -985,7 +985,7 @@ static int method_dump(sd_bus *bus, sd_bus_message *message, void *userdata, sd_
>
> /* Anyone can call this method */
>
> - r = selinux_access_check(message, "status", error);
> + r = mac_selinux_access_check(message, "status", error);
> if (r < 0)
> return r;
>
> @@ -1016,7 +1016,7 @@ static int method_create_snapshot(sd_bus *bus, sd_bus_message *message, void *us
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "start", error);
> + r = mac_selinux_access_check(message, "start", error);
> if (r < 0)
> return r;
>
> @@ -1048,7 +1048,7 @@ static int method_remove_snapshot(sd_bus *bus, sd_bus_message *message, void *us
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "stop", error);
> + r = mac_selinux_access_check(message, "stop", error);
> if (r < 0)
> return r;
>
> @@ -1080,7 +1080,7 @@ static int method_reload(sd_bus *bus, sd_bus_message *message, void *userdata, s
> if (r == 0)
> return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
>
> - r = selinux_access_check(message, "reload", error);
> + r = mac_selinux_access_check(message, "reload", error);
> if (r < 0)
> return r;
>
> @@ -1114,7 +1114,7 @@ static int method_reexecute(sd_bus *bus, sd_bus_message *message, void *userdata
> if (r == 0)
> return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
>
> - r = selinux_access_check(message, "reload", error);
> + r = mac_selinux_access_check(message, "reload", error);
> if (r < 0)
> return r;
>
> @@ -1133,7 +1133,7 @@ static int method_exit(sd_bus *bus, sd_bus_message *message, void *userdata, sd_
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "halt", error);
> + r = mac_selinux_access_check(message, "halt", error);
> if (r < 0)
> return r;
>
> @@ -1153,7 +1153,7 @@ static int method_reboot(sd_bus *bus, sd_bus_message *message, void *userdata, s
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "reboot", error);
> + r = mac_selinux_access_check(message, "reboot", error);
> if (r < 0)
> return r;
>
> @@ -1174,7 +1174,7 @@ static int method_poweroff(sd_bus *bus, sd_bus_message *message, void *userdata,
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "halt", error);
> + r = mac_selinux_access_check(message, "halt", error);
> if (r < 0)
> return r;
>
> @@ -1194,7 +1194,7 @@ static int method_halt(sd_bus *bus, sd_bus_message *message, void *userdata, sd_
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "halt", error);
> + r = mac_selinux_access_check(message, "halt", error);
> if (r < 0)
> return r;
>
> @@ -1214,7 +1214,7 @@ static int method_kexec(sd_bus *bus, sd_bus_message *message, void *userdata, sd
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "reboot", error);
> + r = mac_selinux_access_check(message, "reboot", error);
> if (r < 0)
> return r;
>
> @@ -1236,7 +1236,7 @@ static int method_switch_root(sd_bus *bus, sd_bus_message *message, void *userda
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "reboot", error);
> + r = mac_selinux_access_check(message, "reboot", error);
> if (r < 0)
> return r;
>
> @@ -1300,7 +1300,7 @@ static int method_set_environment(sd_bus *bus, sd_bus_message *message, void *us
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "reload", error);
> + r = mac_selinux_access_check(message, "reload", error);
> if (r < 0)
> return r;
>
> @@ -1326,7 +1326,7 @@ static int method_unset_environment(sd_bus *bus, sd_bus_message *message, void *
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "reload", error);
> + r = mac_selinux_access_check(message, "reload", error);
> if (r < 0)
> return r;
>
> @@ -1353,7 +1353,7 @@ static int method_unset_and_set_environment(sd_bus *bus, sd_bus_message *message
> assert(message);
> assert(m);
>
> - r = selinux_access_check(message, "reload", error);
