Consolidate all smack routines and checks in a module.
We replace and wrap the most commonly used smack routines,
which allows removing ifdefs throughout the code.
* gl/lib/smack.h: A new header containing the implementation
of the wrapped and replacement routines. Note the is_smack_enabled()
routine should be optimized out at compile time when compiled
on a system without libsmack.
* gl/modules/smack: Describe the new module and move the
configure time code here from ...
* m4/jm-macros.m4: ... here.
* bootstrap.conf: Reference the new module.
* src/id.c: Use the routines without ifdefs where possible.
* src/ls.c: Likewise.
* src/mkdir.c: Likewise.
* src/mkfifo.c: Likewise.
* src/mknod.c: Likewise.
settime
sig2str
sigaction
+ smack
ssize_t
statat
stat-macros
--- /dev/null
+/* Include and determine availability of smack routines
+ Copyright (C) 2013 Free Software Foundation, Inc.
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>. */
+
+/* Here we replace or wrap the most common smack functions used by coreutils.
+ Others will need to be protected by HAVE_SMACK. */
+
+#include <config.h>
+
+#ifdef HAVE_SMACK
+# include <sys/smack.h>
+#else
+static inline ssize_t
+smack_new_label_from_self (char **label)
+{
+ return -1;
+}
+
+static inline int
+smack_set_label_for_self (const char *label)
+{
+ return -1;
+}
+#endif
+
+static inline bool
+is_smack_enabled (void)
+{
+#ifdef HAVE_SMACK
+ return smack_smackfs_path () != NULL;
+#else
+ return false;
+#endif
+}
--- /dev/null
+Description:
+Include and determine the availability of smack routines
+
+Files:
+lib/smack.h
+
+Depends-on:
+
+configure.ac:
+# Check whether libsmack is available
+LIB_SMACK=
+AC_ARG_ENABLE([libsmack],
+ AC_HELP_STRING([--disable-libsmack], [disable libsmack support]))
+if test "X$enable_libsmack" != "Xno"; then
+ AC_CHECK_LIB([smack], [smack_new_label_from_self],
+ [AC_CHECK_LIB([smack], [smack_new_label_from_path],
+ [AC_CHECK_HEADER([sys/smack.h],
+ [LIB_SMACK=-lsmack
+ AC_DEFINE([HAVE_SMACK], [1], [libsmack usability])]
+ )])])
+ if test "X$LIB_SMACK" = "X"; then
+ if test "X$enable_libsmack" = "Xyes"; then
+ AC_MSG_ERROR([libsmack library was not found or not usable])
+ fi
+ fi
+else
+ AC_MSG_WARN([libsmack support disabled by user])
+fi
+AC_SUBST([LIB_SMACK])
+
+
+Makefile.am:
+lib_SOURCES += smack.h
+
+Include:
+"smack.h"
+
+License:
+LGPL
+
+Maintainer:
+Pádraig Brady
fi
AC_SUBST([LIB_CAP])
- # Check whether libsmack is available
- LIB_SMACK=
- AC_ARG_ENABLE([libsmack],
- AC_HELP_STRING([--disable-libsmack], [disable libsmack support]))
- if test "X$enable_libsmack" != "Xno"; then
- AC_CHECK_LIB([smack], [smack_new_label_from_self],
- [AC_CHECK_LIB([smack], [smack_new_label_from_path],
- [AC_CHECK_HEADER([sys/smack.h],
- [LIB_SMACK=-lsmack
- AC_DEFINE([HAVE_SMACK], [1], [libsmack usability])]
- )])])
- if test "X$LIB_SMACK" = "X"; then
- if test "X$enable_libsmack" = "Xyes"; then
- AC_MSG_ERROR([libsmack library was not found or not usable])
- fi
- fi
- else
- AC_MSG_WARN([libsmack support disabled by user])
- fi
- AC_SUBST([LIB_SMACK])
