summaryrefslogtreecommitdiffstats
path: root/src/core/selinux-setup.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* selinux: let's fully (and statically) initialize log callback union (#8512)Lennart Poettering2018-03-211-2/+4
| | | | We can make this const and static, and initialize this ahead of time and fully, hence let's do that.
* Add SPDX license identifiers to source files under the LGPLZbigniew Jędrzejewski-Szmek2017-11-191-0/+1
| | | | | This follows what the kernel is doing, c.f. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5fd54ace4721fc5ce2bb5aef6318fcf17f421460.
* build-sys: use #if Y instead of #ifdef Y everywhereZbigniew Jędrzejewski-Szmek2017-10-041-3/+3
| | | | | | | | | | | | | | | The advantage is that is the name is mispellt, cpp will warn us. $ git grep -Ee "conf.set\('(HAVE|ENABLE)_" -l|xargs sed -r -i "s/conf.set\('(HAVE|ENABLE)_/conf.set10('\1_/" $ git grep -Ee '#ifn?def (HAVE|ENABLE)' -l|xargs sed -r -i 's/#ifdef (HAVE|ENABLE)/#if \1/; s/#ifndef (HAVE|ENABLE)/#if ! \1/;' $ git grep -Ee 'if.*defined\(HAVE' -l|xargs sed -i -r 's/defined\((HAVE_[A-Z0-9_]*)\)/\1/g' $ git grep -Ee 'if.*defined\(ENABLE' -l|xargs sed -i -r 's/defined\((ENABLE_[A-Z0-9_]*)\)/\1/g' + manual changes to meson.build squash! build-sys: use #if Y instead of #ifdef Y everywhere v2: - fix incorrect setting of HAVE_LIBIDN2
* tree-wide: get rid of selinux_context_t (#3732)Zbigniew Jędrzejewski-Szmek2016-07-151-1/+1
| | | | | | https://github.com/SELinuxProject/selinux/commit/9eb9c9327563014ad6a807814e7975424642d5b9 deprecated selinux_context_t. Replace with a simple char* everywhere. Alternative fix for #3719.
* selinux: use *_raw API from libselinuxEvgeny Vereshchagin2016-03-041-1/+1
| | | | This is a follow-up to 5c5433ad32
* tree-wide: remove Emacs lines from all filesDaniel Mack2016-02-101-2/+0
| | | | | This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.
* tree-wide: sort includesThomas Hindoe Paaboel Andersen2015-11-161-1/+1
| | | | Sort the includes accoding to the new coding style.
* util-lib: split our string related calls from util.[ch] into its own file ↵Lennart Poettering2015-10-241-5/+6
| | | | | | | | | | | | | | string-util.[ch] There are more than enough calls doing string manipulations to deserve its own files, hence do something about it. This patch also sorts the #include blocks of all files that needed to be updated, according to the sorting suggestions from CODING_STYLE. Since pretty much every file needs our string manipulation functions this effectively means that most files have sorted #include blocks now. Also touches a few unrelated include files.
* selinux: add _cleanup_ concepts to SELinux label allocationLennart Poettering2015-09-291-4/+2
|
* core: add attribute printf to null_log()Cristian Rodríguez2015-08-311-0/+1
|
* remove unused includesThomas Hindoe Paaboel Andersen2015-02-231-4/+0
| | | | | | This patch removes includes that are not used. The removals were found with include-what-you-use which checks if any of the symbols from a header is in use.
* manager: print fatal errors on the console tooZbigniew Jędrzejewski-Szmek2014-11-261-1/+1
| | | | | | When booting in quiet mode, fatal messages would not be shown at all to the user. https://bugzilla.redhat.com/show_bug.cgi?id=1155468
* manager: log some fatal errors at emergency levelZbigniew Jędrzejewski-Szmek2014-11-261-1/+1
| | | | | | This adds a new log_emergency() function, which is equivalent to log_error() for non-PID-1, and logs at the highest priority for PID 1. Some messages which occur before freezing are converted to use it.
