From cf8bd44339b00330fdbc91041d6731ba8aba9fec Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 24 Jul 2014 10:40:28 +0200
Subject: socket: introduce SELinuxLabelViaNet option

This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.

Implementation of label_get_child_label derived from xinetd.

Reviewed-by: Paul Moore <pmoore@redhat.com>
---
 src/shared/label.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/shared/label.h')

diff --git a/src/shared/label.h b/src/shared/label.h
index 72948205f6..4163f7f98c 100644
--- a/src/shared/label.h
+++ b/src/shared/label.h
@@ -39,6 +39,7 @@ void label_context_clear(void);
 void label_free(const char *label);
 
 int label_get_create_label_from_exe(const char *exe, char **label);
+int label_get_child_label(int socket_fd, const char *exec, char **label);
 
 int label_mkdir(const char *path, mode_t mode);
 
-- 
cgit v1.2.3-54-g00ecf