1 /* SPDX-License-Identifier: LGPL-2.1+ */
6 #include "alloc-util.h"
7 #include "extract-word.h"
8 #include "securebits-util.h"
9 #include "string-util.h"
11 int secure_bits_to_string_alloc(int i
, char **s
) {
12 _cleanup_free_
char *str
= NULL
;
18 r
= asprintf(&str
, "%s%s%s%s%s%s",
19 (i
& (1 << SECURE_KEEP_CAPS
)) ? "keep-caps " : "",
20 (i
& (1 << SECURE_KEEP_CAPS_LOCKED
)) ? "keep-caps-locked " : "",
21 (i
& (1 << SECURE_NO_SETUID_FIXUP
)) ? "no-setuid-fixup " : "",
22 (i
& (1 << SECURE_NO_SETUID_FIXUP_LOCKED
)) ? "no-setuid-fixup-locked " : "",
23 (i
& (1 << SECURE_NOROOT
)) ? "noroot " : "",
24 (i
& (1 << SECURE_NOROOT_LOCKED
)) ? "noroot-locked " : "");
37 int secure_bits_from_string(const char *s
) {
43 _cleanup_free_
char *word
= NULL
;
45 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
51 if (streq(word
, "keep-caps"))
52 secure_bits
|= 1 << SECURE_KEEP_CAPS
;
53 else if (streq(word
, "keep-caps-locked"))
54 secure_bits
|= 1 << SECURE_KEEP_CAPS_LOCKED
;
55 else if (streq(word
, "no-setuid-fixup"))
56 secure_bits
|= 1 << SECURE_NO_SETUID_FIXUP
;
57 else if (streq(word
, "no-setuid-fixup-locked"))
58 secure_bits
|= 1 << SECURE_NO_SETUID_FIXUP_LOCKED
;
59 else if (streq(word
, "noroot"))
60 secure_bits
|= 1 << SECURE_NOROOT
;
61 else if (streq(word
, "noroot-locked"))
62 secure_bits
|= 1 << SECURE_NOROOT_LOCKED
;