From 5dfcb8d20021c8fc555a86c4fbbc72d5c9837150 Mon Sep 17 00:00:00 2001
From: Sangjung Woo <sangjung.woo@samsung.com>
Date: Wed, 21 Oct 2015 21:48:13 +0900
Subject: units: add 'SmackFileSystemRoot=*' option into tmp.mount

If SMACK is enabled, 'smackfsroot=*' option should be specified when
/tmp is mounted since many non-root processes use /tmp for temporary
usage. If not, /tmp is labeled as '_' and smack denial occurs when
writing.

In order to do that, 'SmackFileSystemRoot=*' is newly added into
tmp.mount.
---
 units/tmp.mount.m4 | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 units/tmp.mount.m4

(limited to 'units/tmp.mount.m4')

diff --git a/units/tmp.mount.m4 b/units/tmp.mount.m4
new file mode 100644
index 0000000000..e1e26bdfc0
--- /dev/null
+++ b/units/tmp.mount.m4
@@ -0,0 +1,24 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Temporary Directory
+Documentation=man:hier(7)
+Documentation=http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
+ConditionPathIsSymbolicLink=!/tmp
+DefaultDependencies=no
+Conflicts=umount.target
+Before=local-fs.target umount.target
+
+[Mount]
+What=tmpfs
+Where=/tmp
+Type=tmpfs
+Options=mode=1777,strictatime
+m4_ifdef(`HAVE_SMACK',
+SmackFileSystemRoot=*
+)m4_dnl
-- 
cgit v1.2.3-54-g00ecf