| Age | Commit message (Collapse) | Author |
|---|
|
We need original socket_fd around otherwise mac_selinux_get_child_mls_label
fails with -EINVAL return code. Also don't call setexeccon twice but rather pass
context value of SELinuxContext option as an extra argument.
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
new mac_{smack,selinux,apparmor}_xyz() convention
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
move label apis to selinux-util.ch or smack-util.ch appropriately.
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
|
This commit is a first attempt to isolate the udev code from the
remaining code base. It intentionally does not modify any files
but purely delete files which, on a first examination, appear to
not be needed. This is a sweeping commit which may easily have
missed needed code. Files can be retrieved by doing a checkout
from the previous commit:
git checkout 2944f347d0 -- <filename>
|
|
a) Instead of parsing the bus messages inside of selinux-access.c
simply pass everything pre-parsed in the functions
b) implement the access checking with a macro that resolves to nothing
on non-selinux builds
c) split out the selinux checks into their own sources
selinux-util.[ch]
d) this unifies the job creation code behind the D-Bus calls
Manager.StartUnit() and Unit.Start().
|
