All of the listed functions are available in libselinux version 2.2.
Our supported OSes start with version 2.5 so there is no need to check
it.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
AC_MSG_ERROR([You must install the libselinux development package and enable SELinux with the --with-selinux=yes in order to compile libvirt --with-secdriver-selinux=yes])
fi
elif test "$with_secdriver_selinux" != "no"; then
- old_CFLAGS="$CFLAGS"
- old_LIBS="$LIBS"
- CFLAGS="$CFLAGS $SELINUX_CFLAGS"
- LIBS="$CFLAGS $SELINUX_LIBS"
-
- fail=0
- AC_CHECK_FUNC([selinux_virtual_domain_context_path], [], [fail=1])
- AC_CHECK_FUNC([selinux_virtual_image_context_path], [], [fail=1])
- AC_CHECK_FUNCS([selinux_lxc_contexts_path])
- CFLAGS="$old_CFLAGS"
- LIBS="$old_LIBS"
-
- if test "$fail" = "1" ; then
- if test "$with_secdriver_selinux" = "check" ; then
- with_secdriver_selinux=no
- else
- AC_MSG_ERROR([You must install libselinux development package >= 2.0.82 in order to compile libvirt --with-secdriver-selinux=yes])
- fi
- else
- with_secdriver_selinux=yes
- AC_DEFINE_UNQUOTED([WITH_SECDRIVER_SELINUX], 1, [whether SELinux security driver is available])
- fi
+ with_secdriver_selinux=yes
+ AC_DEFINE_UNQUOTED([WITH_SECDRIVER_SELINUX], 1, [whether SELinux security driver is available])
fi
AM_CONDITIONAL([WITH_SECDRIVER_SELINUX], [test "$with_secdriver_selinux" != "no"])
])
}
-#ifdef HAVE_SELINUX_LXC_CONTEXTS_PATH
static int
virSecuritySELinuxLXCInitialize(virSecurityManagerPtr mgr)
{
virHashFree(data->mcs);
return -1;
}
-#else
-static int
-virSecuritySELinuxLXCInitialize(virSecurityManagerPtr mgr G_GNUC_UNUSED)
-{
- virReportSystemError(ENOSYS, "%s",
- _("libselinux does not support LXC contexts path"));
- return -1;
-}
-#endif
static int
if (is_selinux_enabled() <= 0)
return SECURITY_DRIVER_DISABLE;
- if (virtDriver && STREQ(virtDriver, "LXC")) {
-#if HAVE_SELINUX_LXC_CONTEXTS_PATH
- if (!virFileExists(selinux_lxc_contexts_path()))
-#endif
- return SECURITY_DRIVER_DISABLE;
+ if (virtDriver && STREQ(virtDriver, "LXC") &&
+ !virFileExists(selinux_lxc_contexts_path())) {
+ return SECURITY_DRIVER_DISABLE;
}
return SECURITY_DRIVER_ENABLE;
static const char *(*real_selinux_virtual_domain_context_path)(void);
static const char *(*real_selinux_virtual_image_context_path)(void);
-#ifdef HAVE_SELINUX_LXC_CONTEXTS_PATH
static const char *(*real_selinux_lxc_contexts_path)(void);
-#endif
static struct selabel_handle *(*real_selabel_open)(unsigned int backend,
const struct selinux_opt *opts,
VIR_MOCK_REAL_INIT(selinux_virtual_domain_context_path);
VIR_MOCK_REAL_INIT(selinux_virtual_image_context_path);
-#ifdef HAVE_SELINUX_LXC_CONTEXTS_PATH
VIR_MOCK_REAL_INIT(selinux_lxc_contexts_path);
-#endif
VIR_MOCK_REAL_INIT(selabel_open);
VIR_MOCK_REAL_INIT(selabel_close);
return abs_srcdir "/securityselinuxhelperdata/virtual_image_context";
}
-#ifdef HAVE_SELINUX_LXC_CONTEXTS_PATH
const char *selinux_lxc_contexts_path(void)
{
init_syms();
return abs_srcdir "/securityselinuxhelperdata/lxc_contexts";
}
-#endif
struct selabel_handle *
selabel_open(unsigned int backend,
projects / thirdparty / libvirt.git / commitdiff
