|
|
aba7ab1 |
#include <stdio.h>
|
|
|
aba7ab1 |
#include <stdlib.h>
|
|
|
aba7ab1 |
#include <string.h>
|
|
|
aba7ab1 |
#include <stdint.h>
|
|
|
aba7ab1 |
#include <errno.h>
|
|
|
aba7ab1 |
#include <selinux/selinux.h>
|
|
|
aba7ab1 |
#include <selinux/label.h>
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
int main (int argc, char **argv)
|
|
|
aba7ab1 |
{
|
|
|
aba7ab1 |
struct selabel_handle *hnd = NULL;
|
|
|
aba7ab1 |
unsigned int backend = 0;
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
struct selinux_opt selabel_option [] = {
|
|
|
aba7ab1 |
{ SELABEL_OPT_PATH, NULL },
|
|
|
aba7ab1 |
{ SELABEL_OPT_SUBSET, NULL },
|
|
|
aba7ab1 |
{ SELABEL_OPT_VALIDATE, (char *) 1 },
|
|
|
aba7ab1 |
{ SELABEL_OPT_BASEONLY, (char *) 1 }
|
|
|
aba7ab1 |
};
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
if (argc < 7) {
|
|
|
aba7ab1 |
fprintf(stderr, "Invalid number of arguments\n");
|
|
|
aba7ab1 |
return 255;
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
// set backend
|
|
|
aba7ab1 |
if (strcmp(argv[1], "CTX_FILE") == 0)
|
|
|
aba7ab1 |
backend = SELABEL_CTX_FILE;
|
|
|
aba7ab1 |
else if (strcmp(argv[1], "CTX_MEDIA") == 0)
|
|
|
aba7ab1 |
backend = SELABEL_CTX_MEDIA;
|
|
|
aba7ab1 |
else if (strcmp(argv[1], "CTX_X") == 0)
|
|
|
aba7ab1 |
backend = SELABEL_CTX_X;
|
|
|
aba7ab1 |
else if (strcmp(argv[1], "CTX_DB") == 0)
|
|
|
aba7ab1 |
backend = SELABEL_CTX_DB;
|
|
|
aba7ab1 |
#ifndef RHEL6
|
|
|
aba7ab1 |
else if (strcmp(argv[1], "CTX_ANDROID_PROP") == 0)
|
|
|
aba7ab1 |
backend = SELABEL_CTX_ANDROID_PROP;
|
|
|
aba7ab1 |
#endif
|
|
|
aba7ab1 |
else
|
|
|
aba7ab1 |
backend = strtoul(argv[1], NULL, 10);
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
if ((argc == 8) && (strcmp(argv[7], "nohandle") == 0)) {
|
|
|
aba7ab1 |
hnd = NULL;
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
else {
|
|
|
aba7ab1 |
// set file contexts path
|
|
|
aba7ab1 |
if (strcmp(argv[2], "NULL") == 0) {
|
|
|
aba7ab1 |
selabel_option[0].value = NULL;
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
else {
|
|
|
aba7ab1 |
selabel_option[0].value = argv[2];
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
// set subset
|
|
|
aba7ab1 |
if (strcmp(argv[3], "NULL") == 0) {
|
|
|
aba7ab1 |
selabel_option[1].value = NULL;
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
else {
|
|
|
aba7ab1 |
selabel_option[1].value = argv[3];
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
// set validate
|
|
|
aba7ab1 |
if (strcmp(argv[4], "0") == 0) {
|
|
|
aba7ab1 |
selabel_option[2].value = NULL;
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
else {
|
|
|
aba7ab1 |
selabel_option[2].value = (char *) 1;
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
// set baseonly
|
|
|
aba7ab1 |
if (strcmp(argv[5], "0") == 0) {
|
|
|
aba7ab1 |
selabel_option[3].value = NULL;
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
else {
|
|
|
aba7ab1 |
selabel_option[3].value = (char *) 1;
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
printf("selabel_options: ");
|
|
|
aba7ab1 |
printf("SELABEL_OPT_PATH = %s, ", selabel_option[0].value);
|
|
|
aba7ab1 |
printf("SELABEL_OPT_SUBSET = %s, ", selabel_option[1].value);
|
|
|
aba7ab1 |
printf("SELABEL_OPT_VALIDATE = %ld, ", (long int)(intptr_t) selabel_option[2].value);
|
|
|
aba7ab1 |
printf("SELABEL_OPT_BASEONLY = %ld\n", (long int)(intptr_t) selabel_option[3].value);
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
printf("Executing: selabel_open(SELABEL_%s, &selabel_option, 4)\n", argv[1]);
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
errno = 0;
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
if ((hnd = selabel_open(backend, selabel_option, 4)) == NULL) {
|
|
|
aba7ab1 |
int e = errno;
|
|
|
aba7ab1 |
perror("selabel_open - ERROR");
|
|
|
aba7ab1 |
return e;
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
char *path;
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
if (strcmp(argv[6], "NULL") == 0) {
|
|
|
aba7ab1 |
path = NULL;
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
else {
|
|
|
aba7ab1 |
path = argv[6];
|
|
|
aba7ab1 |
}
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
printf("Executing: selabel_partial_match(hnd, %s)\n", path);
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
errno = 0;
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
if (selabel_partial_match(hnd, path))
|
|
|
aba7ab1 |
printf("selabel_partial_match: true\n");
|
|
|
aba7ab1 |
else
|
|
|
aba7ab1 |
printf("selabel_partial_match: false\n");
|
|
|
aba7ab1 |
|
|
|
aba7ab1 |
selabel_close(hnd);
|
|
|
aba7ab1 |
return 0;
|
|
|
aba7ab1 |
}
|