> + r = mac_selinux_access_check(message, "reload", error);
> if (r < 0)
> return r;
>
> @@ -1391,7 +1391,7 @@ static int method_list_unit_files(sd_bus *bus, sd_bus_message *message, void *us
>
> /* Anyone can call this method */
>
> - r = selinux_access_check(message, "status", error);
> + r = mac_selinux_access_check(message, "status", error);
> if (r < 0)
> return r;
>
> @@ -1444,7 +1444,7 @@ static int method_get_unit_file_state(sd_bus *bus, sd_bus_message *message, void
>
> /* Anyone can call this method */
>
> - r = selinux_access_check(message, "status", error);
> + r = mac_selinux_access_check(message, "status", error);
> if (r < 0)
> return r;
>
> @@ -1473,7 +1473,7 @@ static int method_get_default_target(sd_bus *bus, sd_bus_message *message, void
>
> /* Anyone can call this method */
>
> - r = selinux_access_check(message, "status", error);
> + r = mac_selinux_access_check(message, "status", error);
> if (r < 0)
> return r;
>
> @@ -1585,7 +1585,7 @@ static int method_enable_unit_files_generic(
> if (r < 0)
> return r;
>
> - r = selinux_unit_access_check_strv(l, message, m, verb, error);
> + r = mac_selinux_unit_access_check_strv(l, message, m, verb, error);
> if (r < 0)
> return r;
>
> @@ -1659,7 +1659,7 @@ static int method_preset_unit_files_with_mode(sd_bus *bus, sd_bus_message *messa
> return -EINVAL;
> }
>
> - r = selinux_unit_access_check_strv(l, message, m, "enable", error);
> + r = mac_selinux_unit_access_check_strv(l, message, m, "enable", error);
> if (r < 0)
> return r;
>
> @@ -1696,7 +1696,7 @@ static int method_disable_unit_files_generic(
> if (r == 0)
> return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
>
> - r = selinux_access_check(message, verb, error);
> + r = mac_selinux_access_check(message, verb, error);
> if (r < 0)
> return r;
>
> @@ -1743,7 +1743,7 @@ static int method_set_default_target(sd_bus *bus, sd_bus_message *message, void
> if (r == 0)
> return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
>
> - r = selinux_access_check(message, "enable", error);
> + r = mac_selinux_access_check(message, "enable", error);
> if (r < 0)
> return r;
>
> @@ -1779,7 +1779,7 @@ static int method_preset_all_unit_files(sd_bus *bus, sd_bus_message *message, vo
> if (r == 0)
> return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
>
> - r = selinux_access_check(message, "enable", error);
> + r = mac_selinux_access_check(message, "enable", error);
> if (r < 0)
> return r;
>
> @@ -1837,7 +1837,7 @@ static int method_add_dependency_unit_files(sd_bus *bus, sd_bus_message *message
> if (dep < 0)
> return -EINVAL;
>
> - r = selinux_unit_access_check_strv(l, message, m, "enable", error);
> + r = mac_selinux_unit_access_check_strv(l, message, m, "enable", error);
> if (r < 0)
> return r;
>
> diff --git a/src/core/dbus-snapshot.c b/src/core/dbus-snapshot.c
> index 2a5ef44..06a58e4 100644
> --- a/src/core/dbus-snapshot.c
> +++ b/src/core/dbus-snapshot.c
> @@ -33,7 +33,7 @@ int bus_snapshot_method_remove(sd_bus *bus, sd_bus_message *message, void *userd
> assert(message);
> assert(s);
>
> - r = selinux_unit_access_check(UNIT(s), message, "stop", error);
> + r = mac_selinux_unit_access_check(UNIT(s), message, "stop", error);
> if (r < 0)
> return r;
>
> diff --git a/src/core/dbus-unit.c b/src/core/dbus-unit.c
> index 8fe83ae..9a7e41e 100644
> --- a/src/core/dbus-unit.c
> +++ b/src/core/dbus-unit.c
> @@ -442,7 +442,7 @@ int bus_unit_method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, s
> if (signo <= 0 || signo >= _NSIG)
> return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Signal number out of range.");
>
> - r = selinux_unit_access_check(u, message, "stop", error);
> + r = mac_selinux_unit_access_check(u, message, "stop", error);
> if (r < 0)
> return r;
>
