static int socket_address_listen_do(
Socket *s,
const SocketAddress *address,
- const char *label) {
+ const char *selinux_label) {
assert(s);
assert(address);
s->transparent,
s->directory_mode,
s->socket_mode,
- label);
+ selinux_label,
+ s->smack);
}
#define log_address_error_errno(u, address, error, fmt) \
#include "mkdir-label.h"
#include "parse-util.h"
#include "selinux-util.h"
+#include "smack-util.h"
#include "socket-label.h"
#include "socket-util.h"
#include "string-table.h"
bool transparent,
mode_t directory_mode,
mode_t socket_mode,
- const char *selinux_label) {
+ const char *selinux_label,
+ const char *smack_label) {
_cleanup_close_ int fd = -EBADF;
const char *p;
if (fd < 0)
return fd;
+ if (smack_label) {
+ r = mac_smack_apply_fd(fd, SMACK_ATTR_ACCESS, smack_label);
+ if (r < 0)
+ log_warning_errno(r, "Failed to apply SMACK label for socket FD, ignoring: %m");
+ }
+
if (socket_address_family(a) == AF_INET6 && only != SOCKET_ADDRESS_DEFAULT) {
r = setsockopt_int(fd, IPPROTO_IPV6, IPV6_V6ONLY, only == SOCKET_ADDRESS_IPV6_ONLY);
if (r < 0)
if (r < 0)
return r;
}
+ if (smack_label) {
+ r = mac_smack_apply(p, SMACK_ATTR_ACCESS, smack_label);
+ if (r < 0)
+ log_warning_errno(r, "Failed to apply SMACK label for socket path, ignoring: %m");
+ }
} else {
if (bind(fd, &a->sockaddr.sa, a->size) < 0)
return -errno;
bool transparent,
mode_t directory_mode,
mode_t socket_mode,
- const char *selinux_label);
+ const char *selinux_label,
+ const char *smack_label);
a.type = type;
- fd = socket_address_listen(&a, type | flags, SOMAXCONN_DELUXE, SOCKET_ADDRESS_DEFAULT,
- NULL, false, false, false, 0755, 0644, NULL);
+ fd = socket_address_listen(
+ &a,
+ type | flags,
+ SOMAXCONN_DELUXE, SOCKET_ADDRESS_DEFAULT,
+ /* bind_to_device= */ NULL,
+ /* reuse_port= */ false,
+ /* free_bind= */ false,
+ /* transparent= */ false,
+ 0755,
+ 0644,
+ /* selinux_label= */ NULL,
+ /* smack_label= */ NULL);
if (fd < 0 || log_get_max_level() >= log_level) {
_cleanup_free_ char *p = NULL;
projects / thirdparty / systemd.git / commitdiff
