summaryrefslogtreecommitdiff
path: root/units/systemd-tmpfiles-clean.service.in
diff options
context:
space:
mode:
authorSangjung Woo <sangjung.woo@samsung.com>2015-09-08 15:09:40 +0900
committerSangjung Woo <sangjung.woo@samsung.com>2015-09-09 20:26:52 +0900
commitf8c1a81c5188ca121573caeee290e39ef966e3e6 (patch)
tree2a16ffd21b56d92be81fede6b0068888e1c4c3db /units/systemd-tmpfiles-clean.service.in
parentba056b738d407ace25e5e4a2f9c890de229bf69f (diff)
smack: bugfix the smack label of symlink when '--with-smack-run-label' is set
Even though systemd has its own smack label since '--with-smack-run-label' configuration is set, the smack label of each CGROUP root directory should have the star (i.e. *) label. This is mainly because current Linux Kernel set the label in this way. (Refer to smack_d_instantiate() in security/smack/smack_lsm.c) However, if systemd has its own smack label and arg_join_controllers is explicitly set or initialized by initialize_join_controllers() function, current systemd creates the symlink in CGROUP root directory with its own smack label as below. lrwxrwxrwx. 1 root root System 11 Dec 31 16:00 cpu -> cpu,cpuacct dr-xr-xr-x. 4 root root * 0 Dec 31 16:01 cpu,cpuacct lrwxrwxrwx. 1 root root System 11 Dec 31 16:00 cpuacct -> cpu,cpuacct This patch fixes that bug by copying the smack label from the origin.
Diffstat (limited to 'units/systemd-tmpfiles-clean.service.in')
0 files changed, 0 insertions, 0 deletions