smack: minimize ifdef use, and move all labeling to smack-util.c

[elogind.git] / src / shared / smack-util.c

diff --git a/src/shared/smack-util.c b/src/shared/smack-util.c
index 4e8cf796d38ffcc0d6ecc456bc69e31b259d41f9..df194e0844b8204289ec1d94f56769e7c5586bd2 100644 (file)
--- a/src/shared/smack-util.c
+++ b/src/shared/smack-util.c
@@ -22,11 +22,14 @@
 ***/
 
 #include <unistd.h>
+#include <string.h>
+#ifdef HAVE_XATTR
+#include <attr/xattr.h>
+#endif
 
 #include "smack-util.h"
 
 bool use_smack(void) {
-
 #ifdef HAVE_SMACK
         static int use_smack_cached = -1;
 
@@ -39,3 +42,50 @@ bool use_smack(void) {
 #endif
 
 }
+
+int smack_label_path(const char *path, const char *label) {
+#ifdef HAVE_SMACK
+        if (!use_smack())
+                return 0;
+
+        if (label)
+                return setxattr(path, "security.SMACK64", label, strlen(label), 0);
+        else
+                return lremovexattr(path, "security.SMACK64");
+#else
+        return 0;
+#endif
+}
+
+int smack_label_fd(int fd, const char *label) {
+#ifdef HAVE_SMACK
+        if (!use_smack())
+                return 0;
+
+        return fsetxattr(fd, "security.SMACK64", label, strlen(label), 0);
+#else
+        return 0;
+#endif
+}
+
+int smack_label_ip_out_fd(int fd, const char *label) {
+#ifdef HAVE_SMACK
+        if (!use_smack())
+                return 0;
+
+        return fsetxattr(fd, "security.SMACK64IPOUT", label, strlen(label), 0);
+#else
+        return 0;
+#endif
+}
+
+int smack_label_ip_in_fd(int fd, const char *label) {
+#ifdef HAVE_SMACK
+        if (!use_smack())
+                return 0;
+
+        return fsetxattr(fd, "security.SMACK64IPIN", label, strlen(label), 0);
+#else
+        return 0;
+#endif
+}