> @@ -467,7 +467,7 @@ int bus_unit_method_reset_failed(sd_bus *bus, sd_bus_message *message, void *use
> if (r == 0)
> return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
>
> - r = selinux_unit_access_check(u, message, "reload", error);
> + r = mac_selinux_unit_access_check(u, message, "reload", error);
> if (r < 0)
> return r;
>
> @@ -494,7 +494,7 @@ int bus_unit_method_set_properties(sd_bus *bus, sd_bus_message *message, void *u
> if (r < 0)
> return r;
>
> - r = selinux_unit_access_check(u, message, "start", error);
> + r = mac_selinux_unit_access_check(u, message, "start", error);
> if (r < 0)
> return r;
>
> @@ -754,7 +754,7 @@ int bus_unit_queue_job(
> type = JOB_RELOAD;
> }
>
> - r = selinux_unit_access_check(
> + r = mac_selinux_unit_access_check(
> u, message,
> (type == JOB_START || type == JOB_RESTART || type == JOB_TRY_RESTART) ? "start" :
> type == JOB_STOP ? "stop" : "reload", error);
> diff --git a/src/core/dbus.c b/src/core/dbus.c
> index 09b4a4a..185057b 100644
> --- a/src/core/dbus.c
> +++ b/src/core/dbus.c
> @@ -211,7 +211,7 @@ failed:
> }
>
> #ifdef HAVE_SELINUX
> -static int selinux_filter(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
> +static int mac_selinux_filter(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
> Manager *m = userdata;
> const char *verb, *path;
> Unit *u = NULL;
> @@ -239,7 +239,7 @@ static int selinux_filter(sd_bus *bus, sd_bus_message *message, void *userdata,
>
> if (object_path_startswith("/org/freedesktop/systemd1", path)) {
>
> - r = selinux_access_check(message, verb, error);
> + r = mac_selinux_access_check(message, verb, error);
> if (r < 0)
> return r;
>
> @@ -270,7 +270,7 @@ static int selinux_filter(sd_bus *bus, sd_bus_message *message, void *userdata,
> if (!u)
> return 0;
>
> - r = selinux_unit_access_check(u, message, verb, error);
> + r = mac_selinux_unit_access_check(u, message, verb, error);
> if (r < 0)
> return r;
>
> @@ -536,7 +536,7 @@ static int bus_setup_api_vtables(Manager *m, sd_bus *bus) {
> assert(bus);
>
> #ifdef HAVE_SELINUX
> - r = sd_bus_add_filter(bus, NULL, selinux_filter, m);
> + r = sd_bus_add_filter(bus, NULL, mac_selinux_filter, m);
> if (r < 0) {
> log_error("Failed to add SELinux access filter: %s", strerror(-r));
> return r;
> diff --git a/src/core/main.c b/src/core/main.c
> index 95597de..f00ac00 100644
> --- a/src/core/main.c
> +++ b/src/core/main.c
> @@ -1299,11 +1299,11 @@ int main(int argc, char *argv[]) {
> if (!skip_setup) {
> mount_setup_early();
> dual_timestamp_get(&security_start_timestamp);
> - if (selinux_setup(&loaded_policy) < 0)
> + if (mac_selinux_setup(&loaded_policy) < 0)
> goto finish;
> if (ima_setup() < 0)
> goto finish;
> - if (smack_setup(&loaded_policy) < 0)
> + if (mac_smack_setup(&loaded_policy) < 0)
> goto finish;
> dual_timestamp_get(&security_finish_timestamp);
> }
> diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
> index 08ea6ef..29d6ef6 100644
> --- a/src/core/selinux-access.c
> +++ b/src/core/selinux-access.c
> @@ -136,7 +136,7 @@ static int access_init(void) {
> return r;
> }
>
> -static int selinux_access_init(sd_bus_error *error) {
> +static int mac_selinux_access_init(sd_bus_error *error) {
> int r;
>
> if (initialized)
> @@ -152,14 +152,17 @@ static int selinux_access_init(sd_bus_error *error) {
> initialized = true;
> return 0;
> }
> +#endif
>
> -void selinux_access_free(void) {
> +void mac_selinux_access_free(void) {
>
> +#ifdef HAVE_SELINUX
> if (!initialized)
> return;
>
> avc_destroy();
> initialized = false;
> +#endif
> }
>
> /*
> @@ -168,12 +171,13 @@ void selinux_access_free(void) {
> If the machine is in permissive mode it will return ok. Audit messages will
> still be generated if the access would be denied in enforcing mode.
