Age | Commit message (Collapse) | Author |
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
of the matching selinux code
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
and all that reset it to defaults mac_{selinux|smack}_fix()
Let's clean up the naming schemes a bit and use the same one for SMACK
and for SELINUX.
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
new mac_{smack,selinux,apparmor}_xyz() convention
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
move label apis to selinux-util.ch or smack-util.ch appropriately.
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
Signed-off-by: Amadeusz Sławiński <amade@asmblr.net>
|
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
This commit is a first attempt to isolate the udev code from the
remaining code base. It intentionally does not modify any files
but purely delete files which, on a first examination, appear to
not be needed. This is a sweeping commit which may easily have
missed needed code. Files can be retrieved by doing a checkout
from the previous commit:
git checkout 2944f347d0 -- <filename>
|
|
|
|
a) Instead of parsing the bus messages inside of selinux-access.c
simply pass everything pre-parsed in the functions
b) implement the access checking with a macro that resolves to nothing
on non-selinux builds
c) split out the selinux checks into their own sources
selinux-util.[ch]
d) this unifies the job creation code behind the D-Bus calls
Manager.StartUnit() and Unit.Start().
|
|
mount but can't due to EROFS
|
|
This reverts commit 9b5af248f04b6cad8a5bca836e89a39e9f6823d9.
Udev now explicitely labels only files/directories in /dev. The selinux
array API is not released and will not work on other distros at this moment.
|
|
|
|
systemd-udev is currently incorrectly labeling /run/udev/* content because it is
using selinux prefix labeling of /dev. This patch will allow systemd-udev to
use prefix labeling of /dev and /run.
|
|
|
|
|
|
|
|
We finally got the OK from all contributors with non-trivial commits to
relicense systemd from GPL2+ to LGPL2.1+.
Some udev bits continue to be GPL2+ for now, but we are looking into
relicensing them too, to allow free copy/paste of all code within
systemd.
The bits that used to be MIT continue to be MIT.
The big benefit of the relicensing is that closed source code may now
link against libsystemd-login.so and friends.
|
|
internal libraries
Before:
$ ldd /lib/systemd/systemd-timestamp
linux-vdso.so.1 => (0x00007fffb05ff000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f90aac57000)
libcap.so.2 => /lib64/libcap.so.2 (0x00007f90aaa53000)
librt.so.1 => /lib64/librt.so.1 (0x00007f90aa84a000)
libc.so.6 => /lib64/libc.so.6 (0x00007f90aa494000)
/lib64/ld-linux-x86-64.so.2 (0x00007f90aae90000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f90aa290000)
libattr.so.1 => /lib64/libattr.so.1 (0x00007f90aa08a000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f90a9e6e000)
After:
$ ldd systemd-timestamp
linux-vdso.so.1 => (0x00007fff3cbff000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f5eaa1c3000)
librt.so.1 => /lib64/librt.so.1 (0x00007f5ea9fbb000)
libc.so.6 => /lib64/libc.so.6 (0x00007f5ea9c04000)
/lib64/ld-linux-x86-64.so.2 (0x00007f5eaa3fc000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f5ea9a00000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f5ea97e4000)
|