#include <mqueue.h>
#include <sys/xattr.h>
+#ifdef HAVE_SELINUX
+#include <selinux/selinux.h>
+#endif
+
#include "sd-event.h"
#include "log.h"
#include "load-dropin.h"
"%sPassCredentials: %s\n"
"%sPassSecurity: %s\n"
"%sTCPCongestion: %s\n"
- "%sRemoveOnStop: %s\n",
+ "%sRemoveOnStop: %s\n"
+ "%sSELinuxLabelViaNet: %s\n",
prefix, socket_state_to_string(s->state),
prefix, socket_result_to_string(s->result),
prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
prefix, yes_no(s->pass_cred),
prefix, yes_no(s->pass_sec),
prefix, strna(s->tcp_congestion),
- prefix, yes_no(s->remove_on_stop));
+ prefix, yes_no(s->remove_on_stop),
+ prefix, yes_no(s->selinux_label_via_net));
if (s->control_pid > 0)
fprintf(f,
continue;
if (p->type == SOCKET_SOCKET) {
-
+#ifdef HAVE_SELINUX
+ if (!know_label && s->selinux_label_via_net) {
+ r = getcon(&label);
+ if (r < 0)
+ return r;
+ know_label = true;
+ }
+#endif
if (!know_label) {
r = socket_instantiate_service(s);
cfd = -1;
s->n_connections ++;
+ if (s->selinux_label_via_net)
+ service->exec_context.selinux_label_via_net = true;
+
r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
if (r < 0)
goto fail;
~ianmdlvl / elogind.git / blobdiff