summaryrefslogtreecommitdiff
path: root/src/core
diff options
context:
space:
mode:
authorKarol Lewandowski <k.lewandowsk@samsung.com>2013-05-16 10:40:03 +0200
committerAuke Kok <auke-jan.h.kok@intel.com>2013-05-17 09:58:28 -0700
commit2b3e18de74ca89b374dd4f7a2c30e5731d347841 (patch)
tree305669069e73f82fd838117c93709dce7d0b0b3f /src/core
parent264ad849a4a0acf1ca392da62b7018d4fe7b66b3 (diff)
Make it possible to disable smack separately from xattr support
Additionally, compile out rule loading if feature is disabled.
Diffstat (limited to 'src/core')
-rw-r--r--src/core/smack-setup.c10
-rw-r--r--src/core/socket.c4
2 files changed, 12 insertions, 2 deletions
diff --git a/src/core/smack-setup.c b/src/core/smack-setup.c
index 73eeb04190..d67a84a583 100644
--- a/src/core/smack-setup.c
+++ b/src/core/smack-setup.c
@@ -42,6 +42,8 @@
#define SMACK_CONFIG "/etc/smack/accesses.d/"
#define CIPSO_CONFIG "/etc/smack/cipso/"
+#ifdef HAVE_SMACK
+
static int write_rules(const char* dstpath, const char* srcdir) {
_cleanup_fclose_ FILE *dst = NULL;
_cleanup_closedir_ DIR *dir = NULL;
@@ -111,8 +113,12 @@ static int write_rules(const char* dstpath, const char* srcdir) {
return r;
}
+#endif
int smack_setup(void) {
+
+#ifdef HAVE_SMACK
+
int r;
r = write_rules("/sys/fs/smackfs/load2", SMACK_CONFIG);
@@ -148,4 +154,8 @@ int smack_setup(void) {
strerror(abs(r)));
return 0;
}
+
+#endif
+
+ return 0;
}
diff --git a/src/core/socket.c b/src/core/socket.c
index 1b08f0a5fd..37ca228e6b 100644
--- a/src/core/socket.c
+++ b/src/core/socket.c
@@ -788,7 +788,7 @@ static void socket_apply_socket_options(Socket *s, int fd) {
if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
-#ifdef HAVE_XATTR
+#ifdef HAVE_SMACK
if (s->smack_ip_in)
if (fsetxattr(fd, "security.SMACK64IPIN", s->smack_ip_in, strlen(s->smack_ip_in), 0) < 0)
log_error_unit(UNIT(s)->id,
@@ -810,7 +810,7 @@ static void socket_apply_fifo_options(Socket *s, int fd) {
log_warning_unit(UNIT(s)->id,
"F_SETPIPE_SZ: %m");
-#ifdef HAVE_XATTR
+#ifdef HAVE_SMACK
if (s->smack)
if (fsetxattr(fd, "security.SMACK64", s->smack, strlen(s->smack), 0) < 0)
log_error_unit(UNIT(s)->id,