picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
Systemd/man
History
Auke Kok 0eb59ccfe6 SMACK: Add configuration options. (v3) 
This adds SMACK label configuration options to socket units.

SMACK labels should be applied to most objects on disk well before
execution time, but two items remain that are generated dynamically
at run time that require SMACK labels to be set in order to enforce
MAC on all objects.

Files on disk can be labelled using package management.

For device nodes, simple udev rules are sufficient to add SMACK labels
at boot/insertion time.

Sockets can be created at run time and systemd does just that for
several services. In order to protect FIFO's and UNIX domain sockets,
we must instruct systemd to apply SMACK labels at runtime.

This patch adds the following options:

Smack - applicable to FIFO's.
SmackIpIn/SmackIpOut - applicable to sockets.

No external dependencies are required to support SMACK, as setting
the labels is done using fsetxattr(). The labels can be set on a
kernel that does not have SMACK enabled either, so there is no need
to #ifdef any of this code out.

For more information about SMACK, please see Documentation/Smack.txt
in the kernel source code.

v3 of this patch changes the config options to be CamelCased.
2012-10-30 03:40:42 +01:00
..
.gitignore git: update .gitignore 2012-09-17 17:48:19 +02:00
binfmt.d.xml man: replace tabs with spaces 2012-06-10 18:32:11 +02:00
bootup.xml man: fix a bunch of typos in docs 2012-09-13 19:34:24 +02:00
crypttab.xml man: fix a bunch of typos in docs 2012-09-13 19:34:24 +02:00
custom-html.xsl man: html - cross-ref man page references and add Index link 2012-07-17 23:04:48 +02:00
daemon.xml Reword sentences that contain psuedo-English "resp." 2012-10-16 01:03:01 +02:00
halt.xml man: fix typos in halt.xml and journalctl.xml 2012-09-13 19:35:18 +02:00
hostname.xml hostname: add new hostnamectl tool as text client for hostnamed 2012-10-17 21:25:42 +02:00
hostnamectl.xml hostname: add new hostnamectl tool as text client for hostnamed 2012-10-17 21:25:42 +02:00
journalctl.xml journal: properly serialize fields with multiple values into JSON 2012-10-25 01:24:44 +02:00
journald.conf.xml journald.conf: remove MinSize= settings 2012-10-19 00:56:42 +02:00
kernel-command-line.xml man: fix a bunch of typos in docs 2012-09-13 19:34:24 +02:00
locale.conf.xml man: fix a bunch of typos in docs 2012-09-13 19:34:24 +02:00
localectl.xml man: add man page for localectl 2012-10-21 03:35:54 +02:00
localtime.xml hostname: add new hostnamectl tool as text client for hostnamed 2012-10-17 21:25:42 +02:00
loginctl.xml man: typo fixes 2012-10-26 00:16:47 +02:00
logind.conf.xml logind: add 'lock' as possible choice for handling hw keys 2012-10-28 12:29:27 +01:00
machine-id.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
machine-info.xml hostname: add new hostnamectl tool as text client for hostnamed 2012-10-17 21:25:42 +02:00
Makefile build-sys: add small redirecting Makefiles to simplify compilation from within emacs 2010-05-17 01:44:03 +02:00
modules-load.d.xml man: replace tabs with spaces 2012-06-10 18:32:11 +02:00
os-release.xml Reword sentences that contain psuedo-English "resp." 2012-10-16 01:03:01 +02:00
pam_systemd.xml docs: typo fixes in pam_systemd.xml 2012-09-13 19:37:04 +02:00
runlevel.xml relicense to LGPLv2.1 (with exceptions) 2012-04-12 00:24:39 +02:00
sd-daemon.xml Reword sentences that contain psuedo-English "resp." 2012-10-16 01:03:01 +02:00
sd-id128.xml id128: introduce new SD_ID128_CONST_STR() macro 2012-10-16 17:02:51 +02:00
sd-journal.xml journal: add ability to list values a specified field can take in all entries of the journal 2012-10-18 03:35:18 +02:00
sd-login.xml man: move header file man pages from section 7 to 3 2012-07-13 01:50:05 +02:00
sd-readahead.xml Reword sentences that contain psuedo-English "resp." 2012-10-16 01:03:01 +02:00
sd_booted.xml Reword sentences that contain psuedo-English "resp." 2012-10-16 01:03:01 +02:00
