diff options
author | Kay Sievers <kay@vrfy.org> | 2013-07-26 03:34:18 +0200 |
---|---|---|
committer | Kay Sievers <kay@vrfy.org> | 2013-07-26 04:13:55 +0200 |
commit | 39bdfa31f2f00c3357e2a7a5f139abee6d7c7cd3 (patch) | |
tree | 82b73224f774156f6ab57ef60af0f26ed6507e3d | |
parent | 819da59577758a7a328020546127091e45bc59e7 (diff) |
shared: split mkdir_*() and mkdir_*_label() from each other
Avoid pulling-in selinux for tools which just create directories
but not need to fix the selinux label.
-rw-r--r-- | Makefile.am | 1 | ||||
-rw-r--r-- | src/shared/cgroup-label.c | 2 | ||||
-rw-r--r-- | src/shared/label.c | 4 | ||||
-rw-r--r-- | src/shared/label.h | 2 | ||||
-rw-r--r-- | src/shared/mkdir-label.c | 53 | ||||
-rw-r--r-- | src/shared/mkdir.c | 40 | ||||
-rw-r--r-- | src/shared/mkdir.h | 21 |
7 files changed, 81 insertions, 42 deletions
diff --git a/Makefile.am b/Makefile.am index 3d08d7cb9c..8ac1d8d0f3 100644 --- a/Makefile.am +++ b/Makefile.am @@ -752,6 +752,7 @@ libsystemd_label_la_SOURCES = \ src/shared/selinux-util.c \ src/shared/selinux-util.h \ src/shared/mkdir.c \ + src/shared/mkdir-label.c \ src/shared/mkdir.h \ src/shared/ask-password-api.c \ src/shared/ask-password-api.h \ diff --git a/src/shared/cgroup-label.c b/src/shared/cgroup-label.c index 574a7be3ee..bae0a627d2 100644 --- a/src/shared/cgroup-label.c +++ b/src/shared/cgroup-label.c @@ -47,7 +47,7 @@ int cg_create(const char *controller, const char *path) { if (r < 0) return r; - r = mkdir_parents_prefix("/sys/fs/cgroup", fs, 0755); + r = mkdir_parents_prefix_label("/sys/fs/cgroup", fs, 0755); if (r < 0) return r; diff --git a/src/shared/label.c b/src/shared/label.c index 1fe4574633..fde39f2259 100644 --- a/src/shared/label.c +++ b/src/shared/label.c @@ -257,14 +257,14 @@ void label_free(const char *label) { #endif } -int label_mkdir(const char *path, mode_t mode, bool apply) { +int label_mkdir(const char *path, mode_t mode) { /* Creates a directory and labels it according to the SELinux policy */ #ifdef HAVE_SELINUX int r; security_context_t fcon = NULL; - if (!apply || !use_selinux() || !label_hnd) + if (!use_selinux() || !label_hnd) goto skipped; if (path_is_absolute(path)) diff --git a/src/shared/label.h b/src/shared/label.h index dda4d1c024..09e15e3c08 100644 --- a/src/shared/label.h +++ b/src/shared/label.h @@ -40,7 +40,7 @@ void label_free(const char *label); int label_get_create_label_from_exe(const char *exe, char **label); -int label_mkdir(const char *path, mode_t mode, bool apply); +int label_mkdir(const char *path, mode_t mode); void label_retest_selinux(void); diff --git a/src/shared/mkdir-label.c b/src/shared/mkdir-label.c new file mode 100644 index 0000000000..4ee6251bcd --- /dev/null +++ b/src/shared/mkdir-label.c @@ -0,0 +1,53 @@ +/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ + +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + Copyright 2013 Kay Sievers + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <assert.h> +#include <string.h> +#include <unistd.h> +#include <errno.h> +#include <stdlib.h> +#include <stdio.h> + +#include "label.h" +#include "util.h" +#include "path-util.h" +#include "mkdir.h" + +int mkdir_label(const char *path, mode_t mode) { + return label_mkdir(path, mode); +} + +int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid) { + return mkdir_safe_internal(path, mode, uid, gid, label_mkdir); +} + +int mkdir_parents_label(const char *path, mode_t mode) { + return mkdir_parents_internal(NULL, path, mode, label_mkdir); +} + +int mkdir_parents_prefix_label(const char *prefix, const char *path, mode_t mode) { + return mkdir_parents_internal(prefix, path, mode, label_mkdir); +} + +int mkdir_p_label(const char *path, mode_t mode) { + return mkdir_p_internal(NULL, path, mode, label_mkdir); +} diff --git a/src/shared/mkdir.c b/src/shared/mkdir.c index e21a0f3989..b7e5c6e67b 100644 --- a/src/shared/mkdir.c +++ b/src/shared/mkdir.c @@ -31,14 +31,10 @@ #include "path-util.h" #include "mkdir.h" -int mkdir_label(const char *path, mode_t mode) { - return label_mkdir(path, mode, true); -} - -static