According to Documentation/security/Smack.txt:
In keeping with the intent of Smack, configuration data is minimal
and not strictly required. The most important configuration step is
mounting the smackfs pseudo filesystem.
This means that checking the mount point should be enough.
may be used to check whether the given
security module is enabled on the
system. Currently the only recognized
- values are <varname>selinux</varname>
- and <varname>apparmor</varname>.
+ values are <varname>selinux</varname>,
+ <varname>apparmor</varname>, and
+ <varname>smack</varname>.
The test may be negated by prepending
an exclamation
mark.</para>
#endif
if (streq(parameter, "apparmor"))
return access("/sys/kernel/security/apparmor/", F_OK) == 0;
+ if (streq(parameter, "smack"))
+ return access("/sys/fs/smackfs", F_OK) == 0;
return false;
}