X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fcore%2Fsmack-setup.c;h=ff2a02004d78307919a1cfc7092384cfd8e6b7f6;hp=611bfdb2df155b20e51bf84ff95a478246c50ec9;hb=3164e3cbc50b8754c51f1fdeda7a7d6cedcc39b6;hpb=8b197c3a8a57c3f7c231b39e5660856fd9580c80 diff --git a/src/core/smack-setup.c b/src/core/smack-setup.c index 611bfdb2d..ff2a02004 100644 --- a/src/core/smack-setup.c +++ b/src/core/smack-setup.c @@ -24,21 +24,15 @@ #include #include #include -#include #include -#include #include -#include #include -#include -#include #include "macro.h" #include "smack-setup.h" #include "util.h" #include "fileio.h" #include "log.h" -#include "label.h" #define SMACK_CONFIG "/etc/smack/accesses.d/" #define CIPSO_CONFIG "/etc/smack/cipso.d/" @@ -56,7 +50,7 @@ static int write_rules(const char* dstpath, const char* srcdir) { dst = fopen(dstpath, "we"); if (!dst) { if (errno != ENOENT) - log_warning("Failed to open %s: %m", dstpath); + log_warning_errno(errno, "Failed to open %s: %m", dstpath); return -errno; /* negative error */ } @@ -64,7 +58,7 @@ static int write_rules(const char* dstpath, const char* srcdir) { dir = opendir(srcdir); if (!dir) { if (errno != ENOENT) - log_warning("Failed to opendir %s: %m", srcdir); + log_warning_errno(errno, "Failed to opendir %s: %m", srcdir); return errno; /* positive on purpose */ } @@ -79,7 +73,7 @@ static int write_rules(const char* dstpath, const char* srcdir) { if (fd < 0) { if (r == 0) r = -errno; - log_warning("Failed to open %s: %m", entry->d_name); + log_warning_errno(errno, "Failed to open %s: %m", entry->d_name); continue; } @@ -87,14 +81,14 @@ static int write_rules(const char* dstpath, const char* srcdir) { if (!policy) { if (r == 0) r = -errno; - close_nointr_nofail(fd); - log_error("Failed to open %s: %m", entry->d_name); + safe_close(fd); + log_error_errno(errno, "Failed to open %s: %m", entry->d_name); continue; } /* load2 write rules in the kernel require a line buffered stream */ FOREACH_LINE(buf, policy, - log_error("Failed to read line from %s: %m", + log_error_errno(errno, "Failed to read line from %s: %m", entry->d_name)) { if (!fputs(buf, dst)) { if (r == 0) @@ -105,7 +99,7 @@ static int write_rules(const char* dstpath, const char* srcdir) { if (fflush(dst)) { if (r == 0) r = -errno; - log_error("Failed to flush writes to %s: %m", dstpath); + log_error_errno(errno, "Failed to flush writes to %s: %m", dstpath); break; } } @@ -116,12 +110,14 @@ static int write_rules(const char* dstpath, const char* srcdir) { #endif -int smack_setup(void) { +int mac_smack_setup(bool *loaded_policy) { #ifdef HAVE_SMACK int r; + assert(loaded_policy); + r = write_rules("/sys/fs/smackfs/load2", SMACK_CONFIG); switch(r) { case -ENOENT: @@ -156,13 +152,15 @@ int smack_setup(void) { return 0; case 0: log_info("Successfully loaded Smack/CIPSO policies."); - return 0; + break; default: log_warning("Failed to load Smack/CIPSO access rules: %s, ignoring.", strerror(abs(r))); return 0; } + *loaded_policy = true; + #endif return 0;