diff options
author | Will Woods <wwoods@redhat.com> | 2014-04-25 18:26:33 -0400 |
---|---|---|
committer | Tom Gundersen <teg@jklm.no> | 2014-04-26 00:54:03 +0200 |
commit | 4ab72d6fb499c2b4d8baced9fa94a8bbfa5a4b3d (patch) | |
tree | d0a55bc1eed2cd086933fb21b3c99b39a9640cab /src/core/selinux-setup.c | |
parent | 6cdf527c6aa041534205622e1fb02a0634a467a5 (diff) |
core: reindent {selinux, ima, smack}-setup.c
7-space indentation is just too weird to leave alone.
Make it 8 spaces, as per CODING_STYLE. No other changes.
Diffstat (limited to 'src/core/selinux-setup.c')
-rw-r--r-- | src/core/selinux-setup.c | 152 |
1 files changed, 76 insertions, 76 deletions
diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c index 9a5d6b2a9d..6d8bc89965 100644 --- a/src/core/selinux-setup.c +++ b/src/core/selinux-setup.c @@ -46,82 +46,82 @@ static int null_log(int type, const char *fmt, ...) { int selinux_setup(bool *loaded_policy) { #ifdef HAVE_SELINUX - int enforce = 0; - usec_t before_load, after_load; - security_context_t con; - int r; - union selinux_callback cb; - - assert(loaded_policy); - - /* Turn off all of SELinux' own logging, we want to do that */ - cb.func_log = null_log; - selinux_set_callback(SELINUX_CB_LOG, cb); - - /* Don't load policy in the initrd if we don't appear to have - * it. For the real root, we check below if we've already - * loaded policy, and return gracefully. - */ - if (in_initrd() && access(selinux_path(), F_OK) < 0) - return 0; - - /* Already initialized by somebody else? */ - r = getcon_raw(&con); - if (r == 0) { - bool initialized; - - initialized = !streq(con, "kernel"); - freecon(con); - - if (initialized) - return 0; - } - - /* Make sure we have no fds open while loading the policy and - * transitioning */ - log_close(); - - /* Now load the policy */ - before_load = now(CLOCK_MONOTONIC); - r = selinux_init_load_policy(&enforce); - if (r == 0) { - char timespan[FORMAT_TIMESPAN_MAX]; - char *label; - - retest_selinux(); - - /* Transition to the new context */ - r = label_get_create_label_from_exe(SYSTEMD_BINARY_PATH, &label); - if (r < 0 || label == NULL) { - log_open(); - log_error("Failed to compute init label, ignoring."); - } else { - r = setcon(label); - - log_open(); - if (r < 0) - log_error("Failed to transition into init label '%s', ignoring.", label); - - label_free(label); - } - - after_load = now(CLOCK_MONOTONIC); - - log_info("Successfully loaded SELinux policy in %s.", - format_timespan(timespan, sizeof(timespan), after_load - before_load, 0)); - - *loaded_policy = true; - - } else { - log_open(); - - if (enforce > 0) { - log_error("Failed to load SELinux policy. Freezing."); - return -EIO; - } else - log_debug("Unable to load SELinux policy. Ignoring."); - } + int enforce = 0; + usec_t before_load, after_load; + security_context_t con; + int r; + union selinux_callback cb; + + assert(loaded_policy); + + /* Turn off all of SELinux' own logging, we want to do that */ + cb.func_log = null_log; + selinux_set_callback(SELINUX_CB_LOG, cb); + + /* Don't load policy in the initrd if we don't appear to have + * it. For the real root, we check below if we've already + * loaded policy, and return gracefully. + */ + if (in_initrd() && access(selinux_path(), F_OK) < 0) + return 0; + + /* Already initialized by somebody else? */ + r = getcon_raw(&con); + if (r == 0) { + bool initialized; + + initialized = !streq(con, "kernel"); + freecon(con); + + if (initialized) + return 0; + } + + /* Make sure we have no fds open while loading the policy and + * transitioning */ + log_close(); + + /* Now load the policy */ + before_load = now(CLOCK_MONOTONIC); + r = selinux_init_load_policy(&enforce); + if (r == 0) { + char timespan[FORMAT_TIMESPAN_MAX]; + char *label; + + retest_selinux(); + + /* Transition to the new context */ + r = label_get_create_label_from_exe(SYSTEMD_BINARY_PATH, &label); + if (r < 0 || label == NULL) { + log_open(); + log_error("Failed to compute init label, ignoring."); + } else { + r = setcon(label); + + log_open(); + if (r < 0) + log_error("Failed to transition into init label '%s', ignoring.", label); + + label_free(label); + } + + after_load = now(CLOCK_MONOTONIC); + + log_info("Successfully loaded SELinux policy in %s.", + format_timespan(timespan, sizeof(timespan), after_load - before_load, 0)); + + *loaded_policy = true; + + } else { + log_open(); + + if (enforce > 0) { + log_error("Failed to load SELinux policy. Freezing."); + return -EIO; + } else + log_debug("Unable to load SELinux policy. Ignoring."); + } #endif - return 0; + return 0; } |