]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/basic/fileio-label.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2010 Lennart Poettering
6 Copyright 2010 Harald Hoyer
11 #include "fileio-label.h"
13 #include "selinux-util.h"
15 int write_string_file_atomic_label_ts(const char *fn
, const char *line
, struct timespec
*ts
) {
18 r
= mac_selinux_create_file_prepare(fn
, S_IFREG
);
22 r
= write_string_file_ts(fn
, line
, WRITE_STRING_FILE_CREATE
|WRITE_STRING_FILE_ATOMIC
, ts
);
24 mac_selinux_create_file_clear();
29 int write_env_file_label(const char *fname
, char **l
) {
32 r
= mac_selinux_create_file_prepare(fname
, S_IFREG
);
36 r
= write_env_file(fname
, l
);
38 mac_selinux_create_file_clear();
43 int fopen_temporary_label(const char *target
,
44 const char *path
, FILE **f
, char **temp_path
) {
47 r
= mac_selinux_create_file_prepare(target
, S_IFREG
);
51 r
= fopen_temporary(path
, f
, temp_path
);
53 mac_selinux_create_file_clear();
58 int create_shutdown_run_nologin_or_warn(void) {
61 /* This is used twice: once in systemd-user-sessions.service, in order to block logins when we actually go
62 * down, and once in systemd-logind.service when shutdowns are scheduled, and logins are to be turned off a bit
63 * in advance. We use the same wording of the message in both cases. */
65 r
= write_string_file_atomic_label("/run/nologin",
66 "System is going down. Unprivileged users are not permitted to log in anymore. "
67 "For technical details, see pam_nologin(8).");
69 return log_error_errno(r
, "Failed to create /run/nologin: %m");