diff options
| author | Tyler Hicks <tyhicks@canonical.com> | 2014-02-13 09:59:53 -0600 |
|---|---|---|
| committer | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2015-02-18 17:04:05 +0000 |
| commit | cd23a5df10b0465c99f91b5f9c4e160480078c1a (patch) | |
| tree | 0ba4cd5181b2f6a36ab43457a28871b48b1a2087 /bus/apparmor.h | |
| parent | e8b0248eef31e2960a895613f3a9102675a7baf8 (diff) | |
| download | dbus-cd23a5df10b0465c99f91b5f9c4e160480078c1a.tar.gz | |
Store AppArmor label of connecting processes
When processes connect the bus, the AppArmor confinement context should
be stored for later use when checks are to be done during message
sending/receiving, acquire a name, and eavesdropping.
Code outside of apparmor.c will need to initialize and unreference the
confinement context, so bus_apparmor_confinement_unref() can no longer
be a static function.
[Move bus_apparmor_confinement_unref back to its old location for
a more reasonable diff -smcv]
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75113
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Diffstat (limited to 'bus/apparmor.h')
| -rw-r--r-- | bus/apparmor.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/bus/apparmor.h b/bus/apparmor.h index 66a77c0e..861094e7 100644 --- a/bus/apparmor.h +++ b/bus/apparmor.h @@ -27,6 +27,7 @@ #define BUS_APPARMOR_H #include <dbus/dbus.h> +#include "bus.h" void bus_apparmor_audit_init (void); dbus_bool_t bus_apparmor_pre_init (void); @@ -36,4 +37,8 @@ dbus_bool_t bus_apparmor_full_init (DBusError *error); void bus_apparmor_shutdown (void); dbus_bool_t bus_apparmor_enabled (void); +void bus_apparmor_confinement_unref (BusAppArmorConfinement *confinement); +BusAppArmorConfinement* bus_apparmor_init_connection_confinement (DBusConnection *connection, + DBusError *error); + #endif /* BUS_APPARMOR_H */ |