diff options
Diffstat (limited to 'src/core')
| -rw-r--r-- | src/core/condition.c | 8 | ||||
| -rw-r--r-- | src/core/execute.c | 4 | ||||
| -rw-r--r-- | src/core/mount-setup.c | 6 | ||||
| -rw-r--r-- | src/core/selinux-access.c | 4 | ||||
| -rw-r--r-- | src/core/selinux-setup.c | 2 |
5 files changed, 12 insertions, 12 deletions
diff --git a/src/core/condition.c b/src/core/condition.c index 353e0c97f1..ec78169fc3 100644 --- a/src/core/condition.c +++ b/src/core/condition.c @@ -45,13 +45,13 @@ static bool condition_test_security(Condition *c) { assert(c->type == CONDITION_SECURITY); if (streq(c->parameter, "selinux")) - return use_selinux() == !c->negate; + return mac_selinux_use() == !c->negate; + if (streq(c->parameter, "smack")) + return mac_smack_use() == !c->negate; if (streq(c->parameter, "apparmor")) - return use_apparmor() == !c->negate; + return mac_apparmor_use() == !c->negate; if (streq(c->parameter, "ima")) return use_ima() == !c->negate; - if (streq(c->parameter, "smack")) - return use_smack() == !c->negate; return c->negate; } diff --git a/src/core/execute.c b/src/core/execute.c index caff2c6b5c..c41aec222d 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -1669,7 +1669,7 @@ static int exec_child(ExecCommand *command, #endif #ifdef HAVE_SELINUX - if (use_selinux()) { + if (mac_selinux_use()) { if (context->selinux_context) { err = setexeccon(context->selinux_context); if (err < 0 && !context->selinux_context_ignore) { @@ -1697,7 +1697,7 @@ static int exec_child(ExecCommand *command, #endif #ifdef HAVE_APPARMOR - if (context->apparmor_profile && use_apparmor()) { + if (context->apparmor_profile && mac_apparmor_use()) { err = aa_change_onexec(context->apparmor_profile); if (err < 0 && !context->apparmor_profile_ignore) { *error = EXIT_APPARMOR_PROFILE; diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c index 8e91217828..cda25ede13 100644 --- a/src/core/mount-setup.c +++ b/src/core/mount-setup.c @@ -82,9 +82,9 @@ static const MountPoint mount_table[] = { NULL, MNT_NONE }, #ifdef HAVE_SMACK { "smackfs", "/sys/fs/smackfs", "smackfs", "smackfsdef=*", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, - use_smack, MNT_FATAL }, + mac_smack_use, MNT_FATAL }, { "tmpfs", "/dev/shm", "tmpfs", "mode=1777,smackfsroot=*", MS_NOSUID|MS_NODEV|MS_STRICTATIME, - use_smack, MNT_FATAL }, + mac_smack_use, MNT_FATAL }, #endif { "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME, NULL, MNT_FATAL|MNT_IN_CONTAINER }, @@ -92,7 +92,7 @@ static const MountPoint mount_table[] = { NULL, MNT_IN_CONTAINER }, #ifdef HAVE_SMACK { "tmpfs", "/run", "tmpfs", "mode=755,smackfsroot=*", MS_NOSUID|MS_NODEV|MS_STRICTATIME, - use_smack, MNT_FATAL }, + mac_smack_use, MNT_FATAL }, #endif { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME, NULL, MNT_FATAL|MNT_IN_CONTAINER }, diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c index 184f202c1e..08ea6efb78 100644 --- a/src/core/selinux-access.c +++ b/src/core/selinux-access.c @@ -142,7 +142,7 @@ static int selinux_access_init(sd_bus_error *error) { if (initialized) return 0; - if (!use_selinux()) + if (!mac_selinux_use()) return 0; r = access_init(); @@ -186,7 +186,7 @@ int selinux_generic_access_check( assert(permission); assert(error); - if (!use_selinux()) + if (!mac_selinux_use()) return 0; r = selinux_access_init(error); diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c index 8be97fc417..4e615c2b64 100644 --- a/src/core/selinux-setup.c +++ b/src/core/selinux-setup.c @@ -84,7 +84,7 @@ int selinux_setup(bool *loaded_policy) { char timespan[FORMAT_TIMESPAN_MAX]; char *label; - retest_selinux(); + mac_selinux_retest(); /* Transition to the new context */ r = mac_selinux_get_create_label_from_exe(SYSTEMD_BINARY_PATH, &label); |