-
# See if linking 'seq' requires -lm.
# It does on nearly every system. The single exception (so far) is
# BeOS which has all the math functions in the normal runtime library
#include <grp.h>
#include <getopt.h>
#include <selinux/selinux.h>
-#ifdef HAVE_SMACK
-# include <sys/smack.h>
-#endif
#include "system.h"
#include "error.h"
#include "mgetgroups.h"
#include "quote.h"
#include "group-list.h"
+#include "smack.h"
/* The official name of this program (e.g., no 'g' prefix). */
#define PROGRAM_NAME "id"
{
int optc;
int selinux_enabled = (is_selinux_enabled () > 0);
-#ifdef HAVE_SMACK
- int smack_enabled = (smack_smackfs_path () != NULL);
-#endif
+ bool smack_enabled = is_smack_enabled ();
/* If true, output the list of all group IDs. -G */
bool just_group_list = false;
|| (default_format && ! getenv ("POSIXLY_CORRECT"))))
{
/* Report failure only if --context (-Z) was explicitly requested. */
- if (selinux_enabled && getcon (&context) && just_context)
+ if ((selinux_enabled && getcon (&context) && just_context)
+ || (smack_enabled
+ && smack_new_label_from_self ((char **) &context) < 0
+ && just_context))
error (EXIT_FAILURE, 0, _("can't get process context"));
-#ifdef HAVE_SMACK
- else if (smack_enabled
- && smack_new_label_from_self ((char **) &context) < 0
- && just_context)
- error (EXIT_FAILURE, 0, _("can't get process context"));
-#endif
}
if (n_ids == 1)
#include "obstack.h"
#include "quote.h"
#include "quotearg.h"
+#include "smack.h"
#include "stat-size.h"
#include "stat-time.h"
#include "strftime.h"
# include <sys/capability.h>
#endif
-#ifdef HAVE_SMACK
-# include <sys/smack.h>
-#endif
-
#define PROGRAM_NAME (ls_mode == LS_LS ? "ls" \
: (ls_mode == LS_MULTI_COL \
? "dir" : "vdir"))
free (f->linkname);
if (f->scontext != UNKNOWN_SECURITY_CONTEXT)
{
-#ifdef HAVE_SMACK
- if (smack_smackfs_path ())
+ if (is_smack_enabled ())
free (f->scontext);
else
-#endif
freecon (f->scontext);
}
}
}
int r = 0;
#ifdef HAVE_SMACK
- if (smack_smackfs_path ())
+ if (is_smack_enabled ())
r = smack_new_label_from_path (file, "security.SMACK64", deref,
&f->scontext);
else
if (err == 0)
{
-#ifdef HAVE_SMACK
- if (smack_smackfs_path ())
+ if (is_smack_enabled ())
have_scontext = ! STREQ ("_", f->scontext);
else
-#endif
have_scontext = ! STREQ ("unlabeled", f->scontext);
}
else
#include <sys/types.h>
#include <selinux/selinux.h>
-#ifdef HAVE_SMACK
-# include <sys/smack.h>
-#endif
-
#include "system.h"
#include "error.h"
#include "mkdir-p.h"
#include "prog-fprintf.h"
#include "quote.h"
#include "savewd.h"
+#include "smack.h"
/* The official name of this program (e.g., no 'g' prefix). */
#define PROGRAM_NAME "mkdir"
if (scontext)
{
-#ifdef HAVE_SMACK
- if (smack_smackfs_path ())
+ if (is_smack_enabled ())
ret = smack_set_label_for_self (scontext);
else
-#endif
ret = setfscreatecon (scontext);
}
#include <sys/types.h>
#include <selinux/selinux.h>
-#ifdef HAVE_SMACK
-# include <sys/smack.h>
-#endif
-
#include "system.h"
#include "error.h"
#include "modechange.h"
#include "quote.h"
+#include "smack.h"
/* The official name of this program (e.g., no 'g' prefix). */
#define PROGRAM_NAME "mkfifo"
if (scontext)
{
-#ifdef HAVE_SMACK
- if (smack_smackfs_path ())
+ if (is_smack_enabled ())
ret = smack_set_label_for_self (scontext);
else
-#endif
ret = setfscreatecon (scontext);
}
#include <sys/types.h>
#include <selinux/selinux.h>
-#ifdef HAVE_SMACK
-# include <sys/smack.h>
-#endif
-
#include "system.h"
#include "error.h"
#include "modechange.h"
#include "quote.h"
+#include "smack.h"
#include "xstrtol.h"
/* The official name of this program (e.g., no 'g' prefix). */
if (scontext)
{
-#ifdef HAVE_SMACK
- if (smack_smackfs_path ())
+ if (is_smack_enabled ())
ret = smack_set_label_for_self (scontext);
else
-#endif
ret = setfscreatecon (scontext);
}
projects / platform / upstream / coreutils.git / commitdiff