Changeset 3232 in MondoRescue for branches/3.2/mindi-busybox/selinux
- Timestamp:
- Jan 1, 2014, 12:47:38 AM (10 years ago)
- Location:
- branches/3.2/mindi-busybox/selinux
- Files:
-
- 11 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/3.2/mindi-busybox/selinux/chcon.c
r2725 r3232 8 8 * Licensed under GPLv2, see file LICENSE in this source tree. 9 9 */ 10 #include <getopt.h> 10 11 //usage:#define chcon_trivial_usage 12 //usage: "[OPTIONS] CONTEXT FILE..." 13 //usage: "\n chcon [OPTIONS] [-u USER] [-r ROLE] [-l RANGE] [-t TYPE] FILE..." 14 //usage: IF_FEATURE_CHCON_LONG_OPTIONS( 15 //usage: "\n chcon [OPTIONS] --reference=RFILE FILE..." 16 //usage: ) 17 //usage:#define chcon_full_usage "\n\n" 18 //usage: "Change the security context of each FILE to CONTEXT\n" 19 //usage: IF_FEATURE_CHCON_LONG_OPTIONS( 20 //usage: "\n -v,--verbose Verbose" 21 //usage: "\n -c,--changes Report changes made" 22 //usage: "\n -h,--no-dereference Affect symlinks instead of their targets" 23 //usage: "\n -f,--silent,--quiet Suppress most error messages" 24 //usage: "\n --reference=RFILE Use RFILE's group instead of using a CONTEXT value" 25 //usage: "\n -u,--user=USER Set user/role/type/range in the target" 26 //usage: "\n -r,--role=ROLE security context" 27 //usage: "\n -t,--type=TYPE" 28 //usage: "\n -l,--range=RANGE" 29 //usage: "\n -R,--recursive Recurse" 30 //usage: ) 31 //usage: IF_NOT_FEATURE_CHCON_LONG_OPTIONS( 32 //usage: "\n -v Verbose" 33 //usage: "\n -c Report changes made" 34 //usage: "\n -h Affect symlinks instead of their targets" 35 //usage: "\n -f Suppress most error messages" 36 //usage: "\n -u USER Set user/role/type/range in the target security context" 37 //usage: "\n -r ROLE" 38 //usage: "\n -t TYPE" 39 //usage: "\n -l RNG" 40 //usage: "\n -R Recurse" 41 //usage: ) 42 11 43 #include <selinux/context.h> 12 44 … … 61 93 if (specified_context == NULL) { 62 94 context = set_security_context_component(file_context, 63 95 user, role, type, range); 64 96 if (!context) { 65 97 bb_error_msg("can't compute security context from %s", file_context); … … 90 122 if ((option_mask32 & OPT_VERBOSE) || ((option_mask32 & OPT_CHANHES) && !fail)) { 91 123 printf(!fail 92 93 94 124 ? "context of %s changed to %s\n" 125 : "can't change context of %s to %s\n", 126 fname, context_string); 95 127 } 96 128 if (!fail) { … … 98 130 } else if ((option_mask32 & OPT_QUIET) == 0) { 99 131 bb_error_msg("can't change context of %s to %s", 100 132 fname, context_string); 101 133 } 102 134 } else if (option_mask32 & OPT_VERBOSE) { … … 150 182 if (option_mask32 & OPT_REFERENCE) { 151 183 /* FIXME: lgetfilecon() should be used when '-h' is specified. 152 184 * But current implementation follows the original one. */ 153 185 if (getfilecon(reference_file, &specified_context) < 0) 154 186 bb_perror_msg_and_die("getfilecon('%s') failed", reference_file); … … 170 202 171 203 if (recursive_action(fname, 172 173 174 175 204 1<<option_mask32 & OPT_RECURSIVE, 205 change_filedir_context, 206 change_filedir_context, 207 NULL, 0) != TRUE) 176 208 errors = 1; 177 209 } -
branches/3.2/mindi-busybox/selinux/getenforce.c
r2725 r3232 7 7 * Licensed under GPLv2, see file LICENSE in this source tree. 8 8 */ 9 10 //usage:#define getenforce_trivial_usage NOUSAGE_STR 11 //usage:#define getenforce_full_usage "" 9 12 10 13 #include "libbb.h" -
branches/3.2/mindi-busybox/selinux/getsebool.c
r2725 r3232 7 7 * Licensed under GPLv2, see file LICENSE in this source tree. 8 8 */ 9 10 //usage:#define getsebool_trivial_usage 11 //usage: "-a or getsebool boolean..." 12 //usage:#define getsebool_full_usage "\n\n" 13 //usage: " -a Show all selinux booleans" 9 14 10 15 #include "libbb.h" -
branches/3.2/mindi-busybox/selinux/load_policy.c
