diff options
Diffstat (limited to 'src/core/mount-setup.c')
-rw-r--r-- | src/core/mount-setup.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c index 7845e88644..73c2698ea3 100644 --- a/src/core/mount-setup.c +++ b/src/core/mount-setup.c @@ -42,6 +42,7 @@ #include "missing.h" #include "virt.h" #include "efivars.h" +#include "smack-util.h" #ifndef TTY_GID #define TTY_GID 5 @@ -77,11 +78,11 @@ static const MountPoint mount_table[] = { NULL, MNT_FATAL|MNT_IN_CONTAINER }, { "securityfs", "/sys/kernel/security", "securityfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL, MNT_NONE }, - { "smackfs", "/sys/fs/smackfs", "smackfs", "smackfsdef=*", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, - NULL, MNT_NONE }, #ifdef HAVE_SMACK + { "smackfs", "/sys/fs/smackfs", "smackfs", "smackfsdef=*", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, + use_smack, MNT_FATAL }, { "tmpfs", "/dev/shm", "tmpfs", "mode=1777,smackfsroot=*", MS_NOSUID|MS_NODEV|MS_STRICTATIME, - NULL, MNT_IN_CONTAINER }, + use_smack, MNT_FATAL }, #endif { "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME, NULL, MNT_FATAL|MNT_IN_CONTAINER }, @@ -89,7 +90,7 @@ static const MountPoint mount_table[] = { NULL, MNT_IN_CONTAINER }, #ifdef HAVE_SMACK { "tmpfs", "/run", "tmpfs", "mode=755,smackfsroot=*", MS_NOSUID|MS_NODEV|MS_STRICTATIME, - NULL, MNT_IN_CONTAINER }, + use_smack, MNT_FATAL }, #endif { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME, NULL, MNT_FATAL|MNT_IN_CONTAINER }, |