diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml index 49103dad56..c56837a6e5 100644 --- a/man/systemd.unit.xml +++ b/man/systemd.unit.xml @@ -984,8 +984,9 @@ may be used to check whether the given security module is enabled on the system. Currently the only recognized - values are selinux - and apparmor. + values are selinux, + apparmor, and + smack. The test may be negated by prepending an exclamation mark. diff --git a/src/core/condition.c b/src/core/condition.c index 4aa5530c36..16cae6d23b 100644 --- a/src/core/condition.c +++ b/src/core/condition.c @@ -164,6 +164,8 @@ static bool test_security(const char *parameter) { #endif if (streq(parameter, "apparmor")) return access("/sys/kernel/security/apparmor/", F_OK) == 0; + if (streq(parameter, "smack")) + return access("/sys/fs/smackfs", F_OK) == 0; return false; }