diff options
author | Lennart Poettering <lennart@poettering.net> | 2012-10-02 23:07:00 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2012-10-02 23:07:00 +0200 |
commit | cad45ba11ec3572296361f53f5852ffb97a97fa3 (patch) | |
tree | 42c8e2f855d26efb8819b535dc6e86846de811a9 /src/core/dbus-target.c | |
parent | TODO (diff) | |
download | systemd-cad45ba11ec3572296361f53f5852ffb97a97fa3.tar.xz systemd-cad45ba11ec3572296361f53f5852ffb97a97fa3.zip |
selinux: rework selinux access check logic
a) Instead of parsing the bus messages inside of selinux-access.c
simply pass everything pre-parsed in the functions
b) implement the access checking with a macro that resolves to nothing
on non-selinux builds
c) split out the selinux checks into their own sources
selinux-util.[ch]
d) this unifies the job creation code behind the D-Bus calls
Manager.StartUnit() and Unit.Start().
Diffstat (limited to 'src/core/dbus-target.c')
-rw-r--r-- | src/core/dbus-target.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/core/dbus-target.c b/src/core/dbus-target.c index 67ffff870f..6a775506cc 100644 --- a/src/core/dbus-target.c +++ b/src/core/dbus-target.c @@ -24,6 +24,7 @@ #include "dbus-unit.h" #include "dbus-target.h" #include "dbus-common.h" +#include "selinux-access.h" #define BUS_TARGET_INTERFACE \ " <interface name=\"org.freedesktop.systemd1.Target\">\n" \ @@ -51,5 +52,7 @@ DBusHandlerResult bus_target_message_handler(Unit *u, DBusConnection *c, DBusMes { NULL, } }; + SELINUX_UNIT_ACCESS_CHECK(u, c, message, "status"); + return bus_default_message_handler(c, message, INTROSPECTION, INTERFACES_LIST, bps); } |