1 /* SPDX-License-Identifier: LGPL-2.1+ */
6 #include "alloc-util.h"
7 #include "extract-word.h"
8 #include "securebits.h"
9 #include "securebits-util.h"
10 #include "string-util.h"
12 int secure_bits_to_string_alloc(int i
, char **s
) {
13 _cleanup_free_
char *str
= NULL
;
19 r
= asprintf(&str
, "%s%s%s%s%s%s",
20 (i
& (1 << SECURE_KEEP_CAPS
)) ? "keep-caps " : "",
21 (i
& (1 << SECURE_KEEP_CAPS_LOCKED
)) ? "keep-caps-locked " : "",
22 (i
& (1 << SECURE_NO_SETUID_FIXUP
)) ? "no-setuid-fixup " : "",
23 (i
& (1 << SECURE_NO_SETUID_FIXUP_LOCKED
)) ? "no-setuid-fixup-locked " : "",
24 (i
& (1 << SECURE_NOROOT
)) ? "noroot " : "",
25 (i
& (1 << SECURE_NOROOT_LOCKED
)) ? "noroot-locked " : "");
38 int secure_bits_from_string(const char *s
) {
44 _cleanup_free_
char *word
= NULL
;
46 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
52 if (streq(word
, "keep-caps"))
53 secure_bits
|= 1 << SECURE_KEEP_CAPS
;
54 else if (streq(word
, "keep-caps-locked"))
55 secure_bits
|= 1 << SECURE_KEEP_CAPS_LOCKED
;
56 else if (streq(word
, "no-setuid-fixup"))
57 secure_bits
|= 1 << SECURE_NO_SETUID_FIXUP
;
58 else if (streq(word
, "no-setuid-fixup-locked"))
59 secure_bits
|= 1 << SECURE_NO_SETUID_FIXUP_LOCKED
;
60 else if (streq(word
, "noroot"))
61 secure_bits
|= 1 << SECURE_NOROOT
;
62 else if (streq(word
, "noroot-locked"))
63 secure_bits
|= 1 << SECURE_NOROOT_LOCKED
;