shared: split mkdir_*() and mkdir_*_label() from each other
Avoid pulling-in selinux for tools which just create directories but not need to fix the selinux label.
This commit is contained in:
Kay Sievers
parent
819da59577
commit
39bdfa31f2
|
|
@ -752,6 +752,7 @@ libsystemd_label_la_SOURCES = \
|
|||
src/shared/selinux-util.c \
|
||||
src/shared/selinux-util.h \
|
||||
src/shared/mkdir.c \
|
||||
src/shared/mkdir-label.c \
|
||||
src/shared/mkdir.h \
|
||||
src/shared/ask-password-api.c \
|
||||
src/shared/ask-password-api.h \
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ int cg_create(const char *controller, const char *path) {
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = mkdir_parents_prefix("/sys/fs/cgroup", fs, 0755);
|
||||
r = mkdir_parents_prefix_label("/sys/fs/cgroup", fs, 0755);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
|
|
|
|||
|
|
@ -257,14 +257,14 @@ void label_free(const char *label) {
|
|||
#endif
|
||||
}
|
||||
|
||||
int label_mkdir(const char *path, mode_t mode, bool apply) {
|
||||
int label_mkdir(const char *path, mode_t mode) {
|
||||
|
||||
/* Creates a directory and labels it according to the SELinux policy */
|
||||
#ifdef HAVE_SELINUX
|
||||
int r;
|
||||
security_context_t fcon = NULL;
|
||||
|
||||
if (!apply || !use_selinux() || !label_hnd)
|
||||
if (!use_selinux() || !label_hnd)
|
||||
goto skipped;
|
||||
|
||||
if (path_is_absolute(path))
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ void label_free(const char *label);
|
|||
|
||||
int label_get_create_label_from_exe(const char *exe, char **label);
|
||||
|
||||
int label_mkdir(const char *path, mode_t mode, bool apply);
|
||||
int label_mkdir(const char *path, mode_t mode);
|
||||
|
||||
void label_retest_selinux(void);
|
||||
|
||||
|
|
|
|||
53
src/shared/mkdir-label.c
Normal file
53
src/shared/mkdir-label.c
Normal file
|
|
@ -0,0 +1,53 @@
|
|||
/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
|
||||
|
||||
/***
|
||||
This file is part of systemd.
|
||||
|
||||
Copyright 2010 Lennart Poettering
|
||||
Copyright 2013 Kay Sievers
|
||||
|
||||
systemd is free software; you can redistribute it and/or modify it
|
||||
under the terms of the GNU Lesser General Public License as published by
|
||||
the Free Software Foundation; either version 2.1 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
systemd is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
Lesser General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Lesser General Public License
|
||||
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
||||
***/
|
||||
|
||||
#include <assert.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
#include <errno.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#include "label.h"
|
||||
#include "util.h"
|
||||
#include "path-util.h"
|
||||
#include "mkdir.h"
|
||||
|
||||
int mkdir_label(const char *path, mode_t mode) {
|
||||
return label_mkdir(path, mode);
|
||||
}
|
||||
|
||||
int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid) {
|
||||
return mkdir_safe_internal(path, mode, uid, gid, label_mkdir);
|
||||
}
|
||||
|
||||
int mkdir_parents_label(const char *path, mode_t mode) {
|
||||
return mkdir_parents_internal(NULL, path, mode, label_mkdir);
|
||||
}
|
||||
|
||||
int mkdir_parents_prefix_label(const char *prefix, const char *path, mode_t mode) {
|
||||
return mkdir_parents_internal(prefix, path, mode, label_mkdir);
|
||||
}
|
||||
|
||||
int mkdir_p_label(const char *path, mode_t mode) {
|
||||
return mkdir_p_internal(NULL, path, mode, label_mkdir);
|
||||
}
|
||||
|
|
@ -31,14 +31,10 @@
|
|||
#include "path-util.h"
|
||||
#include "mkdir.h"
|
||||
|
||||
int mkdir_label(const char *path, mode_t mode) {
|
||||
return label_mkdir(path, mode, true);
|
||||
}
|
||||
|
||||
static int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, bool apply) {
|
||||
int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, mkdir_func_t _mkdir) {
|
||||
struct stat st;
|
||||
|
||||
if (label_mkdir(path, mode, apply) >= 0)
|
||||
if (_mkdir(path, mode) >= 0)
|
||||
if (chmod_and_chown(path, mode, uid, gid) < 0)
|
||||
return -errno;
|
||||
|
||||
|
|
@ -60,10 +56,6 @@ int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid) {
|
|||
return mkdir_safe_internal(path, mode, uid, gid, false);
|
||||
}
|
||||
|
||||
int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid) {
