summaryrefslogtreecommitdiff
path: root/src/basic/smack-util.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/basic/smack-util.c')
-rw-r--r--src/basic/smack-util.c96
1 files changed, 65 insertions, 31 deletions
diff --git a/src/basic/smack-util.c b/src/basic/smack-util.c
index 9d31b7717f..123d00e13e 100644
--- a/src/basic/smack-util.c
+++ b/src/basic/smack-util.c
@@ -115,50 +115,27 @@ int mac_smack_apply_pid(pid_t pid, const char *label) {
return 0;
p = procfs_file_alloca(pid, "attr/current");
- r = write_string_file(p, label, 0);
+ r = write_string_file(p, label, WRITE_STRING_FILE_DISABLE_BUFFER);
if (r < 0)
return r;
return r;
}
-int mac_smack_fix(const char *path, LabelFixFlags flags) {
+static int smack_fix_fd(int fd , const char *abspath, LabelFixFlags flags) {
char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int)];
- _cleanup_close_ int fd = -1;
const char *label;
struct stat st;
int r;
- assert(path);
+ /* The caller should have done the sanity checks. */
+ assert(abspath);
+ assert(path_is_absolute(abspath));
- if (!mac_smack_use())
+ /* Path must be in /dev. */
+ if (!path_startswith(abspath, "/dev"))
return 0;
- /* Path must be in /dev. Note that this check is pretty sloppy, as we might be called with non-normalized paths
- * and hence not detect all cases of /dev. */
-
- if (path_is_absolute(path)) {
- if (!path_startswith(path, "/dev"))
- return 0;
- } else {
- _cleanup_free_ char *cwd = NULL;
-
- r = safe_getcwd(&cwd);
- if (r < 0)
- return r;
-
- if (!path_startswith(cwd, "/dev"))
- return 0;
- }
-
- fd = open(path, O_NOFOLLOW|O_CLOEXEC|O_PATH);
- if (fd < 0) {
- if ((flags & LABEL_IGNORE_ENOENT) && errno == ENOENT)
- return 0;
-
- return -errno;
- }
-
if (fstat(fd, &st) < 0)
return -errno;
@@ -196,12 +173,65 @@ int mac_smack_fix(const char *path, LabelFixFlags flags) {
streq(old_label, label))
return 0;
- return log_debug_errno(r, "Unable to fix SMACK label of %s: %m", path);
+ return log_debug_errno(r, "Unable to fix SMACK label of %s: %m", abspath);
}
return 0;
}
+int mac_smack_fix_at(int dirfd, const char *path, LabelFixFlags flags) {
+ _cleanup_free_ char *p = NULL;
+ _cleanup_close_ int fd = -1;
+ int r;
+
+ assert(path);
+
+ if (!mac_smack_use())
+ return 0;
+
+ fd = openat(dirfd, path, O_NOFOLLOW|O_CLOEXEC|O_PATH);
+ if (fd < 0) {
+ if ((flags & LABEL_IGNORE_ENOENT) && errno == ENOENT)
+ return 0;
+
+ return -errno;
+ }
+
+ if (!path_is_absolute(path)) {
+ r = fd_get_path(fd, &p);
+ if (r < 0)
+ return r;
+ path = p;
+ }
+
+ return smack_fix_fd(fd, path, flags);
+}
+
+int mac_smack_fix(const char *path, LabelFixFlags flags) {
+ _cleanup_free_ char *abspath = NULL;
+ _cleanup_close_ int fd = -1;
+ int r;
+
+ assert(path);
+
+ if (!mac_smack_use())
+ return 0;
+
+ r = path_make_absolute_cwd(path, &abspath);
+ if (r < 0)
+ return r;
+
+ fd = open(abspath, O_NOFOLLOW|O_CLOEXEC|O_PATH);
+ if (fd < 0) {
+ if ((flags & LABEL_IGNORE_ENOENT) && errno == ENOENT)
+ return 0;
+
+ return -errno;
+ }
+
+ return smack_fix_fd(fd, abspath, flags);
+}
+
int mac_smack_copy(const char *dest, const char *src) {
int r = 0;
_cleanup_free_ char *label = NULL;
@@ -249,6 +279,10 @@ int mac_smack_fix(const char *path, LabelFixFlags flags) {
return 0;
}
+int mac_smack_fix_at(int dirfd, const char *path, LabelFixFlags flags) {
+ return 0;
+}
+
int mac_smack_copy(const char *dest, const char *src) {
return 0;
}
View Lorry Controller Status