1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-06 17:18:12 +03:00

basic: add mknodat_label()

Add helper for mknodat(2) which creates the destination with the correct
security label.
This commit is contained in:
Christian Göttsche 2024-04-27 21:22:02 +02:00
parent aab7bb5968
commit 22b768d127
2 changed files with 10 additions and 5 deletions

View File

@ -81,22 +81,23 @@ int symlink_atomic_full_label(const char *from, const char *to, bool make_relati
return mac_smack_fix(to, 0);
}
int mknod_label(const char *pathname, mode_t mode, dev_t dev) {
int mknodat_label(int dirfd, const char *pathname, mode_t mode, dev_t dev) {
int r;
assert(dirfd >= 0 || dirfd == AT_FDCWD);
assert(pathname);
r = mac_selinux_create_file_prepare(pathname, mode);
r = mac_selinux_create_file_prepare_at(dirfd, pathname, mode);
if (r < 0)
return r;
r = RET_NERRNO(mknod(pathname, mode, dev));
r = RET_NERRNO(mknodat(dirfd, pathname, mode, dev));
mac_selinux_create_file_clear();
if (r < 0)
return r;
return mac_smack_fix(pathname, 0);
return mac_smack_fix_full(dirfd, pathname, NULL, 0);
}
int btrfs_subvol_make_label(const char *path) {

View File

@ -21,7 +21,11 @@ int symlink_atomic_full_label(const char *from, const char *to, bool make_relati
static inline int symlink_atomic_label(const char *from, const char *to) {
return symlink_atomic_full_label(from, to, false);
}
int mknod_label(const char *pathname, mode_t mode, dev_t dev);
int mknodat_label(int dirfd, const char *pathname, mode_t mode, dev_t dev);
static inline int mknod_label(const char *pathname, mode_t mode, dev_t dev) {
return mknodat_label(AT_FDCWD, pathname, mode, dev);
}
int btrfs_subvol_make_label(const char *path);