mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-24 21:34:08 +03:00
condition, man: Add support for ConditionSecurity=smack
According to Documentation/security/Smack.txt: In keeping with the intent of Smack, configuration data is minimal and not strictly required. The most important configuration step is mounting the smackfs pseudo filesystem. This means that checking the mount point should be enough.
This commit is contained in:
parent
539e0a4d58
commit
b62ee5249d
@ -984,8 +984,9 @@
|
||||
may be used to check whether the given
|
||||
security module is enabled on the
|
||||
system. Currently the only recognized
|
||||
values are <varname>selinux</varname>
|
||||
and <varname>apparmor</varname>.
|
||||
values are <varname>selinux</varname>,
|
||||
<varname>apparmor</varname>, and
|
||||
<varname>smack</varname>.
|
||||
The test may be negated by prepending
|
||||
an exclamation
|
||||
mark.</para>
|
||||
|
@ -164,6 +164,8 @@ static bool test_security(const char *parameter) {
|
||||
#endif
|
||||
if (streq(parameter, "apparmor"))
|
||||
return access("/sys/kernel/security/apparmor/", F_OK) == 0;
|
||||
if (streq(parameter, "smack"))
|
||||
return access("/sys/fs/smackfs", F_OK) == 0;
|
||||
return false;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user