diff options
| author | Pádraig Brady <P@draigBrady.com> | 2013-07-02 03:42:20 +0100 |
|---|---|---|
| committer | Pádraig Brady <P@draigBrady.com> | 2013-07-02 09:47:32 +0100 |
| commit | 5fb93f635b935ea5632e36600e07a2c5fc5bad5e (patch) | |
| tree | 387476cda6992e8768ff4646cc605f24dd307de5 /src | |
| parent | b8a87eaf2d6f054473d2dab491ffd4252b6f5b4d (diff) | |
| download | coreutils-5fb93f635b935ea5632e36600e07a2c5fc5bad5e.tar.xz | |
maint: refactor SMACK interface to a separate module
Consolidate all smack routines and checks in a module.
We replace and wrap the most commonly used smack routines,
which allows removing ifdefs throughout the code.
* gl/lib/smack.h: A new header containing the implementation
of the wrapped and replacement routines. Note the is_smack_enabled()
routine should be optimized out at compile time when compiled
on a system without libsmack.
* gl/modules/smack: Describe the new module and move the
configure time code here from ...
* m4/jm-macros.m4: ... here.
* bootstrap.conf: Reference the new module.
* src/id.c: Use the routines without ifdefs where possible.
* src/ls.c: Likewise.
* src/mkdir.c: Likewise.
* src/mkfifo.c: Likewise.
* src/mknod.c: Likewise.
Diffstat (limited to 'src')
| -rw-r--r-- | src/id.c | 19 | ||||
| -rw-r--r-- | src/ls.c | 15 | ||||
| -rw-r--r-- | src/mkdir.c | 9 | ||||
| -rw-r--r-- | src/mkfifo.c | 9 | ||||
| -rw-r--r-- | src/mknod.c | 9 |
5 files changed, 16 insertions, 45 deletions
@@ -24,15 +24,13 @@ #include <grp.h> #include <getopt.h> #include <selinux/selinux.h> -#ifdef HAVE_SMACK -# include <sys/smack.h> -#endif #include "system.h" #include "error.h" #include "mgetgroups.h" #include "quote.h" #include "group-list.h" +#include "smack.h" /* The official name of this program (e.g., no 'g' prefix). */ #define PROGRAM_NAME "id" @@ -110,9 +108,7 @@ main (int argc, char **argv) { int optc; int selinux_enabled = (is_selinux_enabled () > 0); -#ifdef HAVE_SMACK - int smack_enabled = (smack_smackfs_path () != NULL); -#endif + bool smack_enabled = is_smack_enabled (); /* If true, output the list of all group IDs. -G */ bool just_group_list = false; @@ -207,14 +203,11 @@ main (int argc, char **argv) || (default_format && ! getenv ("POSIXLY_CORRECT")))) { /* Report failure only if --context (-Z) was explicitly requested. */ - if (selinux_enabled && getcon (&context) && just_context) + if ((selinux_enabled && getcon (&context) && just_context) + || (smack_enabled + && smack_new_label_from_self ((char **) &context) < 0 + && just_context)) error (EXIT_FAILURE, 0, _("can't get process context")); -#ifdef HAVE_SMACK - else if (smack_enabled - && smack_new_label_from_self ((char **) &context) < 0 - && just_context) - error (EXIT_FAILURE, 0, _("can't get process context")); -#endif } if (n_ids == 1) @@ -101,6 +101,7 @@ #include "obstack.h" #include "quote.h" #include "quotearg.h" +#include "smack.h" #include "stat-size.h" #include "stat-time.h" #include "strftime.h" @@ -115,10 +116,6 @@ # include <sys/capability.h> #endif -#ifdef HAVE_SMACK -# include <sys/smack.h> -#endif - #define PROGRAM_NAME (ls_mode == LS_LS ? "ls" \ : (ls_mode == LS_MULTI_COL \ ? "dir" : "vdir")) @@ -2762,11 +2759,9 @@ free_ent (struct fileinfo *f) free (f->linkname); if (f->scontext != UNKNOWN_SECURITY_CONTEXT) { -#ifdef HAVE_SMACK - if (smack_smackfs_path ()) + if (is_smack_enabled ()) free (f->scontext); else -#endif freecon (f->scontext); } } @@ -2825,7 +2820,7 @@ getfilecon_cache (char const *file, struct fileinfo *f, bool deref) } int r = 0; #ifdef HAVE_SMACK - if (smack_smackfs_path ()) + if (is_smack_enabled ()) r = smack_new_label_from_path (file, "security.SMACK64", deref, &f->scontext); else @@ -3030,11 +3025,9 @@ gobble_file (char const *name, enum filetype type, ino_t inode, if (err == 0) { -#ifdef HAVE_SMACK - if (smack_smackfs_path ()) + if (is_smack_enabled ()) have_scontext = ! STREQ ("_", f->scontext); else -#endif have_scontext = ! STREQ ("unlabeled", f->scontext); } else diff --git a/src/mkdir.c b/src/mkdir.c index e56b6cbbd..479faca85 100644 --- a/src/mkdir.c +++ b/src/mkdir.c @@ -22,10 +22,6 @@ #include <sys/types.h> #include <selinux/selinux.h> -#ifdef HAVE_SMACK -# include <sys/smack.h> -#endif - #include "system.h" #include "error.h" #include "mkdir-p.h" @@ -33,6 +29,7 @@ #include "prog-fprintf.h" #include "quote.h" #include "savewd.h" +#include "smack.h" /* The official name of this program (e.g., no 'g' prefix). */ #define PROGRAM_NAME "mkdir" @@ -201,11 +198,9 @@ main (int argc, char **argv) if (scontext) { -#ifdef HAVE_SMACK - if (smack_smackfs_path ()) + if (is_smack_enabled ()) ret = smack_set_label_for_self (scontext); else -#endif ret = setfscreatecon (scontext); } diff --git a/src/mkfifo.c b/src/mkfifo.c index a87a393e2..f9fcc0a60 100644 --- a/src/mkfifo.c +++ b/src/mkfifo.c @@ -22,14 +22,11 @@ #include <sys/types.h> #include <selinux/selinux.h> -#ifdef HAVE_SMACK -# include <sys/smack.h> -#endif - #include "system.h" #include "error.h" #include "modechange.h" #include "quote.h" +#include "smack.h" /* The official name of this program (e.g., no 'g' prefix). */ #define PROGRAM_NAME "mkfifo" @@ -115,11 +112,9 @@ main (int argc, char **argv) if (scontext) { -#ifdef HAVE_SMACK - if (smack_smackfs_path ()) + if (is_smack_enabled ()) ret = smack_set_label_for_self (scontext); else -#endif ret = setfscreatecon (scontext); } diff --git a/src/mknod.c b/src/mknod.c index 9f0afb3ff..4fd6ed0f4 100644 --- a/src/mknod.c +++ b/src/mknod.c @@ -22,14 +22,11 @@ #include <sys/types.h> #include <selinux/selinux.h> -#ifdef HAVE_SMACK -# include <sys/smack.h> -#endif - #include "system.h" #include "error.h" #include "modechange.h" #include "quote.h" +#include "smack.h" #include "xstrtol.h" /* The official name of this program (e.g., no 'g' prefix). */ @@ -171,11 +168,9 @@ main (int argc, char **argv) if (scontext) { -#ifdef HAVE_SMACK - if (smack_smackfs_path ()) + if (is_smack_enabled ()) ret = smack_set_label_for_self (scontext); else -#endif ret = setfscreatecon (scontext); } |