diff options
author | Lennart Poettering <lennart@poettering.net> | 2012-10-02 17:07:00 -0400 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2012-10-02 17:07:00 -0400 |
commit | cad45ba11ec3572296361f53f5852ffb97a97fa3 (patch) | |
tree | 42c8e2f855d26efb8819b535dc6e86846de811a9 /src/core/dbus-device.c | |
parent | 71ef24d09573874c0f7bc323c07c3aec2a458707 (diff) |
selinux: rework selinux access check logic
a) Instead of parsing the bus messages inside of selinux-access.c
simply pass everything pre-parsed in the functions
b) implement the access checking with a macro that resolves to nothing
on non-selinux builds
c) split out the selinux checks into their own sources
selinux-util.[ch]
d) this unifies the job creation code behind the D-Bus calls
Manager.StartUnit() and Unit.Start().
Diffstat (limited to 'src/core/dbus-device.c')
-rw-r--r-- | src/core/dbus-device.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/core/dbus-device.c b/src/core/dbus-device.c index dfbbafb66d..dbd91fe3db 100644 --- a/src/core/dbus-device.c +++ b/src/core/dbus-device.c @@ -22,6 +22,7 @@ #include "dbus-unit.h" #include "dbus-device.h" #include "dbus-common.h" +#include "selinux-access.h" #define BUS_DEVICE_INTERFACE \ " <interface name=\"org.freedesktop.systemd1.Device\">\n" \ @@ -61,5 +62,7 @@ DBusHandlerResult bus_device_message_handler(Unit *u, DBusConnection *c, DBusMes { NULL, } }; + SELINUX_UNIT_ACCESS_CHECK(u, c, message, "status"); + return bus_default_message_handler(c, message, INTROSPECTION, INTERFACES_LIST, bps); } |