summaryrefslogtreecommitdiff
path: root/src/core
diff options
context:
space:
mode:
Diffstat (limited to 'src/core')
-rw-r--r--src/core/condition.c8
-rw-r--r--src/core/execute.c4
-rw-r--r--src/core/mount-setup.c6
-rw-r--r--src/core/selinux-access.c4
-rw-r--r--src/core/selinux-setup.c2
5 files changed, 12 insertions, 12 deletions
diff --git a/src/core/condition.c b/src/core/condition.c
index 353e0c97f1..ec78169fc3 100644
--- a/src/core/condition.c
+++ b/src/core/condition.c
@@ -45,13 +45,13 @@ static bool condition_test_security(Condition *c) {
assert(c->type == CONDITION_SECURITY);
if (streq(c->parameter, "selinux"))
- return use_selinux() == !c->negate;
+ return mac_selinux_use() == !c->negate;
+ if (streq(c->parameter, "smack"))
+ return mac_smack_use() == !c->negate;
if (streq(c->parameter, "apparmor"))
- return use_apparmor() == !c->negate;
+ return mac_apparmor_use() == !c->negate;
if (streq(c->parameter, "ima"))
return use_ima() == !c->negate;
- if (streq(c->parameter, "smack"))
- return use_smack() == !c->negate;
return c->negate;
}
diff --git a/src/core/execute.c b/src/core/execute.c
index caff2c6b5c..c41aec222d 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -1669,7 +1669,7 @@ static int exec_child(ExecCommand *command,
#endif
#ifdef HAVE_SELINUX
- if (use_selinux()) {
+ if (mac_selinux_use()) {
if (context->selinux_context) {
err = setexeccon(context->selinux_context);
if (err < 0 && !context->selinux_context_ignore) {
@@ -1697,7 +1697,7 @@ static int exec_child(ExecCommand *command,
#endif
#ifdef HAVE_APPARMOR
- if (context->apparmor_profile && use_apparmor()) {
+ if (context->apparmor_profile && mac_apparmor_use()) {
err = aa_change_onexec(context->apparmor_profile);
if (err < 0 && !context->apparmor_profile_ignore) {
*error = EXIT_APPARMOR_PROFILE;
diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
index 8e91217828..cda25ede13 100644
--- a/src/core/mount-setup.c
+++ b/src/core/mount-setup.c
@@ -82,9 +82,9 @@ static const MountPoint mount_table[] = {
NULL, MNT_NONE },
#ifdef HAVE_SMACK
{ "smackfs", "/sys/fs/smackfs", "smackfs", "smackfsdef=*", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME,
- use_smack, MNT_FATAL },
+ mac_smack_use, MNT_FATAL },
{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777,smackfsroot=*", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
- use_smack, MNT_FATAL },
+ mac_smack_use, MNT_FATAL },
#endif
{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
NULL, MNT_FATAL|MNT_IN_CONTAINER },
@@ -92,7 +92,7 @@ static const MountPoint mount_table[] = {
NULL, MNT_IN_CONTAINER },
#ifdef HAVE_SMACK
{ "tmpfs", "/run", "tmpfs", "mode=755,smackfsroot=*", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
- use_smack, MNT_FATAL },
+ mac_smack_use, MNT_FATAL },
#endif
{ "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
NULL, MNT_FATAL|MNT_IN_CONTAINER },
diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
index 184f202c1e..08ea6efb78 100644
--- a/src/core/selinux-access.c
+++ b/src/core/selinux-access.c
@@ -142,7 +142,7 @@ static int selinux_access_init(sd_bus_error *error) {
if (initialized)
return 0;
- if (!use_selinux())
+ if (!mac_selinux_use())
return 0;
r = access_init();
@@ -186,7 +186,7 @@ int selinux_generic_access_check(
assert(permission);
assert(error);
- if (!use_selinux())
+ if (!mac_selinux_use())
return 0;
r = selinux_access_init(error);
diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c
index 8be97fc417..4e615c2b64 100644
--- a/src/core/selinux-setup.c
+++ b/src/core/selinux-setup.c
@@ -84,7 +84,7 @@ int selinux_setup(bool *loaded_policy) {
char timespan[FORMAT_TIMESPAN_MAX];
char *label;
- retest_selinux();
+ mac_selinux_retest();
/* Transition to the new context */
r = mac_selinux_get_create_label_from_exe(SYSTEMD_BINARY_PATH, &label);