Set SmackProcessLabel to System::Privileged

Change-Id: I01a252b8d209d21440477ff82fc3611f8dc191bf
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>

3 files changed, 3 insertions, 0 deletions

diff --git a/systemd/security-manager-cleanup.service.in b/systemd/security-manager-cleanup.service.in
index 95519997..a004d5ee 100644
--- a/systemd/security-manager-cleanup.service.in
+++ b/systemd/security-manager-cleanup.service.in
@@ -7,4 +7,5 @@ Requires=sysinit.target
 Type=oneshot
 RemainAfterExit=yes
 ExecStart = @BIN_INSTALL_DIR@/security-manager-cleanup
+SmackProcessLabel=System::Privileged
 
diff --git a/systemd/security-manager-rules-loader.service.in b/systemd/security-manager-rules-loader.service.in
index d10a3b5e..44a84d55 100644
--- a/systemd/security-manager-rules-loader.service.in
+++ b/systemd/security-manager-rules-loader.service.in
@@ -7,6 +7,7 @@ DefaultDependencies=no
 [Service]
 Type=oneshot
 ExecStart=/bin/dd if=@LOCAL_STATE_DIR@/security-manager/rules-merged/rules.merged of=/sys/fs/smackfs/load2 bs=20M
+SmackProcessLabel=Systemd::Privileged
 
 [Install]
 WantedBy=basic.target
diff --git a/systemd/security-manager.service.in b/systemd/security-manager.service.in
index cec580e0..5205b366 100644
--- a/systemd/security-manager.service.in
+++ b/systemd/security-manager.service.in
@@ -6,3 +6,4 @@ Type=notify
 ExecStart=@BIN_INSTALL_DIR@/security-manager
 Sockets=security-manager.socket
 Restart=always
+SmackProcessLabel=System::Privileged