return r;
}
+int mac_smack_copy(const char *dest, const char *src) {
+ int r = 0;
+ _cleanup_free_ char *label = NULL;
+
+ assert(dest);
+ assert(src);
+
+ r = mac_smack_read(src, SMACK_ATTR_ACCESS, &label);
+ if (r < 0)
+ return r;
+
+ r = mac_smack_apply(dest, SMACK_ATTR_ACCESS, label);
+ if (r < 0)
+ return r;
+
+ return r;
+}
#else
bool mac_smack_use(void) {
int mac_smack_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
return 0;
}
+
+int mac_smack_copy(const char *dest, const char *src) {
+ return 0;
+}
#endif
int mac_smack_read_fd(int fd, SmackAttr attr, char **label);
int mac_smack_apply(const char *path, SmackAttr attr, const char *label);
int mac_smack_apply_fd(int fd, SmackAttr attr, const char *label);
-
int mac_smack_apply_pid(pid_t pid, const char *label);
+int mac_smack_copy(const char *dest, const char *src);
if (r >= 0 && nulstr_contains(ok, p))
return;
- log_warning("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
- "This is not supported anymore. "
- "Please make sure to replace this file by a symlink to avoid incorrect or misleading mount(8) output.");
+ log_error("/etc/mtab is not a symlink or not pointing to /proc/self/mounts. "
+ "This is not supported anymore. "
+ "Please make sure to replace this file by a symlink to avoid incorrect or misleading mount(8) output.");
+ freeze();
}
static void test_usr(void) {
r = symlink(options, t);
if (r < 0 && errno != EEXIST)
return log_error_errno(errno, "Failed to create symlink %s: %m", t);
+#ifdef SMACK_RUN_LABEL
+ r = mac_smack_copy(t, options);
+ if (r < 0 && r != -EOPNOTSUPP)
+ return log_error_errno(r, "Failed to copy smack label from %s to %s: %m", options, t);
+#endif
}
}
}
if (b->exec_path)
r = bus_socket_exec(b);
-
else if ((b->nspid > 0 || b->machine) && b->kernel) {
r = bus_container_connect_kernel(b);
if (r < 0 && !IN_SET(r, -ENOENT, -ESOCKTNOSUPPORT))
r = bus_socket_connect(b);
else
skipped = true;
-
} else
skipped = true;
have_pid = pid != 0 && pid != getpid();
if (n_fds > 0 || have_pid) {
- msghdr.msg_controllen = CMSG_SPACE(sizeof(int) * n_fds) +
- CMSG_SPACE(sizeof(struct ucred) * have_pid);
+ /* CMSG_SPACE(0) may return value different then zero, which results in miscalculated controllen. */
+ msghdr.msg_controllen = (n_fds ? CMSG_SPACE(sizeof(int) * n_fds) : 0) +
+ CMSG_SPACE(sizeof(struct ucred)) * have_pid;
msghdr.msg_control = alloca(msghdr.msg_controllen);
cmsg = CMSG_FIRSTHDR(&msghdr);