summaryrefslogtreecommitdiff
path: root/src/core/dbus-device.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2012-10-02 17:07:00 -0400
committerLennart Poettering <lennart@poettering.net>2012-10-02 17:07:00 -0400
commitcad45ba11ec3572296361f53f5852ffb97a97fa3 (patch)
tree42c8e2f855d26efb8819b535dc6e86846de811a9 /src/core/dbus-device.c
parent71ef24d09573874c0f7bc323c07c3aec2a458707 (diff)
selinux: rework selinux access check logic
a) Instead of parsing the bus messages inside of selinux-access.c simply pass everything pre-parsed in the functions b) implement the access checking with a macro that resolves to nothing on non-selinux builds c) split out the selinux checks into their own sources selinux-util.[ch] d) this unifies the job creation code behind the D-Bus calls Manager.StartUnit() and Unit.Start().
Diffstat (limited to 'src/core/dbus-device.c')
-rw-r--r--src/core/dbus-device.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/core/dbus-device.c b/src/core/dbus-device.c
index dfbbafb66d..dbd91fe3db 100644
--- a/src/core/dbus-device.c
+++ b/src/core/dbus-device.c
@@ -22,6 +22,7 @@
#include "dbus-unit.h"
#include "dbus-device.h"
#include "dbus-common.h"
+#include "selinux-access.h"
#define BUS_DEVICE_INTERFACE \
" <interface name=\"org.freedesktop.systemd1.Device\">\n" \
@@ -61,5 +62,7 @@ DBusHandlerResult bus_device_message_handler(Unit *u, DBusConnection *c, DBusMes
{ NULL, }
};
+ SELINUX_UNIT_ACCESS_CHECK(u, c, message, "status");
+
return bus_default_message_handler(c, message, INTROSPECTION, INTERFACES_LIST, bps);
}