|
||||
return mkdir_safe_internal(path, mode, uid, gid, true);
|
||||
}
|
||||
|
||||
static int is_dir(const char* path) {
|
||||
struct stat st;
|
||||
|
||||
|
|
@ -73,7 +65,7 @@ static int is_dir(const char* path) {
|
|||
return S_ISDIR(st.st_mode);
|
||||
}
|
||||
|
||||
static int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, bool apply) {
|
||||
int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, mkdir_func_t _mkdir) {
|
||||
const char *p, *e;
|
||||
int r;
|
||||
|
||||
|
|
@ -116,34 +108,26 @@ static int mkdir_parents_internal(const char *prefix, const char *path, mode_t m
|
|||
if (prefix && path_startswith(prefix, t))
|
||||
continue;
|
||||
|
||||
r = label_mkdir(t, mode, apply);
|
||||
r = _mkdir(t, mode);
|
||||
if (r < 0 && errno != EEXIST)
|
||||
return -errno;
|
||||
}
|
||||
}
|
||||
|
||||
int mkdir_parents(const char *path, mode_t mode) {
|
||||
return mkdir_parents_internal(NULL, path, mode, false);
|
||||
return mkdir_parents_internal(NULL, path, mode, mkdir);
|
||||
}
|
||||
|
||||
int mkdir_parents_label(const char *path, mode_t mode) {
|
||||
return mkdir_parents_internal(NULL, path, mode, true);
|
||||
}
|
||||
|
||||
int mkdir_parents_prefix(const char *prefix, const char *path, mode_t mode) {
|
||||
return mkdir_parents_internal(prefix, path, mode, true);
|
||||
}
|
||||
|
||||
static int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, bool apply) {
|
||||
int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, mkdir_func_t _mkdir) {
|
||||
int r;
|
||||
|
||||
/* Like mkdir -p */
|
||||
|
||||
r = mkdir_parents_internal(prefix, path, mode, apply);
|
||||
r = mkdir_parents_internal(prefix, path, mode, _mkdir);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = label_mkdir(path, mode, apply);
|
||||
r = _mkdir(path, mode);
|
||||
if (r < 0 && (errno != EEXIST || is_dir(path) <= 0))
|
||||
return -errno;
|
||||
|
||||
|
|
@ -151,13 +135,9 @@ static int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, b
|
|||
}
|
||||
|
||||
int mkdir_p(const char *path, mode_t mode) {
|
||||
return mkdir_p_internal(NULL, path, mode, false);
|
||||
}
|
||||
|
||||
int mkdir_p_label(const char *path, mode_t mode) {
|
||||
return mkdir_p_internal(NULL, path, mode, true);
|
||||
return mkdir_p_internal(NULL, path, mode, mkdir);
|
||||
}
|
||||
|
||||
int mkdir_p_prefix(const char *prefix, const char *path, mode_t mode) {
|
||||
return mkdir_p_internal(prefix, path, mode, false);
|
||||
return mkdir_p_internal(prefix, path, mode, mkdir);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@
|
|||
This file is part of systemd.
|
||||
|
||||
Copyright 2010 Lennart Poettering
|
||||
Copyright 2013 Kay Sievers
|
||||
|
||||
systemd is free software; you can redistribute it and/or modify it
|
||||
under the terms of the GNU Lesser General Public License as published by
|
||||
|
|
@ -24,17 +25,21 @@
|
|||
|
||||
#include <sys/types.h>
|
||||
|
||||
int mkdir_label(const char *path, mode_t mode);
|
||||
|
||||
int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid);
|
||||
int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid);
|
||||
|
||||
int mkdir_parents(const char *path, mode_t mode);
|
||||
int mkdir_parents_label(const char *path, mode_t mode);
|
||||
int mkdir_parents_prefix(const char *prefix, const char *path, mode_t mode);
|
||||
|
||||
int mkdir_p(const char *path, mode_t mode);
|
||||
int mkdir_p_label(const char *path, mode_t mode);
|
||||
int mkdir_p_prefix(const char *prefix, const char *path, mode_t mode);
|
||||
|
||||
/* selinux versions */
|
||||
int mkdir_label(const char *path, mode_t mode);
|
||||
int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid);
|
||||
int mkdir_parents_label(const char *path, mode_t mode);
|
||||
int mkdir_p_label(const char *path, mode_t mode);
|
||||
int mkdir_parents_prefix_label(const char *prefix, const char *path, mode_t mode);
|
||||
|
||||
/* internally used */
|
||||
typedef int (*mkdir_func_t)(const char *pathname, mode_t mode);
|
||||
int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, mkdir_func_t _mkdir);
|
||||
int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, mkdir_func_t _mkdir);
|
||||
int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, mkdir_func_t _mkdir);
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Reference in a new issue