units: add 'smackfsroot=*' option into tmp.mount when SMACK is enabled

If SMACK is enabled, 'smackfsroot=*' option should be specified in
tmp.mount file since many non-root processes use /tmp for temporary
usage. If not, /tmp is labeled as '_' and smack denial occurs when
writing.

origin: https://github.com/systemd/systemd/commit/409c2a13fd65692c6

Change-Id: I11df1ad555f376eaf0588d35e91789c9e2b07f8d
Signed-off-by: Sangjung Woo <sangjung.woo@samsung.com>

diff --git a/units/tmp.mount.m4 b/units/tmp.mount.m4
index 0baecfd..368dbd9 100644 (file)
--- a/units/tmp.mount.m4
+++ b/units/tmp.mount.m4
@@ -19,4 +19,6 @@ After=swap.target
 What=tmpfs
 Where=/tmp
 Type=tmpfs
-Options=mode=1777,strictatime,nosuid,nodev
+m4_ifdef(`HAVE_SMACK',
+`Options=mode=1777,strictatime,smackfsroot=*',
+`Options=mode=1777,strictatime')