summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/core/main.c7
-rw-r--r--src/core/namespace.c3
-rw-r--r--src/core/socket.c1
-rw-r--r--src/hostname/hostnamed.c1
-rw-r--r--src/locale/localed.c1
-rw-r--r--src/login/logind-dbus.c3
-rw-r--r--src/resolve/resolved.c1
-rw-r--r--src/shared/btrfs-util.c20
-rw-r--r--src/shared/btrfs-util.h1
-rw-r--r--src/shared/fileio-label.c5
-rw-r--r--src/shared/label.c4
-rw-r--r--src/shared/label.h4
-rw-r--r--src/shared/socket-label.c3
-rw-r--r--src/sysusers/sysusers.c1
-rw-r--r--src/test/test-udev.c1
-rw-r--r--src/timedate/timedated.c1
-rw-r--r--src/tmpfiles/tmpfiles.c28
-rw-r--r--src/udev/udev-node.c1
-rw-r--r--src/udev/udevadm.c1
-rw-r--r--src/udev/udevd.c7
-rw-r--r--src/update-done/update-done.c1
21 files changed, 76 insertions, 19 deletions
diff --git a/src/core/main.c b/src/core/main.c
index 300567a922..87d54caac3 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -42,9 +42,7 @@
#include "sd-daemon.h"
#include "sd-messages.h"
#include "sd-bus.h"
-#include "manager.h"
#include "log.h"
-#include "load-fragment.h"
#include "fdset.h"
#include "special.h"
#include "conf-parser.h"
@@ -64,9 +62,12 @@
#include "env-util.h"
#include "clock-util.h"
#include "fileio.h"
-#include "dbus-manager.h"
#include "bus-error.h"
#include "bus-util.h"
+#include "selinux-util.h"
+#include "manager.h"
+#include "dbus-manager.h"
+#include "load-fragment.h"
#include "mount-setup.h"
#include "loopback-setup.h"
diff --git a/src/core/namespace.c b/src/core/namespace.c
index 4c411096a1..5b408e06ac 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -35,7 +35,6 @@
#include "strv.h"
#include "util.h"
#include "path-util.h"
-#include "namespace.h"
#include "missing.h"
#include "execute.h"
#include "loopback-setup.h"
@@ -43,6 +42,8 @@
#include "dev-setup.h"
#include "def.h"
#include "label.h"
+#include "selinux-util.h"
+#include "namespace.h"
typedef enum MountMode {
/* This is ordered by priority! */
diff --git a/src/core/socket.c b/src/core/socket.c
index 8fa55e0b03..b671fffc59 100644
--- a/src/core/socket.c
+++ b/src/core/socket.c
@@ -48,6 +48,7 @@
#include "smack-util.h"
#include "bus-util.h"
#include "bus-error.h"
+#include "selinux-util.h"
#include "dbus-socket.h"
#include "unit.h"
#include "socket.h"
diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c
index b230ff6d5c..7cd4a1d001 100644
--- a/src/hostname/hostnamed.c
+++ b/src/hostname/hostnamed.c
@@ -33,6 +33,7 @@
#include "label.h"
#include "bus-util.h"
#include "event-util.h"
+#include "selinux-util.h"
#define VALID_DEPLOYMENT_CHARS (DIGITS LETTERS "-.:")
diff --git a/src/locale/localed.c b/src/locale/localed.c
index 072354162d..529a9abfd6 100644
--- a/src/locale/localed.c
+++ b/src/locale/localed.c
@@ -39,6 +39,7 @@
#include "bus-message.h"
#include "event-util.h"
#include "locale-util.h"
+#include "selinux-util.h"
#ifdef HAVE_XKBCOMMON
#include <xkbcommon/xkbcommon.h>
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
index c0d1309474..26ce8fe11f 100644
--- a/src/login/logind-dbus.c
+++ b/src/login/logind-dbus.c
@@ -39,9 +39,10 @@
#include "audit.h"
#include "bus-util.h"
#include "bus-error.h"
-#include "logind.h"
#include "bus-common-errors.h"
#include "udev-util.h"
+#include "selinux-util.h"
+#include "logind.h"
static int property_get_idle_hint(
sd_bus *bus,
diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c
index c0ab947c0e..ce15a8011d 100644
--- a/src/resolve/resolved.c
+++ b/src/resolve/resolved.c
@@ -24,6 +24,7 @@
#include "mkdir.h"
#include "label.h"
#include "capability.h"
+#include "selinux-util.h"
#include "resolved-manager.h"
#include "resolved-conf.h"
diff --git a/src/shared/btrfs-util.c b/src/shared/btrfs-util.c
index 84c81106fa..9b47330a6f 100644
--- a/src/shared/btrfs-util.c
+++ b/src/shared/btrfs-util.c
@@ -33,6 +33,8 @@
#include "macro.h"
#include "strv.h"
#include "copy.h"
+#include "selinux-util.h"
+#include "smack-util.h"
#include "btrfs-ctree.h"
#include "btrfs-util.h"
