socket: introduce SELinuxLabelViaNet option

This makes possible to spawn service instances triggered by socket with MLS/MCS SELinux labels which are created based on information provided by connected peer. Implementation of label_get_child_label derived from xinetd. Reviewed-by: Paul Moore <pmoore@redhat.com>
author: Michal Sekletar <msekleta@redhat.com> 2014-07-24 10:40:28 +0200
committer: Michal Sekletar <msekleta@redhat.com> 2014-08-19 18:57:12 +0200
commit: cf8bd44339b00330fdbc91041d6731ba8aba9fec (patch)
tree: 50131a58cdb8e65adc849c0971ff832ec208d6ec /src/core/socket.h
parent: 6c3e68e7c1adc6176526e69769bf2eba86cdd257 (diff)
download: systemd-cf8bd44339b00330fdbc91041d6731ba8aba9fec.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/src/core/socket.h b/src/core/socket.h
index eede70564a..ab342c34e8 100644
--- a/src/core/socket.h
+++ b/src/core/socket.h
@@ -165,6 +165,8 @@ struct Socket {
         char *smack_ip_in;
         char *smack_ip_out;
 
+        bool selinux_label_via_net;
+
         char *user, *group;
 };
author	Michal Sekletar <msekleta@redhat.com>	2014-07-24 10:40:28 +0200
committer	Michal Sekletar <msekleta@redhat.com>	2014-08-19 18:57:12 +0200
commit	cf8bd44339b00330fdbc91041d6731ba8aba9fec (patch)
tree	50131a58cdb8e65adc849c0971ff832ec208d6ec /src/core/socket.h
parent	6c3e68e7c1adc6176526e69769bf2eba86cdd257 (diff)
download	systemd-cf8bd44339b00330fdbc91041d6731ba8aba9fec.tar.gz