int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, bool apply) { +int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, mkdir_func_t _mkdir) { struct stat st; - if (label_mkdir(path, mode, apply) >= 0) + if (_mkdir(path, mode) >= 0) if (chmod_and_chown(path, mode, uid, gid) < 0) return -errno; @@ -60,10 +56,6 @@ int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid) { return mkdir_safe_internal(path, mode, uid, gid, false); } -int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid) { - return mkdir_safe_internal(path, mode, uid, gid, true); -} - static int is_dir(const char* path) { struct stat st; @@ -73,7 +65,7 @@ static int is_dir(const char* path) { return S_ISDIR(st.st_mode); } -static int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, bool apply) { +int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, mkdir_func_t _mkdir) { const char *p, *e; int r; @@ -116,34 +108,26 @@ static int mkdir_parents_internal(const char *prefix, const char *path, mode_t m if (prefix && path_startswith(prefix, t)) continue; - r = label_mkdir(t, mode, apply); + r = _mkdir(t, mode); if (r < 0 && errno != EEXIST) return -errno; } } int mkdir_parents(const char *path, mode_t mode) { - return mkdir_parents_internal(NULL, path, mode, false); -} - -int mkdir_parents_label(const char *path, mode_t mode) { - return mkdir_parents_internal(NULL, path, mode, true); -} - -int mkdir_parents_prefix(const char *prefix, const char *path, mode_t mode) { - return mkdir_parents_internal(prefix, path, mode, true); + return mkdir_parents_internal(NULL, path, mode, mkdir); } -static int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, bool apply) { +int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, mkdir_func_t _mkdir) { int r; /* Like mkdir -p */ - r = mkdir_parents_internal(prefix, path, mode, apply); + r = mkdir_parents_internal(prefix, path, mode, _mkdir); if (r < 0) return r; - r = label_mkdir(path, mode, apply); + r = _mkdir(path, mode); if (r < 0 && (errno != EEXIST || is_dir(path) <= 0)) return -errno; @@ -151,13 +135,9 @@ static int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, b } int mkdir_p(const char *path, mode_t mode) { - return mkdir_p_internal(NULL, path, mode, false); -} - -int mkdir_p_label(const char *path, mode_t mode) { - return mkdir_p_internal(NULL, path, mode, true); + return mkdir_p_internal(NULL, path, mode, mkdir); } int mkdir_p_prefix(const char *prefix, const char *path, mode_t mode) { - return mkdir_p_internal(prefix, path, mode, false); + return mkdir_p_internal(prefix, path, mode, mkdir); } diff --git a/src/shared/mkdir.h b/src/shared/mkdir.h index 3d39b2910f..5b34db4229 100644 --- a/src/shared/mkdir.h +++ b/src/shared/mkdir.h @@ -7,6 +7,7 @@ This file is part of systemd. Copyright 2010 Lennart Poettering + Copyright 2013 Kay Sievers systemd is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by @@ -24,17 +25,21 @@ #include <sys/types.h> -int mkdir_label(const char *path, mode_t mode); - int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid); -int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid); - int mkdir_parents(const char *path, mode_t mode); -int mkdir_parents_label(const char *path, mode_t mode); -int mkdir_parents_prefix(const char *prefix, const char *path, mode_t mode); - int mkdir_p(const char *path, mode_t mode); -int mkdir_p_label(const char *path, mode_t mode); int mkdir_p_prefix(const char *prefix, const char *path, mode_t mode); +/* selinux versions */ +int mkdir_label(const char *path, mode_t mode); +int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid); +int mkdir_parents_label(const char *path, mode_t mode); +int mkdir_p_label(const char *path, mode_t mode); +int mkdir_parents_prefix_label(const char *prefix, const char *path, mode_t mode); + +/* internally used */ +typedef int (*mkdir_func_t)(const char *pathname, mode_t mode); +int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, mkdir_func_t _mkdir); +int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, mkdir_func_t _mkdir); +int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, mkdir_func_t _mkdir); #endif |