@@ -184,6 +186,24 @@ int btrfs_subvol_make(const char *path) {
return 0;
}
+int btrfs_subvol_make_label(const char *path) {
+ int r;
+
+ assert(path);
+
+ r = mac_selinux_create_file_prepare(path, S_IFDIR);
+ if (r < 0)
+ return r;
+
+ r = btrfs_subvol_make(path);
+ mac_selinux_create_file_clear();
+
+ if (r < 0)
+ return r;
+
+ return mac_smack_fix(path, false, false);
+}
+
int btrfs_subvol_remove(const char *path) {
struct btrfs_ioctl_vol_args args = {};
_cleanup_close_ int fd = -1;
diff --git a/src/shared/btrfs-util.h b/src/shared/btrfs-util.h
index f51f37a659..dff8c015a6 100644
--- a/src/shared/btrfs-util.h
+++ b/src/shared/btrfs-util.h
@@ -37,6 +37,7 @@ typedef struct BtrfsSubvolInfo {
int btrfs_is_snapshot(int fd);
int btrfs_subvol_make(const char *path);
+int btrfs_subvol_make_label(const char *path);
int btrfs_subvol_remove(const char *path);
int btrfs_subvol_snapshot(const char *old_path, const char *new_path, bool read_only, bool fallback_copy);
diff --git a/src/shared/fileio-label.c b/src/shared/fileio-label.c
index 294c9e6bad..5fd69e0580 100644
--- a/src/shared/fileio-label.c
+++ b/src/shared/fileio-label.c
@@ -23,9 +23,10 @@
#include <sys/stat.h>
#include <unistd.h>
-#include "fileio-label.h"
-#include "label.h"
#include "util.h"
+#include "selinux-util.h"
+#include "label.h"
+#include "fileio-label.h"
int write_string_file_atomic_label(const char *fn, const char *line) {
int r;
diff --git a/src/shared/label.c b/src/shared/label.c
index 0af41afa77..82f10b21bd 100644
--- a/src/shared/label.c
+++ b/src/shared/label.c
@@ -19,8 +19,10 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include "label.h"
+#include "selinux-util.h"
+#include "smack-util.h"
#include "util.h"
+#include "label.h"
int label_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
int r, q;
diff --git a/src/shared/label.h b/src/shared/label.h
index 3428a8bb7a..8070bcb021 100644
--- a/src/shared/label.h
+++ b/src/shared/label.h
@@ -21,8 +21,8 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include "selinux-util.h"
-#include "smack-util.h"
+#include <stdbool.h>
+#include <sys/types.h>
int label_fix(const char *path, bool ignore_enoent, bool ignore_erofs);
diff --git a/src/shared/socket-label.c b/src/shared/socket-label.c
index b1ef19f265..6806c51158 100644
--- a/src/shared/socket-label.c
+++ b/src/shared/socket-label.c
@@ -35,9 +35,10 @@
#include "macro.h"
#include "util.h"
#include "mkdir.h"
-#include "socket-util.h"
#include "missing.h"
#include "label.h"
+#include "selinux-util.h"
+#include "socket-util.h"
int socket_address_listen(
const SocketAddress *a,
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
index 0baa2c39d8..5d5f5ea794 100644
--- a/src/sysusers/sysusers.c
+++ b/src/sysusers/sysusers.c
@@ -39,6 +39,7 @@
#include "label.h"
#include "fileio-label.h"
#include "uid-range.h"
+#include "selinux-util.h"
typedef enum ItemType {
ADD_USER = 'u',
diff --git a/src/test/test-udev.c b/src/test/test-udev.c
index f2283ec7a7..b57d275efa 100644
--- a/src/test/test-udev.c
+++ b/src/test/test-udev.c
@@ -32,6 +32,7 @@
#include <sys/signalfd.h>
#include "missing.h"
+#include "selinux-util.h"
#include "udev.h"
#include "udev-util.h"
diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c
index d507200648..753c3d1d65 100644
--- a/src/timedate/timedated.c
+++ b/src/timedate/timedated.c
@@ -40,6 +40,7 @@
#include "bus-error.h"
#include "bus-common-errors.h"
#include "event-util.h"
+#include "selinux-util.h"
#define NULL_ADJTIME_UTC "0.0 0 0\n0\nUTC\n"
#define NULL_ADJTIME_LOCAL "0.0 0 0\n0\nLOCAL\n"
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
index 44ea51e26b..b830850879 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -54,6 +54,8 @@
#include "specifier.h"
#include "build.h"
#include "copy.h"
+#include "selinux-util.h"
+#include "btrfs-util.h"
/* This reads all files listed in /etc/tmpfiles.d/?*.conf and creates
* them in the file system. This is intended to be used to create
