From 7fa70a45c49542188e9ea31fce7e4d5850fd62b7 Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Tue, 26 Jul 2016 14:28:10 +0900 Subject: [PATCH] Declare smack label on socket ipc in/out Change-Id: I1e8b680b53516f92b21fa76cadcafb413be89792 Signed-off-by: Kyungwook Tak --- systemd/central-key-manager-api-control.socket | 2 ++ systemd/central-key-manager-api-encryption.socket | 2 ++ systemd/central-key-manager-api-ocsp.socket | 2 ++ systemd/central-key-manager-api-storage.socket | 2 ++ 4 files changed, 8 insertions(+) diff --git a/systemd/central-key-manager-api-control.socket b/systemd/central-key-manager-api-control.socket index 2a0cb83..c5719aa 100644 --- a/systemd/central-key-manager-api-control.socket +++ b/systemd/central-key-manager-api-control.socket @@ -1,6 +1,8 @@ [Socket] ListenStream=/tmp/.central-key-manager-api-control.sock SocketMode=0777 +SmackLabelIPIn=* +SmackLabelIPOut=@ Service=central-key-manager.service diff --git a/systemd/central-key-manager-api-encryption.socket b/systemd/central-key-manager-api-encryption.socket index 8517e75..bd8a47c 100644 --- a/systemd/central-key-manager-api-encryption.socket +++ b/systemd/central-key-manager-api-encryption.socket @@ -1,6 +1,8 @@ [Socket] ListenStream=/tmp/.central-key-manager-api-encryption.sock SocketMode=0777 +SmackLabelIPIn=* +SmackLabelIPOut=@ Service=central-key-manager.service diff --git a/systemd/central-key-manager-api-ocsp.socket b/systemd/central-key-manager-api-ocsp.socket index 35521cd..ee5307c 100644 --- a/systemd/central-key-manager-api-ocsp.socket +++ b/systemd/central-key-manager-api-ocsp.socket @@ -1,6 +1,8 @@ [Socket] ListenStream=/tmp/.central-key-manager-api-ocsp.sock SocketMode=0777 +SmackLabelIPIn=* +SmackLabelIPOut=@ Service=central-key-manager.service diff --git a/systemd/central-key-manager-api-storage.socket b/systemd/central-key-manager-api-storage.socket index c5f2a03..359923c 100644 --- a/systemd/central-key-manager-api-storage.socket +++ b/systemd/central-key-manager-api-storage.socket @@ -1,6 +1,8 @@ [Socket] ListenStream=/tmp/.central-key-manager-api-storage.sock SocketMode=0777 +SmackLabelIPIn=* +SmackLabelIPOut=@ Service=central-key-manager.service -- 2.7.4