> */
> -int selinux_generic_access_check(
> +int mac_selinux_generic_access_check(
> sd_bus_message *message,
> const char *path,
> const char *permission,
> sd_bus_error *error) {
>
> +#ifdef HAVE_SELINUX
> _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
> const char *tclass = NULL, *scon = NULL;
> struct audit_info audit_info = {};
> @@ -189,7 +193,7 @@ int selinux_generic_access_check(
> if (!mac_selinux_use())
> return 0;
>
> - r = selinux_access_init(error);
> + r = mac_selinux_access_init(error);
> if (r < 0)
> return r;
>
> @@ -248,13 +252,17 @@ finish:
> }
>
> return r;
> +#else
> + return 0;
> +#endif
> }
>
> -int selinux_unit_access_check_strv(char **units,
> +int mac_selinux_unit_access_check_strv(char **units,
> sd_bus_message *message,
> Manager *m,
> const char *permission,
> sd_bus_error *error) {
> +#ifdef HAVE_SELINUX
> char **i;
> Unit *u;
> int r;
> @@ -262,35 +270,11 @@ int selinux_unit_access_check_strv(char **units,
> STRV_FOREACH(i, units) {
> u = manager_get_unit(m, *i);
> if (u) {
> - r = selinux_unit_access_check(u, message, permission, error);
> + r = mac_selinux_unit_access_check(u, message, permission, error);
> if (r < 0)
> return r;
> }
> }
> -
> - return 0;
> -}
> -
> -#else
> -
> -int selinux_generic_access_check(
> - sd_bus_message *message,
> - const char *path,
> - const char *permission,
> - sd_bus_error *error) {
> -
> - return 0;
> -}
> -
> -void selinux_access_free(void) {
> -}
> -
> -int selinux_unit_access_check_strv(char **units,
> - sd_bus_message *message,
> - Manager *m,
> - const char *permission,
> - sd_bus_error *error) {
> +#endif
> return 0;
> }
> -
> -#endif
> diff --git a/src/core/selinux-access.h b/src/core/selinux-access.h
> index 6a4362a..bccf0d2 100644
> --- a/src/core/selinux-access.h
> +++ b/src/core/selinux-access.h
> @@ -26,26 +26,26 @@
> #include "bus-util.h"
> #include "manager.h"
>
> -void selinux_access_free(void);
> +void mac_selinux_access_free(void);
>
> -int selinux_generic_access_check(sd_bus_message *message, const char *path, const char *permission, sd_bus_error *error);
> +int mac_selinux_generic_access_check(sd_bus_message *message, const char *path, const char *permission, sd_bus_error *error);
>
> -int selinux_unit_access_check_strv(char **units, sd_bus_message *message, Manager *m, const char *permission, sd_bus_error *error);
> +int mac_selinux_unit_access_check_strv(char **units, sd_bus_message *message, Manager *m, const char *permission, sd_bus_error *error);
>
> #ifdef HAVE_SELINUX
>
> -#define selinux_access_check(message, permission, error) \
> - selinux_generic_access_check((message), NULL, (permission), (error))
> +#define mac_selinux_access_check(message, permission, error) \
> + mac_selinux_generic_access_check((message), NULL, (permission), (error))
>
> -#define selinux_unit_access_check(unit, message, permission, error) \
> +#define mac_selinux_unit_access_check(unit, message, permission, error) \
> ({ \
> Unit *_unit = (unit); \
> - selinux_generic_access_check((message), _unit->fragment_path ?: _unit->fragment_path, (permission), (error)); \
> + mac_selinux_generic_access_check((message), _unit->fragment_path ?: _unit->fragment_path, (permission), (error)); \
> })
>
> #else
>
> -#define selinux_access_check(message, permission, error) 0
> -#define selinux_unit_access_check(unit, message, permission, error) 0
> +#define mac_selinux_access_check(message, permission, error) 0
> +#define mac_selinux_unit_access_check(unit, message, permission, error) 0
>
> #endif
> diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c
> index 4e615c2..25e22b6 100644
> --- a/src/core/selinux-setup.c
> +++ b/src/core/selinux-setup.c
> @@ -43,7 +43,7 @@ static int null_log(int type, const char *fmt, ...) {
> }
> #endif
>
> -int selinux_setup(bool *loaded_policy) {
> +int mac_selinux_setup(bool *loaded_policy) {
>
> #ifdef HAVE_SELINUX
> int enforce = 0;
> diff --git a/src/core/selinux-setup.h b/src/core/selinux-setup.h
> index 39e2bc2..9ac2276 100644
> --- a/src/core/selinux-setup.h
> +++ b/src/core/selinux-setup.h
> @@ -23,4 +23,4 @@
>
> #include <stdbool.h>
>
> -int selinux_setup(bool *loaded_policy);
> +int mac_selinux_setup(bool *loaded_policy);
> diff --git a/src/core/smack-setup.c b/src/core/smack-setup.c
> index 5d8a26c..d0fd180 100644
> --- a/src/core/smack-setup.c
> +++ b/src/core/smack-setup.c
> @@ -116,7 +116,7 @@ static int write_rules(const char* dstpath, const char* srcdir) {
>
> #endif
>
> -int smack_setup(bool *loaded_policy) {
> +int mac_smack_setup(bool *loaded_policy) {
>
> #ifdef HAVE_SMACK
>
> diff --git a/src/core/smack-setup.h b/src/core/smack-setup.h
> index 8927096..1cab771 100644
> --- a/src/core/smack-setup.h
> +++ b/src/core/smack-setup.h
> @@ -23,4 +23,4 @@
> along with systemd; If not, see <http://www.gnu.org/licenses/>.
> ***/
>
> -int smack_setup(bool *loaded_policy);
> +int mac_smack_setup(bool *loaded_policy);
> --
> 1.9.3
>
>
>
>
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list