summaryrefslogtreecommitdiff
path: root/src/core/load-fragment-gperf.gperf.m4
diff options
context:
space:
mode:
authorMichal Sekletar <msekleta@redhat.com>2014-07-24 10:40:28 +0200
committerMichal Sekletar <msekleta@redhat.com>2014-08-19 18:57:12 +0200
commitcf8bd44339b00330fdbc91041d6731ba8aba9fec (patch)
tree50131a58cdb8e65adc849c0971ff832ec208d6ec /src/core/load-fragment-gperf.gperf.m4
parent6c3e68e7c1adc6176526e69769bf2eba86cdd257 (diff)
socket: introduce SELinuxLabelViaNet option
This makes possible to spawn service instances triggered by socket with MLS/MCS SELinux labels which are created based on information provided by connected peer. Implementation of label_get_child_label derived from xinetd. Reviewed-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'src/core/load-fragment-gperf.gperf.m4')
-rw-r--r--src/core/load-fragment-gperf.gperf.m43
1 files changed, 3 insertions, 0 deletions
diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4
index b4e2b25743..d5ff848c33 100644
--- a/src/core/load-fragment-gperf.gperf.m4
+++ b/src/core/load-fragment-gperf.gperf.m4
@@ -262,6 +262,9 @@ Socket.SmackLabelIPOut, config_parse_string, 0,
`Socket.SmackLabel, config_parse_warn_compat, 0, 0
Socket.SmackLabelIPIn, config_parse_warn_compat, 0, 0
Socket.SmackLabelIPOut, config_parse_warn_compat, 0, 0')
+m4_ifdef(`HAVE_SELINUX',
+`Socket.SELinuxLabelViaNet, config_parse_bool, 0, offsetof(Socket, selinux_label_via_net)',
+`Socket.SELinuxLabelViaNet, config_parse_warn_compat, 0, 0')
EXEC_CONTEXT_CONFIG_ITEMS(Socket)m4_dnl
CGROUP_CONTEXT_CONFIG_ITEMS(Socket)m4_dnl
KILL_CONTEXT_CONFIG_ITEMS(Socket)m4_dnl