-static bool test_security(const char *parameter) {
-#ifdef HAVE_SELINUX
- if (streq(parameter, "selinux"))
- return is_selinux_enabled() > 0;
-#endif
- if (streq(parameter, "apparmor"))
- return access("/sys/kernel/security/apparmor/", F_OK) == 0;
- if (streq(parameter, "smack"))
- return access("/sys/fs/smackfs", F_OK) == 0;
- return false;
+static bool condition_test_security(Condition *c) {
+ assert(c);
+ assert(c->parameter);
+ assert(c->type == CONDITION_SECURITY);
+
+ if (streq(c->parameter, "selinux"))
+ return use_selinux() == !c->negate;
+ if (streq(c->parameter, "apparmor"))
+ return use_apparmor() == !c->negate;
+ if (streq(c->parameter, "ima"))
+ return use_ima() == !c->negate;
+ if (streq(c->parameter, "smack"))
+ return use_smack() == !c->negate;
+ return c->negate;