#include "conf-files.h"
#include "strbuf.h"
#include "strv.h"
+#include "util.h"
#define PREALLOC_TOKEN 2048
TK_A_MODE_ID, /* mode_t */
TK_A_TAG, /* val */
TK_A_STATIC_NODE, /* val */
+ TK_A_SECLABEL, /* val, attr */
TK_A_ENV, /* val, attr */
TK_A_NAME, /* val */
TK_A_DEVLINK, /* val */
[TK_A_OWNER_ID] = "A OWNER_ID",
[TK_A_GROUP_ID] = "A GROUP_ID",
[TK_A_STATIC_NODE] = "A STATIC_NODE",
+ [TK_A_SECLABEL] = "A SECLABEL",
[TK_A_MODE_ID] = "A MODE_ID",
[TK_A_ENV] = "A ENV",
[TK_A_TAG] = "A ENV",
case TK_A_STATIC_NODE:
log_debug("%s '%s'\n", token_str(type), value);
break;
+ case TK_A_SECLABEL:
+ log_debug("%s %s '%s' '%s'\n", token_str(type), operation_str(op), attr, value);
+ break;
case TK_M_EVENT_TIMEOUT:
log_debug("%s %u\n", token_str(type), token->key.event_timeout);
break;
case TK_M_ATTRS:
case TK_A_ATTR:
case TK_A_ENV:
+ case TK_A_SECLABEL:
attr = data;
token->key.value_off = rules_add_string(rule_tmp->rules, value);
token->key.attr_off = rules_add_string(rule_tmp->rules, attr);
char *value;
enum operation_type op;
- if (get_key(rules->udev, &linepos, &key, &op, &value) != 0)
+ if (get_key(rules->udev, &linepos, &key, &op, &value) != 0) {
+ /* Avoid erroring on trailing whitespace. This is probably rare
+ * so save the work for the error case instead of always trying
+ * to strip the trailing whitespace with strstrip(). */
+ while (isblank(*linepos))
+ linepos++;
+
+ /* If we aren't at the end of the line, this is a parsing error.
+ * Make a best effort to describe where the problem is. */
+ if (*linepos != '\n') {
+ char buf[2] = {linepos[1]};
+ _cleanup_free_ char *tmp;
+
+ tmp = cescape(buf);
+ log_error("invalid key/value pair in file %s on line %u,"
+ "starting at character %tu ('%s')\n",
+ filename, lineno, linepos - line + 1, tmp);
+ if (linepos[1] == '#')
+ log_info("hint: comments can only start at beginning of line");
+ }
break;
+ }
if (streq(key, "ACTION")) {
if (op > OP_MATCH_MAX) {
continue;
}
+ if (startswith(key, "SECLABEL{")) {
+ attr = get_key_attribute(rules->udev, key + sizeof("SECLABEL")-1);
+ if (!attr) {
+ log_error("error parsing SECLABEL attribute\n");
+ goto invalid;
+ }
+
+ rule_add_key(&rule_tmp, TK_A_SECLABEL, op, value, attr);
+ continue;
+ }
+
if (streq(key, "KERNELS")) {
if (op > OP_MATCH_MAX) {
log_error("invalid KERNELS operation\n");
rules_str(rules, rule->rule.filename_off),
rule->rule.filename_line);
break;
+ case TK_A_SECLABEL: {
+ const char *name, *label;
+
+ name = rules_str(rules, cur->key.attr_off);
+ label = rules_str(rules, cur->key.value_off);
+ if (cur->key.op == OP_ASSIGN || cur->key.op == OP_ASSIGN_FINAL)
+ udev_list_cleanup(&event->seclabel_list);
+ udev_list_entry_add(&event->seclabel_list, name, label);
+ log_debug("SECLABEL{%s}='%s' %s:%u\n",
+ name, label,
+ rules_str(rules, rule->rule.filename_off),
+ rule->rule.filename_line);
+ break;
+ }
case TK_A_ENV: {
const char *name = rules_str(rules, cur->key.attr_off);
char *value = rules_str(rules, cur->key.value_off);
}
}
+ /* don't touch the permissions if only the tags were set */
+ if (mode == 0 && uid == 0 && gid == 0)
+ goto next;
+
if (mode == 0) {
if (gid > 0)
mode = 0660;