r2725 r3232 5 5 * Licensed under GPLv2, see file LICENSE in this source tree. 6 6 */ 7 8 //usage:#define load_policy_trivial_usage NOUSAGE_STR 9 //usage:#define load_policy_full_usage "" 10 7 11 #include "libbb.h" 8 12 -
branches/3.2/mindi-busybox/selinux/matchpathcon.c
r2725 r3232 6 6 * Licensed under GPLv2, see file LICENSE in this source tree. 7 7 */ 8 9 //usage:#define matchpathcon_trivial_usage 10 //usage: "[-n] [-N] [-f file_contexts_file] [-p prefix] [-V]" 11 //usage:#define matchpathcon_full_usage "\n\n" 12 //usage: " -n Don't display path" 13 //usage: "\n -N Don't use translations" 14 //usage: "\n -f Use alternate file_context file" 15 //usage: "\n -p Use prefix to speed translations" 16 //usage: "\n -V Verify file context on disk matches defaults" 17 8 18 #include "libbb.h" 9 19 -
branches/3.2/mindi-busybox/selinux/runcon.c
r2725 r3232 29 29 * Licensed under GPLv2, see file LICENSE in this source tree. 30 30 */ 31 #include <getopt.h> 31 32 //usage:#define runcon_trivial_usage 33 //usage: "[-c] [-u USER] [-r ROLE] [-t TYPE] [-l RANGE] PROG ARGS\n" 34 //usage: "runcon CONTEXT PROG ARGS" 35 //usage:#define runcon_full_usage "\n\n" 36 //usage: "Run PROG in a different security context\n" 37 //usage: "\n CONTEXT Complete security context\n" 38 //usage: IF_FEATURE_RUNCON_LONG_OPTIONS( 39 //usage: "\n -c,--compute Compute process transition context before modifying" 40 //usage: "\n -t,--type=TYPE Type (for same role as parent)" 41 //usage: "\n -u,--user=USER User identity" 42 //usage: "\n -r,--role=ROLE Role" 43 //usage: "\n -l,--range=RNG Levelrange" 44 //usage: ) 45 //usage: IF_NOT_FEATURE_RUNCON_LONG_OPTIONS( 46 //usage: "\n -c Compute process transition context before modifying" 47 //usage: "\n -t TYPE Type (for same role as parent)" 48 //usage: "\n -u USER User identity" 49 //usage: "\n -r ROLE Role" 50 //usage: "\n -l RNG Levelrange" 51 //usage: ) 52 32 53 #include <selinux/context.h> 33 54 #include <selinux/flask.h> … … 36 57 37 58 static context_t runcon_compute_new_context(char *user, char *role, char *type, char *range, 38 59 char *command, int compute_trans) 39 60 { 40 61 context_t con; … … 49 70 if (getfilecon(command, &file_context) < 0) 50 71 bb_error_msg_and_die("can't retrieve attributes of '%s'", 51 72 command); 52 73 if (security_compute_create(cur_context, file_context, 53 74 SECCLASS_PROCESS, &new_context)) 54 75 bb_error_msg_and_die("unable to compute a new context"); 55 76 cur_context = new_context; … … 127 148 if (security_check_context(context_str(con))) 128 149 bb_error_msg_and_die("'%s' is not a valid context", 129 150 context_str(con)); 130 151 131 152 if (setexeccon(context_str(con))) 132 153 bb_error_msg_and_die("can't set up security context '%s'", 133 154 context_str(con)); 134 155 135 execvp(argv[0], argv); 136 bb_perror_msg_and_die("can't execute '%s'", argv[0]); 156 BB_EXECVP_or_die(argv); 137 157 } -
branches/3.2/mindi-busybox/selinux/selinuxenabled.c
r2725 r3232 7 7 * Licensed under GPLv2, see file LICENSE in this source tree. 8 8 */ 9 10 //usage:#define selinuxenabled_trivial_usage NOUSAGE_STR 11 //usage:#define selinuxenabled_full_usage "" 12 9 13 #include "libbb.h" 10 14 -
branches/3.2/mindi-busybox/selinux/sestatus.c
r2725 r3232 9 9 */ 10 10 11 //usage:#define sestatus_trivial_usage 12 //usage: "[-vb]" 13 //usage:#define sestatus_full_usage "\n\n" 14 //usage: " -v Verbose" 15 //usage: "\n -b Display current state of booleans" 16 11 17 #include "libbb.h" 12 18 … … 36 42 goto skip; 37 43 printf(COL_FMT "%s", 38 44 bools[i], active == 0 ? "off" : "on"); 39 45 if (active != pending) 40 46 printf(" (%sactivate pending)", pending == 0 ? "in" : ""); -
branches/3.2/mindi-busybox/selinux/setenforce.c
r2725 r3232 7 7 * Licensed under GPLv2, see file LICENSE in this source tree. 8 8 */ 9 10 //usage:#define setenforce_trivial_usage 11 //usage: "[Enforcing | Permissive | 1 | 0]" 12 //usage:#define setenforce_full_usage "" 9 13 10 14 #include "libbb.h" -
