confile: complain when LXC is built without selinux support

author Christian Brauner <christian.brauner@ubuntu.com>

Fri, 2 Apr 2021 14:15:22 +0000 (16:15 +0200)

committer Christian Brauner <christian.brauner@ubuntu.com>

Tue, 6 Apr 2021 08:26:42 +0000 (10:26 +0200)
author Christian Brauner <christian.brauner@ubuntu.com>
Fri, 2 Apr 2021 14:15:22 +0000 (16:15 +0200)
committer Christian Brauner <christian.brauner@ubuntu.com>
Tue, 6 Apr 2021 08:26:42 +0000 (10:26 +0200)
diff --git a/src/lxc/confile.c b/src/lxc/confile.c

index 74cdcfe685da2c08aefde57eca3f65729e13ac45..34db4ec7b4f1fb53d4d1c820ee4ed7283e771bc8 100644 (file)
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -1481,13 +1481,21 @@ static int set_config_apparmor_raw(const char *key,
  static int set_config_selinux_context(const char *key, const char *value,
                                       struct lxc_conf *lxc_conf, void *data)
  {
+#if HAVE_SELINUX
         return set_config_string_item(&lxc_conf->lsm_se_context, value);
+#else
+       return syserror_set(-EINVAL, "Built without SELinux support");
+#endif
  }
  
  static int set_config_selinux_context_keyring(const char *key, const char *value,
                                               struct lxc_conf *lxc_conf, void *data)
  {
+#if HAVE_SELINUX
         return set_config_string_item(&lxc_conf->lsm_se_keyring_context, value);
+#else
+       return syserror_set(-EINVAL, "Built without SELinux support");
+#endif
  }
  
  static int set_config_keyring_session(const char *key, const char *value,
@@ -3444,13 +3452,21 @@ static int get_config_apparmor_raw(const char *key, char *retv,
  static int get_config_selinux_context(const char *key, char *retv, int inlen,
                                       struct lxc_conf *c, void *data)
  {
+#if HAVE_SELINUX
         return lxc_get_conf_str(retv, inlen, c->lsm_se_context);
+#else
+       return syserror_set(-EINVAL, "Built without SELinux support");
+#endif
  }
  
  static int get_config_selinux_context_keyring(const char *key, char *retv, int inlen,
                                               struct lxc_conf *c, void *data)
  {
+#if HAVE_SELINUX
         return lxc_get_conf_str(retv, inlen, c->lsm_se_keyring_context);
+#else
+       return syserror_set(-EINVAL, "Built without SELinux support");
+#endif
  }
  
  static int get_config_keyring_session(const char *key, char *retv, int inlen,
@@ -4324,15 +4340,23 @@ static inline int clr_config_apparmor_raw(const char *key,
  static inline int clr_config_selinux_context(const char *key,
                                              struct lxc_conf *c, void *data)
  {
+#if HAVE_SELINUX
         free_disarm(c->lsm_se_context);
         return 0;
+#else
+       return syserror_set(-EINVAL, "Built without SELinux support");
+#endif
  }
  
  static inline int clr_config_selinux_context_keyring(const char *key,
                                                      struct lxc_conf *c, void *data)
  {
+#if HAVE_SELINUX
         free_disarm(c->lsm_se_keyring_context);
         return 0;
+#else
+       return syserror_set(-EINVAL, "Built without SELinux support");
+#endif
  }
  
  static inline int clr_config_keyring_session(const char *key,
author	Christian Brauner <christian.brauner@ubuntu.com>
	Fri, 2 Apr 2021 14:15:22 +0000 (16:15 +0200)
committer	Christian Brauner <christian.brauner@ubuntu.com>
	Tue, 6 Apr 2021 08:26:42 +0000 (10:26 +0200)