[thirdparty/systemd.git] / src / core / selinux-access.h

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

#pragma once

/***
  This file is part of systemd.

  Copyright 2012 Dan Walsh

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include "sd-bus.h"
#include "bus-error.h"
#include "bus-util.h"
#include "manager.h"

void selinux_access_free(void);

int selinux_generic_access_check(sd_bus_message *message, const char *path, const char *permission, sd_bus_error *error);

int selinux_unit_access_check_strv(char **units, sd_bus_message *message, Manager *m, const char *permission, sd_bus_error *error);

#ifdef HAVE_SELINUX

#define selinux_access_check(message, permission, error) \
        selinux_generic_access_check((message), NULL, (permission), (error))

#define selinux_unit_access_check(unit, message, permission, error) \
        ({                                                              \
                Unit *_unit = (unit);                                   \
                selinux_generic_access_check((message), _unit->fragment_path ?: _unit->fragment_path, (permission), (error)); \
        })

#else

#define selinux_access_check(message, permission, error) 0
#define selinux_unit_access_check(unit, message, permission, error) 0

#endif
Commit	Line	Data
e2417e41 DW	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
e2417e41 DW	2
cad45ba1	3	#pragma once
e2417e41 DW	4
	5	/***
	6	This file is part of systemd.
	7
	8	Copyright 2012 Dan Walsh
	9
	10	systemd is free software; you can redistribute it and/or modify it
03e22642 KS	11	under the terms of the GNU Lesser General Public License as published by
03e22642 KS	12	the Free Software Foundation; either version 2.1 of the License, or
e2417e41 DW	13	(at your option) any later version.
	14
	15	systemd is distributed in the hope that it will be useful, but
	16	WITHOUT ANY WARRANTY; without even the implied warranty of
	17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
03e22642	18	Lesser General Public License for more details.
e2417e41	19
03e22642	20	You should have received a copy of the GNU Lesser General Public License
e2417e41 DW	21	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	22	***/
	23
718db961 LP	24	#include "sd-bus.h"
	25	#include "bus-error.h"
	26	#include "bus-util.h"
e94937df	27	#include "manager.h"
ffc227c9 LP	28
	29	void selinux_access_free(void);
	30
4f4f7036	31	int selinux_generic_access_check(sd_bus_message message, const char path, const char permission, sd_bus_error error);
cad45ba1	32
e94937df LN	33	int selinux_unit_access_check_strv(char *units, sd_bus_message message, Manager m, const char permission, sd_bus_error *error);
e94937df LN	34
cad45ba1 LP	35	#ifdef HAVE_SELINUX
cad45ba1 LP	36
4f4f7036 LP	37	#define selinux_access_check(message, permission, error) \
	38	selinux_generic_access_check((message), NULL, (permission), (error))
	39
	40	#define selinux_unit_access_check(unit, message, permission, error) \
	41	({ \
	42	Unit *_unit = (unit); \
	43	selinux_generic_access_check((message), _unit->fragment_path ?: _unit->fragment_path, (permission), (error)); \
	44	})
cad45ba1 LP	45
	46	#else
	47
4f4f7036 LP	48	#define selinux_access_check(message, permission, error) 0
4f4f7036 LP	49	#define selinux_unit_access_check(unit, message, permission, error) 0
cad45ba1	50
e2417e41	51	#endif