6 files changed, 31 insertions, 6 deletions

diff --git a/src/shared/btrfs-util.c b/src/shared/btrfs-util.c
index 84c81106fa..9b47330a6f 100644
--- a/src/shared/btrfs-util.c
+++ b/src/shared/btrfs-util.c
@@ -33,6 +33,8 @@
 #include "macro.h"
 #include "strv.h"
 #include "copy.h"
+#include "selinux-util.h"
+#include "smack-util.h"
 #include "btrfs-ctree.h"
 #include "btrfs-util.h"
 
@@ -184,6 +186,24 @@ int btrfs_subvol_make(const char *path) {
         return 0;
 }
 
+int btrfs_subvol_make_label(const char *path) {
+        int r;
+
+        assert(path);
+
+        r = mac_selinux_create_file_prepare(path, S_IFDIR);
+        if (r < 0)
+                return r;
+
+        r = btrfs_subvol_make(path);
+        mac_selinux_create_file_clear();
+
+        if (r < 0)
+                return r;
+
+        return mac_smack_fix(path, false, false);
+}
+
 int btrfs_subvol_remove(const char *path) {
         struct btrfs_ioctl_vol_args args = {};
         _cleanup_close_ int fd = -1;
diff --git a/src/shared/btrfs-util.h b/src/shared/btrfs-util.h
index f51f37a659..dff8c015a6 100644
--- a/src/shared/btrfs-util.h
+++ b/src/shared/btrfs-util.h
@@ -37,6 +37,7 @@ typedef struct BtrfsSubvolInfo {
 int btrfs_is_snapshot(int fd);
 
 int btrfs_subvol_make(const char *path);
+int btrfs_subvol_make_label(const char *path);
 int btrfs_subvol_remove(const char *path);
 int btrfs_subvol_snapshot(const char *old_path, const char *new_path, bool read_only, bool fallback_copy);
 
diff --git a/src/shared/fileio-label.c b/src/shared/fileio-label.c
index 294c9e6bad..5fd69e0580 100644
--- a/src/shared/fileio-label.c
+++ b/src/shared/fileio-label.c
@@ -23,9 +23,10 @@
 #include <sys/stat.h>
 #include <unistd.h>
 
-#include "fileio-label.h"
-#include "label.h"
 #include "util.h"
+#include "selinux-util.h"
+#include "label.h"
+#include "fileio-label.h"
 
 int write_string_file_atomic_label(const char *fn, const char *line) {
         int r;
diff --git a/src/shared/label.c b/src/shared/label.c
index 0af41afa77..82f10b21bd 100644
--- a/src/shared/label.c
+++ b/src/shared/label.c
@@ -19,8 +19,10 @@
   along with systemd; If not, see <http://www.gnu.org/licenses/>.
 ***/
 
-#include "label.h"
+#include "selinux-util.h"
+#include "smack-util.h"
 #include "util.h"
+#include "label.h"
 
 int label_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
         int r, q;
diff --git a/src/shared/label.h b/src/shared/label.h
index 3428a8bb7a..8070bcb021 100644
--- a/src/shared/label.h
+++ b/src/shared/label.h
@@ -21,8 +21,8 @@
   along with systemd; If not, see <http://www.gnu.org/licenses/>.
 ***/
 
-#include "selinux-util.h"
-#include "smack-util.h"
+#include <stdbool.h>
+#include <sys/types.h>
 
 int label_fix(const char *path, bool ignore_enoent, bool ignore_erofs);
 
diff --git a/src/shared/socket-label.c b/src/shared/socket-label.c
index b1ef19f265..6806c51158 100644
--- a/src/shared/socket-label.c
+++ b/src/shared/socket-label.c
@@ -35,9 +35,10 @@
 #include "macro.h"
 #include "util.h"
 #include "mkdir.h"
-#include "socket-util.h"
 #include "missing.h"
 #include "label.h"
+#include "selinux-util.h"
+#include "socket-util.h"
 
 int socket_address_listen(
                 const SocketAddress *a,