sd_get_seats.xml man: clarify the order of seats in sd_get_seats() is undefined 2012-08-09 15:57:01 +02:00
sd_id128_get_machine.xml man: Split sd_randomize(3) from sd_id128_get_{machine,boot}(3) 2012-07-13 22:55:52 +02:00
sd_id128_randomize.xml man: Split sd_randomize(3) from sd_id128_get_{machine,boot}(3) 2012-07-13 22:55:52 +02:00
sd_id128_to_string.xml man: typo fixes 2012-10-26 00:16:47 +02:00
sd_is_fifo.xml man: typo fixes 2012-10-26 00:16:47 +02:00
sd_journal_add_match.xml man: fix example 2012-10-26 01:18:40 +02:00
sd_journal_get_cursor.xml journal: when browsing the journal via browse.html allow clicking on entries to show their details 2012-10-10 22:41:03 +02:00
sd_journal_get_cutoff_realtime_usec.xml man: document sd_journal_get_cursor() 2012-07-13 20:39:05 +02:00
sd_journal_get_data.xml journal: add ability to list values a specified field can take in all entries of the journal 2012-10-18 03:35:18 +02:00
sd_journal_get_fd.xml journal: provide an API that allows client to figure out whether they need to recheck the journal manually for changes in regular intervals 2012-10-26 20:07:33 +02:00
sd_journal_get_realtime_usec.xml man: document sd_journal_get_cursor() 2012-07-13 20:39:05 +02:00
sd_journal_get_usage.xml journal: add call to determine current journal file disk usage 2012-09-07 23:20:28 +02:00
sd_journal_next.xml man: typo fixes 2012-10-26 00:16:47 +02:00
sd_journal_open.xml man: typo fixes 2012-10-26 00:16:47 +02:00
sd_journal_print.xml man: typo fixes 2012-10-26 00:16:47 +02:00
sd_journal_query_unique.xml man: fix compilation warning in sd_journal_query_unique example 2012-10-18 23:45:30 +02:00
sd_journal_seek_head.xml man: typo fixes 2012-10-26 00:16:47 +02:00
sd_journal_stream_fd.xml man: typo fixes 2012-10-26 00:16:47 +02:00
sd_listen_fds.xml Reword sentences that contain psuedo-English "resp." 2012-10-16 01:03:01 +02:00
sd_login_monitor_new.xml man: typo fixes 2012-10-26 00:16:47 +02:00
sd_notify.xml man: typo fixes 2012-10-26 00:16:47 +02:00
sd_pid_get_session.xml man: typo fixes 2012-10-26 00:16:47 +02:00
sd_readahead.xml Reword sentences that contain psuedo-English "resp." 2012-10-16 01:03:01 +02:00
sd_seat_get_active.xml man: typo fixes 2012-10-26 00:16:47 +02:00
sd_session_is_active.xml man: move header file man pages from section 7 to 3 2012-07-13 01:50:05 +02:00
sd_uid_get_state.xml man: typo fixes 2012-10-26 00:16:47 +02:00
shutdown.xml relicense to LGPLv2.1 (with exceptions) 2012-04-12 00:24:39 +02:00
sysctl.d.xml man: fix sysctl.d(5) man page copy/paste mistake 2012-07-19 12:44:58 +02:00
systemctl.xml logind: support for hybrid sleep (i.e. suspend+hibernate at the same time) 2012-10-28 00:50:35 +02:00
systemd-analyze.xml man: typo in systemd-analyze.xml 2012-06-27 10:46:35 +02:00
systemd-ask-password-console.service.xml Reword sentences that contain psuedo-English "resp." 2012-10-16 01:03:01 +02:00
systemd-ask-password.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd-binfmt.service.xml man: fix 'sysytemd' typos 2012-06-13 00:09:25 +02:00
systemd-cat.xml Reword sentences that contain psuedo-English "resp." 2012-10-16 01:03:01 +02:00
systemd-cgls.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd-cgtop.xml Reword sentences that contain psuedo-English "resp." 2012-10-16 01:03:01 +02:00
systemd-coredumpctl.xml coredumpctl: add 'gdb' verb to start gdb right-away on a collected coredump 2012-10-27 01:19:47 +02:00
systemd-cryptsetup-generator.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd-cryptsetup@.service.xml man: document systemd-cryptsetup-generator 2012-06-27 14:51:47 +02:00
systemd-delta.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd-detect-virt.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd-fsck@.service.xml man: document systemd-cryptsetup 2012-06-27 12:19:35 +02:00
systemd-fstab-generator.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd-getty-generator.xml man: fix invalid links to generator wiki pages 2012-10-02 11:52:29 -04:00
