#endif
}
+int mac_selinux_get_peer_label(int socket_fd, char **ret_label) {
+ assert(socket_fd >= 0);
+ assert(ret_label);
+
+#if HAVE_SELINUX
+ int r;
+
+ r = selinux_init(/* force= */ false);
+ if (r < 0)
+ return r;
+ if (r == 0)
+ return -EOPNOTSUPP;
+
+ _cleanup_freecon_ char *con = NULL;
+ if (getpeercon_raw(socket_fd, &con) < 0)
+ return -errno;
+ if (!con)
+ return -EOPNOTSUPP;
+
+ *ret_label = TAKE_PTR(con);
+ return 0;
+#else
+ return -EOPNOTSUPP;
+#endif
+}
+
int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *exec_label, char **ret_label) {
#if HAVE_SELINUX
_cleanup_freecon_ char *mycon = NULL, *peercon = NULL, *fcon = NULL;
int mac_selinux_get_create_label_from_exe(const char *exe, char **ret_label);
int mac_selinux_get_our_label(char **ret_label);
+int mac_selinux_get_peer_label(int socket_fd, char **ret_label);
int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *exec_label, char **ret_label);
int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode);
}
static void test_misc(const char* fname) {
- _cleanup_freecon_ char *label = NULL, *label2 = NULL, *label3 = NULL;
+ _cleanup_freecon_ char *label = NULL, *label2 = NULL, *label3 = NULL, *label4 = NULL;
int r;
_cleanup_close_ int fd = -EBADF;
r = mac_selinux_get_child_mls_label(fd, fname, label2, &label3);
log_info_errno(r, "mac_selinux_get_child_mls_label → %d, \"%s\" (%m)",
r, strnull(label3));
+
+ r = mac_selinux_get_peer_label(fd, &label4);
+ log_info_errno(r, "mac_selinux_get_peer_label → %d, \"%s\" (%m)",
+ r, strnull(label4));
}
static void test_create_file_prepare(const char* fname) {
projects / thirdparty / systemd.git / commitdiff
