X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fcore%2Fselinux-access.h;h=dd1e8bb9d033b4ccbd94ee82e666ac43a91a473f;hp=9183cbc9a611278ebdb5ac44b05c419d2a1c6ca5;hb=b02cb41c78c61c27bf1432e19f241a3c3d47a419;hpb=ffc227c9568eb0a12dc750761d1e5d68ea125aad
diff --git a/src/core/selinux-access.h b/src/core/selinux-access.h
index 9183cbc9a..dd1e8bb9d 100644
--- a/src/core/selinux-access.h
+++ b/src/core/selinux-access.h
@@ -8,55 +8,44 @@
Copyright 2012 Dan Walsh
systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
+ Lesser General Public License for more details.
- You should have received a copy of the GNU General Public License
+ You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see .
***/
-#include
+#include "sd-bus.h"
+#include "bus-error.h"
+#include "bus-util.h"
+#include "manager.h"
-void selinux_access_free(void);
+void mac_selinux_access_free(void);
-int selinux_access_check(DBusConnection *connection, DBusMessage *message, const char *path, const char *permission, DBusError *error);
+int mac_selinux_generic_access_check(sd_bus_message *message, const char *path, const char *permission, sd_bus_error *error);
+
+int mac_selinux_unit_access_check_strv(char **units, sd_bus_message *message, Manager *m, const char *permission, sd_bus_error *error);
#ifdef HAVE_SELINUX
-#define SELINUX_ACCESS_CHECK(connection, message, permission) \
- do { \
- DBusError _error; \
- int _r; \
- DBusConnection *_c = (connection); \
- DBusMessage *_m = (message); \
- dbus_error_init(&_error); \
- _r = selinux_access_check(_c, _m, NULL, (permission), &_error); \
- if (_r < 0) \
- return bus_send_error_reply(_c, _m, &_error, _r); \
- } while (false)
-
-#define SELINUX_UNIT_ACCESS_CHECK(unit, connection, message, permission) \
- do { \
- DBusError _error; \
- int _r; \
- DBusConnection *_c = (connection); \
- DBusMessage *_m = (message); \
- Unit *_u = (unit); \
- dbus_error_init(&_error); \
- _r = selinux_access_check(_c, _m, _u->source_path ?: _u->fragment_path, (permission), &_error); \
- if (_r < 0) \
- return bus_send_error_reply(_c, _m, &_error, _r); \
- } while (false)
+#define mac_selinux_access_check(message, permission, error) \
+ mac_selinux_generic_access_check((message), NULL, (permission), (error))
+
+#define mac_selinux_unit_access_check(unit, message, permission, error) \
+ ({ \
+ Unit *_unit = (unit); \
+ mac_selinux_generic_access_check((message), _unit->source_path ?: _unit->fragment_path, (permission), (error)); \
+ })
#else
-#define SELINUX_ACCESS_CHECK(connection, message, permission) do { } while (false)
-#define SELINUX_UNIT_ACCESS_CHECK(unit, connection, message, permission) do { } while (false)
+#define mac_selinux_access_check(message, permission, error) 0
+#define mac_selinux_unit_access_check(unit, message, permission, error) 0
#endif