* mac: add mac_ prefix to distinguish origin security apisWaLyong Cho2014-10-281-1/+1
|
* mac: also rename use_{smack,selinux,apparmor}() calls so that they share the ↵Lennart Poettering2014-10-231-1/+1
| | | | new mac_{smack,selinux,apparmor}_xyz() convention
* mac: rename apis with mac_{selinux/smack}_ prefixWaLyong Cho2014-10-231-2/+2
|
* core: let selinux_setup() load policy more than onceWill Woods2014-05-161-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When you switch-root into a new root that has SELinux policy, you're supposed to to run selinux_init_load_policy() to set up SELinux and load policy. Normally this gets handled by selinux_setup(). But if SELinux was already initialized, selinux_setup() skips loading policy and returns 0. So if you load policy normally, and then you switch-root to a new root that has new policy, selinux_setup() never loads the new policy. What gives? As far as I can tell, this check is an artifact of how selinux_setup() worked when it was first written (see commit c4dcdb9 / systemd v12): * when systemd starts, run selinux_setup() * if selinux_setup() loads policy OK, restart systemd So the "if policy already loaded, skip load and return 0" check was there to prevent an infinite re-exec loop. Modern systemd only calls selinux_setup() on initial load and after switch-root, and selinux_setup() no longer restarts systemd, so we don't need that check to guard against the infinite loop anymore. So: this patch removes the "return 0", thus allowing selinux_setup() to actually perform SELinux setup after switch-root. We still want to check to see if SELinux is initialized, because if selinux_init_load_policy() fails *but* SELinux is initialized that means we still have (old) policy active. So we don't need to halt if enforce=1.
* core: reindent {selinux, ima, smack}-setup.cWill Woods2014-04-261-76/+76
| | | | | 7-space indentation is just too weird to leave alone. Make it 8 spaces, as per CODING_STYLE. No other changes.
* selinux: Don't attempt to load policy in initramfs if it doesn't existColin Walters2014-02-211-0/+7
| | | | | | | | | | | | | | | Currently on at least Fedora, SELinux policy does not come in the initramfs. systemd will attempt to load *both* in the initramfs and in the real root. Now, the selinux_init_load_policy() API has a regular error return value, as well as an "enforcing" boolean. To determine enforcing state, it looks for /etc/selinux/config as well as the presence of "enforcing=" on the kernel command line. Ordinarily, neither of those exist in the initramfs, so it will return "unknown" for enforcing, and systemd will simply ignore the failure to load policy.
* util: make time formatting a bit smarterLennart Poettering2013-04-041-1/+1
| | | | | | | | | | | Instead of outputting "5h 55s 50ms 3us" we'll now output "5h 55.050003s". Also, while outputting the accuracy is configurable. Basically we now try use "dot notation" for all time values > 1min. For >= 1s we use 's' as unit, otherwise for >= 1ms we use 'ms' as unit, and finally 'us'. This should give reasonably values in most cases.
* core: move mount_setup_early() to main.cNathaniel Chen2013-03-071-3/+0
| | | | | move mount_setup_early() call to main.c, before security module setup, so there are no more repeat calls.
* selinux: rework selinux access check logicLennart Poettering2012-10-021-2/+3
| | | | | | | | | | | | | | a) Instead of parsing the bus messages inside of selinux-access.c simply pass everything pre-parsed in the functions b) implement the access checking with a macro that resolves to nothing on non-selinux builds c) split out the selinux checks into their own sources selinux-util.[ch] d) this unifies the job creation code behind the D-Bus calls Manager.StartUnit() and Unit.Start().
* selinux: close stdin/stdout/stderr before loading selinux policyLennart Poettering2012-09-101-1/+0
| | | | Let's make sure libselinux doesn't spew to stderr
* selinux: avoid inclusion of null_log without selinuxDave Reisner2012-07-281-0/+2
| | | | | | Avoids a compile time warning: warning: 'null_log' defined but not used [-Wunused-function]
* selinux: turn of libselinux' internal loggingLennart Poettering2012-07-101-0/+9
|
* relicense to LGPLv2.1 (with exceptions)Lennart Poettering2012-04-121-4/+4
| | | | | | | | | | | | | | We finally got the OK from all contributors with non-trivial commits to relicense systemd from GPL2+ to LGPL2.1+. Some udev bits continue to be GPL2+ for now, but we are looking into relicensing them too, to allow free copy/paste of all code within systemd. The bits that used to be MIT continue to be MIT. The big benefit of the relicensing is that closed source code may now link against libsystemd-login.so and friends.
* move libsystemd_core.la sources into core/Kay Sievers2012-04-111-0/+112