2 This file is part of systemd.
4 Copyright 2017 Yu Watanabe
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include "alloc-util.h"
23 #include "extract-word.h"
24 #include "securebits.h"
25 #include "securebits-util.h"
26 #include "string-util.h"
28 int secure_bits_to_string_alloc(int i
, char **s
) {
29 _cleanup_free_
char *str
= NULL
;
35 r
= asprintf(&str
, "%s%s%s%s%s%s",
36 (i
& (1 << SECURE_KEEP_CAPS
)) ? "keep-caps " : "",
37 (i
& (1 << SECURE_KEEP_CAPS_LOCKED
)) ? "keep-caps-locked " : "",
38 (i
& (1 << SECURE_NO_SETUID_FIXUP
)) ? "no-setuid-fixup " : "",
39 (i
& (1 << SECURE_NO_SETUID_FIXUP_LOCKED
)) ? "no-setuid-fixup-locked " : "",
40 (i
& (1 << SECURE_NOROOT
)) ? "noroot " : "",
41 (i
& (1 << SECURE_NOROOT_LOCKED
)) ? "noroot-locked " : "");
55 int secure_bits_from_string(const char *s
) {
61 _cleanup_free_
char *word
= NULL
;
63 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
69 if (streq(word
, "keep-caps"))
70 secure_bits
|= 1 << SECURE_KEEP_CAPS
;
71 else if (streq(word
, "keep-caps-locked"))
72 secure_bits
|= 1 << SECURE_KEEP_CAPS_LOCKED
;
73 else if (streq(word
, "no-setuid-fixup"))
74 secure_bits
|= 1 << SECURE_NO_SETUID_FIXUP
;
75 else if (streq(word
, "no-setuid-fixup-locked"))
76 secure_bits
|= 1 << SECURE_NO_SETUID_FIXUP_LOCKED
;
77 else if (streq(word
, "noroot"))
78 secure_bits
|= 1 << SECURE_NOROOT
;
79 else if (streq(word
, "noroot-locked"))
80 secure_bits
|= 1 << SECURE_NOROOT_LOCKED
;