3 files changed, 22 insertions, 0 deletions

diff --git a/src/shared/exit-status.h b/src/shared/exit-status.h
index f719580426..1d774f25dc 100644
--- a/src/shared/exit-status.h
+++ b/src/shared/exit-status.h
@@ -78,6 +78,7 @@ typedef enum ExitStatus {
         EXIT_MAKE_STARTER,
         EXIT_CHOWN,
         EXIT_BUS_ENDPOINT,
+        EXIT_SMACK_PROCESS_LABEL,
 } ExitStatus;
 
 typedef enum ExitStatusLevel {
diff --git a/src/shared/smack-util.c b/src/shared/smack-util.c
index a8dccd1554..b6c96435ce 100644
--- a/src/shared/smack-util.c
+++ b/src/shared/smack-util.c
@@ -25,6 +25,7 @@
 
 #include "util.h"
 #include "path-util.h"
+#include "fileio.h"
 #include "smack-util.h"
 
 #define SMACK_FLOOR_LABEL "_"
@@ -123,6 +124,25 @@ int mac_smack_apply_ip_in_fd(int fd, const char *label) {
         return r;
 }
 
+int mac_smack_apply_pid(pid_t pid, const char *label) {
+        int r = 0;
+        const char *p;
+
+        assert(label);
+
+#ifdef HAVE_SMACK
+        if (!mac_smack_use())
+                return 0;
+
+        p = procfs_file_alloca(pid, "attr/current");
+        r = write_string_file(p, label);
+        if (r < 0)
+                return r;
+#endif
+
+        return r;
+}
+
 int mac_smack_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
         int r = 0;
 
diff --git a/src/shared/smack-util.h b/src/shared/smack-util.h
index 68778da38b..50f55b1f4b 100644
--- a/src/shared/smack-util.h
+++ b/src/shared/smack-util.h
@@ -31,5 +31,6 @@ int mac_smack_fix(const char *path, bool ignore_enoent, bool ignore_erofs);
 
 int mac_smack_apply(const char *path, const char *label);
 int mac_smack_apply_fd(int fd, const char *label);
+int mac_smack_apply_pid(pid_t pid, const char *label);
 int mac_smack_apply_ip_in_fd(int fd, const char *label);
 int mac_smack_apply_ip_out_fd(int fd, const char *label);