@@ -66,6 +68,7 @@ typedef enum ItemType {
TRUNCATE_FILE = 'F',
CREATE_DIRECTORY = 'd',
TRUNCATE_DIRECTORY = 'D',
+ CREATE_SUBVOLUME = 'v',
CREATE_FIFO = 'p',
CREATE_SYMLINK = 'L',
CREATE_CHAR_DEVICE = 'c',
@@ -758,17 +761,27 @@ static int create_item(Item *i) {
break;
- case TRUNCATE_DIRECTORY:
case CREATE_DIRECTORY:
+ case TRUNCATE_DIRECTORY:
+ case CREATE_SUBVOLUME:
- RUN_WITH_UMASK(0000) {
+ RUN_WITH_UMASK(0000)
mkdir_parents_label(i->path, 0755);
- r = mkdir_label(i->path, i->mode);
+
+ if (i->type == CREATE_SUBVOLUME) {
+ RUN_WITH_UMASK((~i->mode) & 0777)
+ r = btrfs_subvol_make(i->path);
+ } else
+ r = 0;
+
+ if (i->type == CREATE_DIRECTORY || r == -ENOTTY) {
+ RUN_WITH_UMASK(0000)
+ r = mkdir_label(i->path, i->mode);
}
if (r < 0) {
if (r != -EEXIST)
- return log_error_errno(r, "Failed to create directory %s: %m", i->path);
+ return log_error_errno(r, "Failed to create directory or subvolume %s: %m", i->path);
if (stat(i->path, &st) < 0)
return log_error_errno(errno, "stat(%s) failed: %m", i->path);
@@ -970,6 +983,7 @@ static int remove_item_instance(Item *i, const char *instance) {
case CREATE_FILE:
case TRUNCATE_FILE:
case CREATE_DIRECTORY:
+ case CREATE_SUBVOLUME:
case CREATE_FIFO:
case CREATE_SYMLINK:
case CREATE_BLOCK_DEVICE:
@@ -1014,6 +1028,7 @@ static int remove_item(Item *i) {
case CREATE_FILE:
case TRUNCATE_FILE:
case CREATE_DIRECTORY:
+ case CREATE_SUBVOLUME:
case CREATE_FIFO:
case CREATE_SYMLINK:
case CREATE_CHAR_DEVICE:
@@ -1091,6 +1106,7 @@ static int clean_item(Item *i) {
switch (i->type) {
case CREATE_DIRECTORY:
+ case CREATE_SUBVOLUME:
case TRUNCATE_DIRECTORY:
case IGNORE_PATH:
case COPY_FILES:
@@ -1289,6 +1305,7 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) {
case CREATE_FILE:
case TRUNCATE_FILE:
case CREATE_DIRECTORY:
+ case CREATE_SUBVOLUME:
case TRUNCATE_DIRECTORY:
case CREATE_FIFO:
case IGNORE_PATH:
@@ -1429,6 +1446,7 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) {
} else
i->mode =
i->type == CREATE_DIRECTORY ||
+ i->type == CREATE_SUBVOLUME ||
i->type == TRUNCATE_DIRECTORY ? 0755 : 0644;
if (age && !streq(age, "-")) {
@@ -1636,7 +1654,7 @@ static int read_config_file(const char *fn, bool ignore_enoent) {
continue;
HASHMAP_FOREACH(j, items, iter) {
- if (j->type != CREATE_DIRECTORY && j->type != TRUNCATE_DIRECTORY)
+ if (j->type != CREATE_DIRECTORY && j->type != TRUNCATE_DIRECTORY && j->type != CREATE_SUBVOLUME)
continue;
if (path_equal(j->path, i->path)) {
diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c
index c30a428ea1..499feefceb 100644
--- a/src/udev/udev-node.c
+++ b/src/udev/udev-node.c
@@ -31,6 +31,7 @@
#include "udev.h"
#include "smack-util.h"
+#include "selinux-util.h"
static int node_symlink(struct udev_device *dev, const char *node, const char *slink) {
struct stat stats;
diff --git a/src/udev/udevadm.c b/src/udev/udevadm.c
index d9bd69742c..a957e92708 100644
--- a/src/udev/udevadm.c
+++ b/src/udev/udevadm.c
@@ -24,6 +24,7 @@
#include <errno.h>
#include <getopt.h>
+#include "selinux-util.h"
#include "udev.h"
static int adm_version(struct udev *udev, int argc, char *argv[]) {
diff --git a/src/udev/udevd.c b/src/udev/udevd.c
index c3678259bc..3edb29bded 100644
--- a/src/udev/udevd.c
+++ b/src/udev/udevd.c
@@ -46,13 +46,14 @@
#include <sys/inotify.h>
#include <sys/utsname.h>
-#include "udev.h"
-#include "udev-util.h"
-#include "rtnl-util.h"
#include "sd-daemon.h"
+#include "rtnl-util.h"
#include "cgroup-util.h"
#include "dev-setup.h"
#include "fileio.h"
+#include "selinux-util.h"
+#include "udev.h"
+#include "udev-util.h"
static struct udev_rules *rules;
static struct udev_ctrl *udev_ctrl;
diff --git a/src/update-done/update-done.c b/src/update-done/update-done.c
index a910808d04..561963e5eb 100644
--- a/src/update-done/update-done.c
+++ b/src/update-done/update-done.c
@@ -21,6 +21,7 @@
#include "util.h"
#include "label.h"
+#include "selinux-util.h"
#define MESSAGE \
"This file was created by systemd-update-done. Its only \n" \