diff options
| author | Dan Walsh <dwalsh@redhat.com> | 2013-10-09 14:52:49 -0400 |
|---|---|---|
| committer | Stephen Smalley <sds@tycho.nsa.gov> | 2013-10-24 13:58:37 -0400 |
| commit | ce2a8848ad45e375cfdb58cebe28bc12431bb3db (patch) | |
| tree | f771d200d27e3c31a6a34acd7f074204b4a07f2d | |
| parent | 7fe6036ca5e3624d6e3a0294b909d93b145eac31 (diff) | |
| download | android_external_selinux-ce2a8848ad45e375cfdb58cebe28bc12431bb3db.tar.gz android_external_selinux-ce2a8848ad45e375cfdb58cebe28bc12431bb3db.tar.bz2 android_external_selinux-ce2a8848ad45e375cfdb58cebe28bc12431bb3db.zip | |
Add selinux_systemd_contexts_path
systemd has some internal contexts like generated systemd unit files
that we want to allow it to check against processes trying to manage them.
| -rw-r--r-- | libselinux/include/selinux/selinux.h | 1 | ||||
| -rw-r--r-- | libselinux/src/file_path_suffixes.h | 1 | ||||
| -rw-r--r-- | libselinux/src/selinux_config.c | 10 | ||||
| -rw-r--r-- | libselinux/src/selinux_internal.h | 1 |
4 files changed, 12 insertions, 1 deletions
diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h index 3f8f5f0b..bffa1f9b 100644 --- a/libselinux/include/selinux/selinux.h +++ b/libselinux/include/selinux/selinux.h @@ -521,6 +521,7 @@ extern const char *selinux_virtual_image_context_path(void); extern const char *selinux_lxc_contexts_path(void); extern const char *selinux_x_context_path(void); extern const char *selinux_sepgsql_context_path(void); +extern const char *selinux_systemd_contexts_path(void); extern const char *selinux_contexts_path(void); extern const char *selinux_securetty_types_path(void); extern const char *selinux_booleans_subs_path(void); diff --git a/libselinux/src/file_path_suffixes.h b/libselinux/src/file_path_suffixes.h index d11c8dcf..3c924245 100644 --- a/libselinux/src/file_path_suffixes.h +++ b/libselinux/src/file_path_suffixes.h @@ -23,6 +23,7 @@ S_(BINPOLICY, "/policy/policy") S_(VIRTUAL_DOMAIN, "/contexts/virtual_domain_context") S_(VIRTUAL_IMAGE, "/contexts/virtual_image_context") S_(LXC_CONTEXTS, "/contexts/lxc_contexts") + S_(SYSTEMD_CONTEXTS, "/contexts/systemd_contexts") S_(FILE_CONTEXT_SUBS, "/contexts/files/file_contexts.subs") S_(FILE_CONTEXT_SUBS_DIST, "/contexts/files/file_contexts.subs_dist") S_(SEPGSQL_CONTEXTS, "/contexts/sepgsql_contexts") diff --git a/libselinux/src/selinux_config.c b/libselinux/src/selinux_config.c index bddacd9c..8d6ecf1a 100644 --- a/libselinux/src/selinux_config.c +++ b/libselinux/src/selinux_config.c @@ -50,7 +50,8 @@ #define FILE_CONTEXT_SUBS_DIST 25 #define LXC_CONTEXTS 26 #define BOOLEAN_SUBS 27 -#define NEL 28 +#define SYSTEMD_CONTEXTS 28 +#define NEL 29 /* Part of one-time lazy init */ static pthread_once_t once = PTHREAD_ONCE_INIT; @@ -467,6 +468,13 @@ const char *selinux_lxc_contexts_path(void) hidden_def(selinux_lxc_contexts_path) +const char *selinux_systemd_contexts_path(void) +{ + return get_path(SYSTEMD_CONTEXTS); +} + +hidden_def(selinux_systemd_contexts_path) + const char * selinux_booleans_subs_path(void) { return get_path(BOOLEAN_SUBS); } diff --git a/libselinux/src/selinux_internal.h b/libselinux/src/selinux_internal.h index 2c7c85ce..7c930e5b 100644 --- a/libselinux/src/selinux_internal.h +++ b/libselinux/src/selinux_internal.h @@ -82,6 +82,7 @@ hidden_proto(selinux_mkload_policy) hidden_proto(selinux_media_context_path) hidden_proto(selinux_x_context_path) hidden_proto(selinux_sepgsql_context_path) + hidden_proto(selinux_systemd_contexts_path) hidden_proto(selinux_path) hidden_proto(selinux_check_passwd_access) hidden_proto(selinux_check_securetty_context) |