1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-24 21:34:08 +03:00

condition, man: Add support for ConditionSecurity=smack

According to Documentation/security/Smack.txt:
  In keeping with the intent of Smack, configuration data is minimal
  and not strictly required. The most important configuration step is
  mounting the smackfs pseudo filesystem.
This means that checking the mount point should be enough.
This commit is contained in:
Karol Lewandowski 2013-05-07 13:21:46 +02:00 committed by Zbigniew Jędrzejewski-Szmek
parent 539e0a4d58
commit b62ee5249d
2 changed files with 5 additions and 2 deletions

View File

@ -984,8 +984,9 @@
may be used to check whether the given
security module is enabled on the
system. Currently the only recognized
values are <varname>selinux</varname>
and <varname>apparmor</varname>.
values are <varname>selinux</varname>,
<varname>apparmor</varname>, and
<varname>smack</varname>.
The test may be negated by prepending
an exclamation
mark.</para>

View File

@ -164,6 +164,8 @@ static bool test_security(const char *parameter) {
#endif
if (streq(parameter, "apparmor"))
return access("/sys/kernel/security/apparmor/", F_OK) == 0;
if (streq(parameter, "smack"))
return access("/sys/fs/smackfs", F_OK) == 0;
return false;
}