diff options
author | Lennart Poettering <lennart@poettering.net> | 2014-10-23 18:06:51 +0200 |
---|---|---|
committer | Anthony G. Basile <blueness@gentoo.org> | 2014-10-25 18:32:53 -0400 |
commit | 65e7a7fcba7e5aeb0bb1521070d7bc0547663975 (patch) | |
tree | 46e6af44228140e7df583da028bb39c17d06d23c /src/udev | |
parent | 00772eaeba4662181fc86fa842ff8521ccade88a (diff) |
smack: rework smack APIs a bit
a) always return negative errno error codes
b) always become a noop if smack is off
c) always take a NULL label as a request to remove it
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
Diffstat (limited to 'src/udev')
-rw-r--r-- | src/udev/udev-node.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c index 803d803279..8d5bada5a4 100644 --- a/src/udev/udev-node.c +++ b/src/udev/udev-node.c @@ -294,21 +294,25 @@ static int node_permissions_apply(struct udev_device *dev, bool apply, /* apply SECLABEL{$module}=$label */ udev_list_entry_foreach(entry, udev_list_get_entry(seclabel_list)) { const char *name, *label; + int r; name = udev_list_entry_get_name(entry); label = udev_list_entry_get_value(entry); if (streq(name, "selinux")) { selinux = true; + if (mac_selinux_apply(devnode, label) < 0) - log_error("SECLABEL: failed to set SELinux label '%s'", label); + log_error("SECLABEL: failed to set SELinux label '%s': %s", label, strerror(-r)); else log_debug("SECLABEL: set SELinux label '%s'", label); } else if (streq(name, "smack")) { smack = true; - if (mac_smack_apply(devnode, label) < 0) - log_error("SECLABEL: failed to set SMACK label '%s'", label); + + r = mac_smack_apply(devnode, label); + if (r < 0) + log_error("SECLABEL: failed to set SMACK label '%s': %s", label, strerror(-r)); else log_debug("SECLABEL: set SMACK label '%s'", label); |