branches/3.2/mindi-busybox/selinux/setfiles.c
r2725 r3232 4 4 Port to BusyBox (c) 2007 by Yuichi Nakamura <ynakam@hitachisoft.jp> 5 5 */ 6 7 //usage:#define setfiles_trivial_usage 8 //usage: "[-dnpqsvW] [-e DIR]... [-o FILE] [-r alt_root_path]" 9 //usage: IF_FEATURE_SETFILES_CHECK_OPTION( 10 //usage: " [-c policyfile] spec_file" 11 //usage: ) 12 //usage: " pathname" 13 //usage:#define setfiles_full_usage "\n\n" 14 //usage: "Reset file contexts under pathname according to spec_file\n" 15 //usage: IF_FEATURE_SETFILES_CHECK_OPTION( 16 //usage: "\n -c FILE Check the validity of the contexts against the specified binary policy" 17 //usage: ) 18 //usage: "\n -d Show which specification matched each file" 19 //usage: "\n -l Log changes in file labels to syslog" 20 //usage: "\n -n Don't change any file labels" 21 //usage: "\n -q Suppress warnings" 22 //usage: "\n -r DIR Use an alternate root path" 23 //usage: "\n -e DIR Exclude DIR" 24 //usage: "\n -F Force reset of context to match file_context for customizable files" 25 //usage: "\n -o FILE Save list of files with incorrect context" 26 //usage: "\n -s Take a list of files from stdin (instead of command line)" 27 //usage: "\n -v Show changes in file labels, if type or role are changing" 28 //usage: "\n -vv Show changes in file labels, if type, role, or user are changing" 29 //usage: "\n -W Display warnings about entries that had no matching files" 30 //usage: 31 //usage:#define restorecon_trivial_usage 32 //usage: "[-iFnRv] [-e EXCLUDEDIR]... [-o FILE] [-f FILE]" 33 //usage:#define restorecon_full_usage "\n\n" 34 //usage: "Reset security contexts of files in pathname\n" 35 //usage: "\n -i Ignore files that don't exist" 36 //usage: "\n -f FILE File with list of files to process" 37 //usage: "\n -e DIR Directory to exclude" 38 //usage: "\n -R,-r Recurse" 39 //usage: "\n -n Don't change any file labels" 40 //usage: "\n -o FILE Save list of files with incorrect context" 41 //usage: "\n -v Verbose" 42 //usage: "\n -vv Show changed labels" 43 //usage: "\n -F Force reset of context to match file_context" 44 //usage: "\n for customizable files, or the user section," 45 //usage: "\n if it has changed" 6 46 7 47 #include "libbb.h" … … 459 499 if (S_ISDIR(sb.st_mode) && recurse) { 460 500 if (recursive_action(name, 461 ACTION_RECURSE, 462 apply_spec, 463 apply_spec, 464 NULL, 0) != TRUE) { 501 ACTION_RECURSE, 502 apply_spec, 503 apply_spec, 504 NULL, 0) != TRUE 505 ) { 465 506 bb_error_msg("error while labeling %s", name); 466 507 goto err; … … 545 586 IF_FEATURE_SETFILES_CHECK_OPTION("c:"), 546 587 &exclude_dir, &input_filename, &rootpath, &out_filename, 547 588 IF_FEATURE_SETFILES_CHECK_OPTION(&policyfile,) 548 589 &verbose); 549 590 } … … 561 602 562 603 /* Only process the specified file_contexts file, not 563 564 604 * any .homedirs or .local files, and do not perform 605 * context translations. */ 565 606 set_matchpathcon_flags(MATCHPATHCON_BASEONLY | 566 607 MATCHPATHCON_NOTRANS | … … 592 633 if (applet_name[0] == 's') { /* setfiles */ 593 634 /* Use our own invalid context checking function so that 594 595 635 * we can support either checking against the active policy or 636 * checking against a binary policy file. */ 596 637 set_matchpathcon_canoncon(&canoncon); 597 638 if (!argv[0]) -
branches/3.2/mindi-busybox/selinux/setsebool.c
r2725 r3232 8 8 * Licensed under GPLv2, see file LICENSE in this source tree. 9 9 */ 10 11 //usage:#define setsebool_trivial_usage 12 //usage: "boolean value" 13 //usage:#define setsebool_full_usage "\n\n" 14 //usage: "Change boolean setting" 10 15 11 16 #include "libbb.h"
Note:
See TracChangeset
for help on using the changeset viewer.