smack_set_proc_smack()

diff --git a/src/smack.c b/src/smack.c
index 02c2000..2aa3a7f 100644 (file)
--- a/src/smack.c
+++ b/src/smack.c
@@ -36,6 +36,9 @@
 #define SMACK64 "security.SMACK64"
 #define SMACK64_LEN 23
 
+#define SMACK_PROC_PATH "/proc/%d/attr/current"
+#define LINE_BUFFER_SIZE 255
+
 struct smack_object {
        char object[SMACK64_LEN + 1];
        unsigned ac;
@@ -229,7 +232,7 @@ int smack_have_access_rule(smack_ruleset_t handle, const char *subject,
        return ((o->ac & ac) == ac);
 }
 
-int smack_set_smack(const char *path, const char *smack)
+int smack_set_file_smack(const char *path, const char *smack)
 {
        size_t size;
        int ret;
@@ -243,7 +246,7 @@ int smack_set_smack(const char *path, const char *smack)
        return ret;
 }
 
-int smack_get_smack(const char *path, char **smack)
+int smack_get_file_smack(const char *path, char **smack)
 {
        ssize_t ret;
        char *buf;
@@ -264,6 +267,28 @@ int smack_get_smack(const char *path, char **smack)
        return 0;
 }
 
+int smack_get_proc_smack(int pid, char **smack)
+{
+       char buf[LINE_BUFFER_SIZE];
+       FILE *file;
+
+       snprintf(buf, LINE_BUFFER_SIZE, SMACK_PROC_PATH, pid);
+
+       file = fopen(buf, "r");
+       if (file == NULL)
+               return -1;
+
+       if (fgets(buf, LINE_BUFFER_SIZE, file) == NULL) {
+               fclose(file);
+               return -1;
+       }
+
+       fclose(file);
+       *smack = strdup(buf);
+       return *smack != NULL ? 0 : - 1;
+}
+
+
 static int update_rule(struct smack_ruleset *handle,
                       const char *subject_str,
                       const char *object_str, unsigned ac)

diff --git a/src/smack.h b/src/smack.h
index c490607..39f96cc 100644 (file)
--- a/src/smack.h
+++ b/src/smack.h
@@ -142,7 +142,7 @@ extern int smack_have_access_rule(smack_ruleset_t handle, const char *subject,
  * @param smack new value
  * @return 0 on success
  */
-extern int smack_set_smack(const char *path, const char *smack);
+extern int smack_set_file_smack(const char *path, const char *smack);
 
 /*!
  * Get SMACK64 security attribute for a given path. Follows symbolic links.
@@ -152,7 +152,16 @@ extern int smack_set_smack(const char *path, const char *smack);
  * @param smack current value
  * @return 0 on success
  */
-extern int smack_get_smack(const char *path, char **smack);
+extern int smack_get_file_smack(const char *path, char **smack);
+
+/*!
+ * Get SMACK64 security attribute for a given pid.
+ *
+ * @param pid pid of a process
+ * @param smack current value
+ * @return 0 on success
+ */
+extern int smack_get_proc_smack(int pid, char **smack);
 
 #ifdef __cplusplus
 }

diff --git a/tests/check_smack.c b/tests/check_smack.c
index 3e117f8..9666d4e 100644 (file)
--- a/tests/check_smack.c
+++ b/tests/check_smack.c
@@ -166,7 +166,7 @@ START_TEST(test_have_access_removed_rule)
 }
 END_TEST
 
-START_TEST(test_set_smack)
+START_TEST(test_set_file_smack)
 {
        FILE *file;
        int rc;
@@ -176,10 +176,10 @@ START_TEST(test_set_smack)
        fprintf(file, "dummy\n");
        fclose(file);
 
-       rc = smack_set_smack("set_smack-dummy.txt", "Apple");
+       rc = smack_set_file_smack("set_smack-dummy.txt", "Apple");
        fail_unless(rc == 0, "Failed to set SMACK64");
 
-       rc = smack_get_smack("set_smack-dummy.txt", &smack);
+       rc = smack_get_file_smack("set_smack-dummy.txt", &smack);
        fail_unless(rc == 0, "Failed to get SMACK64");
 
        rc = strcmp(smack, "Apple");
@@ -210,7 +210,7 @@ Suite *ruleset_suite (void)
 
        /*
        tc_core = tcase_create("Security attributes");
-       tcase_add_test(tc_core, test_set_smack);
+       tcase_add_test(tc_core, test_set_file_smack);
        suite_add_tcase(s, tc_core);
        */