shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-10-28 20:25:38 +03:00
Code

Merge pull request #1664 from again4you/devel/tmp-smack_#5

Browse Source 
mount: add new SmackFileSystemRoot= setting for mount unit (v4)
This commit is contained in:
Lennart Poettering 2015-10-24 14:58:51 +02:00
commit 7f66eb931d
7 changed files with 52 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Makefile.am
View File

@ -616,7 +616,8 @@ EXTRA_DIST += \
units/initrd-udevadm-cleanup-db.service.in \
units/initrd-switch-root.service.in \
units/systemd-nspawn@.service.in \
units/systemd-update-done.service.in
units/systemd-update-done.service.in \
units/tmp.mount.m4
if HAVE_SYSV_COMPAT
nodist_systemunit_DATA += \

12
man/systemd.mount.xml
View File

@ -323,6 +323,18 @@
to 0755.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>SmackFileSystemRoot=</varname></term>
<listitem><para>Takes a string for the smack label.
This option specifies the label to assign the root of the
file system if it lacks the Smack extended attribute.
Note that this option will be ignored if kernel does not
support the Smack feature.
See <ulink
url="https://www.kernel.org/doc/Documentation/security/Smack.txt">Smack.txt</ulink>
for details. </para></listitem>
</varlistentry>
<varlistentry>
<term><varname>TimeoutSec=</varname></term>
<listitem><para>Configures the time to wait for the mount

1
src/core/dbus-mount.c
View File

@ -117,6 +117,7 @@ const sd_bus_vtable bus_mount_vtable[] = {
SD_BUS_PROPERTY("ControlPID", "u", bus_property_get_pid, offsetof(Mount, control_pid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
SD_BUS_PROPERTY("DirectoryMode", "u", bus_property_get_mode, offsetof(Mount, directory_mode), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("SloppyOptions", "b", bus_property_get_bool, offsetof(Mount, sloppy_options), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("SmackFileSystemRoot", "s", NULL, offsetof(Mount, smack_fs_root), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Mount, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
BUS_EXEC_COMMAND_VTABLE("ExecMount", offsetof(Mount, exec_command[MOUNT_EXEC_MOUNT]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
BUS_EXEC_COMMAND_VTABLE("ExecUnmount", offsetof(Mount, exec_command[MOUNT_EXEC_UNMOUNT]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),

1
src/core/load-fragment-gperf.gperf.m4
View File

@ -319,6 +319,7 @@ Mount.Type, config_parse_string, 0,
Mount.TimeoutSec, config_parse_sec, 0, offsetof(Mount, timeout_usec)
Mount.DirectoryMode, config_parse_mode, 0, offsetof(Mount, directory_mode)
Mount.SloppyOptions, config_parse_bool, 0, offsetof(Mount, sloppy_options)
Mount.SmackFileSystemRoot, config_parse_string, 0, offsetof(Mount, smack_fs_root)
EXEC_CONTEXT_CONFIG_ITEMS(Mount)m4_dnl
CGROUP_CONTEXT_CONFIG_ITEMS(Mount)m4_dnl
KILL_CONTEXT_CONFIG_ITEMS(Mount)m4_dnl

36
src/core/mount.c
View File

@ -39,6 +39,7 @@
#include "exit-status.h"
#include "fstab-util.h"
#include "formats-util.h"
#include "smack-util.h"
#define RETRY_UMOUNT_MAX 32
@ -202,6 +203,7 @@ static void mount_done(Unit *u) {
assert(m);
m->where = mfree(m->where);
m->smack_fs_root = mfree(m->smack_fs_root);
mount_parameters_done(&m->parameters_proc_self_mountinfo);
mount_parameters_done(&m->parameters_fragment);
@ -666,7 +668,8 @@ static void mount_dump(Unit *u, FILE *f, const char *prefix) {
"%sOptions: %s\n"
"%sFrom /proc/self/mountinfo: %s\n"
"%sFrom fragment: %s\n"
"%sDirectoryMode: %04o\n",
"%sDirectoryMode: %04o\n"
"%sSmackFileSystemRoot: %s\n",
prefix, mount_state_to_string(m->state),
prefix, mount_result_to_string(m->result),
prefix, m->where,
@ -675,7 +678,8 @@ static void mount_dump(Unit *u, FILE *f, const char *prefix) {
prefix, p ? strna(p->options) : "n/a",
prefix, yes_no(m->from_proc_self_mountinfo),
prefix, yes_no(m->from_fragment),
prefix, m->directory_mode);
prefix, m->directory_mode,
prefix, strna(m->smack_fs_root));
if (m->control_pid > 0)
fprintf(f,
@ -852,6 +856,31 @@ fail:
mount_enter_mounted(m, MOUNT_FAILURE_RESOURCES);
}
static int mount_get_opts(Mount *m, char **_opts) {
int r;
char *o = NULL, *opts = NULL;
r = fstab_filter_options(m->parameters_fragment.options,
"nofail\0" "noauto\0" "auto\0", NULL, NULL, &o);
if (r < 0)
return r;
if (mac_smack_use() && m->smack_fs_root) {
if (!isempty(o)) {
opts = strjoin(o, ",", "smackfsroot=", m->smack_fs_root, NULL);
free(o);
} else
opts = strjoin("smackfsroot=", m->smack_fs_root, NULL);
if (!opts)
return -ENOMEM;
} else
opts = o;
*_opts = opts;
return 0;
}
static void mount_enter_mounting(Mount *m) {
int r;
MountParameters *p;
@ -877,8 +906,7 @@ static void mount_enter_mounting(Mount *m) {
if (m->from_fragment) {
_cleanup_free_ char *opts = NULL;
r = fstab_filter_options(m->parameters_fragment.options,
"nofail\0" "noauto\0" "auto\0", NULL, NULL, &opts);
r = mount_get_opts(m, &opts);
if (r < 0)
goto fail;

1
src/core/mount.h
View File

@ -71,6 +71,7 @@ struct Mount {
bool reset_cpu_usage:1;
bool sloppy_options;
char *smack_fs_root;
MountResult result;
MountResult reload_result;

3
units/tmp.mount → units/tmp.mount.m4
View File

@ -19,3 +19,6 @@ What=tmpfs
Where=/tmp
Type=tmpfs
Options=mode=1777,strictatime
m4_ifdef(`HAVE_SMACK',
SmackFileSystemRoot=*
)m4_dnl