udev: add SECLABEL{selinux}= support

[elogind.git] / src / shared / label.c

diff --git a/src/shared/label.c b/src/shared/label.c
index d353da57ec3d2779d2de7a77388ae7193426aae3..5c7cc1c906e1082e06d7ac58a170ec685d82dc92 100644 (file)
--- a/src/shared/label.c
+++ b/src/shared/label.c
@@ -25,8 +25,12 @@
 #include <malloc.h>
 #include <sys/socket.h>
 #include <sys/un.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
 
 #include "label.h"
+#include "strv.h"
 #include "util.h"
 #include "path-util.h"
 
@@ -78,7 +82,7 @@ int label_init(const char *prefix) {
                 l = after_mallinfo.uordblks > before_mallinfo.uordblks ? after_mallinfo.uordblks - before_mallinfo.uordblks : 0;
 
                 log_debug("Successfully loaded SELinux database in %s, size on heap is %iK.",
-                          format_timespan(timespan, sizeof(timespan), after_timestamp - before_timestamp),
+                          format_timespan(timespan, sizeof(timespan), after_timestamp - before_timestamp, 0),
                           (l+1023)/1024);
         }
 #endif
@@ -253,14 +257,14 @@ void label_free(const char *label) {
 #endif
 }
 
-int label_mkdir(const char *path, mode_t mode, bool apply) {
+int label_mkdir(const char *path, mode_t mode) {
 
         /* Creates a directory and labels it according to the SELinux policy */
 #ifdef HAVE_SELINUX
         int r;
         security_context_t fcon = NULL;
 
-        if (!apply || !use_selinux() || !label_hnd)
+        if (!use_selinux() || !label_hnd)
                 goto skipped;
 
         if (path_is_absolute(path))
@@ -380,3 +384,15 @@ skipped:
 #endif
         return bind(fd, addr, addrlen) < 0 ? -errno : 0;
 }
+
+int label_apply(const char *path, const char *label) {
+        int r = 0;
+
+#ifdef HAVE_SELINUX
+        if (!use_selinux())
+                return 0;
+
+        r = setfilecon(path, (char *)label);
+#endif
+        return r;
+}