systemd-halt.service.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd-hostnamed.service.xml man: add man page for localectl 2012-10-21 03:35:54 +02:00
systemd-inhibit.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd-initctl.service.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd-journald.service.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd-localed.service.xml man: add man page for localectl 2012-10-21 03:35:54 +02:00
systemd-logind.service.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd-machine-id-setup.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd-modules-load.service.xml man: update man pages to reflect the driver= to load-modules= rename 2012-07-04 01:12:53 +02:00
systemd-notify.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd-nspawn.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd-quotacheck.service.xml man: document quotacheck 2012-06-27 01:17:49 +02:00
systemd-random-seed-load.service.xml man: document systemd-random-seed-load.service 2012-06-25 12:13:17 +02:00
systemd-readahead-replay.service.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd-remount-fs.service.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd-shutdownd.service.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd-suspend.service.xml logind: support for hybrid sleep (i.e. suspend+hibernate at the same time) 2012-10-28 00:50:35 +02:00
systemd-sysctl.service.xml man: fix 'sysytemd' typos 2012-06-13 00:09:25 +02:00
systemd-system-update-generator.xml man: fix invalid links to generator wiki pages 2012-10-02 11:52:29 -04:00
systemd-timedated.service.xml timedatectl: introduce new command line client for timedated 2012-10-17 21:25:42 +02:00
systemd-tmpfiles.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd-tty-ask-password-agent.xml man: fix --h vs. -h typos 2012-06-27 10:48:13 +02:00
systemd-udevd.service.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd-update-utmp-runlevel.service.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd-user-sessions.service.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd-vconsole-setup.service.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd.automount.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd.conf.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd.device.xml directive-index: add UDEV fields 2012-09-17 12:42:22 +02:00
systemd.exec.xml man: minor updates 2012-10-26 01:18:41 +02:00
systemd.journal-fields.xml man: minor updates 2012-10-26 01:18:41 +02:00
systemd.kill.xml Reword sentences that contain psuedo-English "resp." 2012-10-16 01:03:01 +02:00
systemd.mount.xml unit: split off KillContext from ExecContext containing only kill definitions 2012-07-20 00:10:31 +02:00
systemd.path.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd.preset.xml man: add various links from man pages to appropriate wiki pages 2012-06-28 18:58:56 +02:00
systemd.service.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd.snapshot.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd.socket.xml SMACK: Add configuration options. (v3) 2012-10-30 03:40:42 +01:00
systemd.special.xml logind: support for hybrid sleep (i.e. suspend+hibernate at the same time) 2012-10-28 00:50:35 +02:00
systemd.swap.xml Reword sentences that contain psuedo-English "resp." 2012-10-16 01:03:01 +02:00
systemd.target.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd.timer.xml man: reword man page titles 2012-07-16 18:08:25 +02:00
systemd.unit.xml man: typo fixes 2012-10-26 00:16:47 +02:00
systemd.xml man: typo fixes 2012-10-26 00:16:47 +02:00
telinit.xml relicense to LGPLv2.1 (with exceptions) 2012-04-12 00:24:39 +02:00
timedatectl.xml timedatectl: rename --fix-system to --adjust-system-clock 2012-10-17 22:52:21 +02:00
tmpfiles.d.xml man: typo fixes 2012-10-26 00:16:47 +02:00
udev.xml man: typo fixes 2012-10-26 00:16:47 +02:00
udevadm.xml udev: add "udevadm hwdb --test=<modalias>" 2012-10-28 04:41:15 +01:00
vconsole.conf.xml man: typo fixes 2012-10-26 00:16:47 +02:00