1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 Copyright © 2017 Yu Watanabe
9 #include "alloc-util.h"
10 #include "extract-word.h"
11 #include "securebits.h"
12 #include "securebits-util.h"
13 #include "string-util.h"
15 int secure_bits_to_string_alloc(int i
, char **s
) {
16 _cleanup_free_
char *str
= NULL
;
22 r
= asprintf(&str
, "%s%s%s%s%s%s",
23 (i
& (1 << SECURE_KEEP_CAPS
)) ? "keep-caps " : "",
24 (i
& (1 << SECURE_KEEP_CAPS_LOCKED
)) ? "keep-caps-locked " : "",
25 (i
& (1 << SECURE_NO_SETUID_FIXUP
)) ? "no-setuid-fixup " : "",
26 (i
& (1 << SECURE_NO_SETUID_FIXUP_LOCKED
)) ? "no-setuid-fixup-locked " : "",
27 (i
& (1 << SECURE_NOROOT
)) ? "noroot " : "",
28 (i
& (1 << SECURE_NOROOT_LOCKED
)) ? "noroot-locked " : "");
41 int secure_bits_from_string(const char *s
) {
47 _cleanup_free_
char *word
= NULL
;
49 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
55 if (streq(word
, "keep-caps"))
56 secure_bits
|= 1 << SECURE_KEEP_CAPS
;
57 else if (streq(word
, "keep-caps-locked"))
58 secure_bits
|= 1 << SECURE_KEEP_CAPS_LOCKED
;
59 else if (streq(word
, "no-setuid-fixup"))
60 secure_bits
|= 1 << SECURE_NO_SETUID_FIXUP
;
61 else if (streq(word
, "no-setuid-fixup-locked"))
62 secure_bits
|= 1 << SECURE_NO_SETUID_FIXUP_LOCKED
;
63 else if (streq(word
, "noroot"))
64 secure_bits
|= 1 << SECURE_NOROOT
;
65 else if (streq(word
, "noroot-locked"))
66 secure_bits
|= 1 << SECURE_NOROOT_LOCKED
;