Mercurial > hg > toybox
annotate toys/pending/chcon.c @ 1660:b84024067049 draft
This patch adds a TOYBOX_SELINUX configuration option to control both
the SELinux commands (such as chcon) and the SELinux-specific options
to regular commands (such as ls -Z).
This lets us #include <selinux/selinux.h> in portability.h.
I've also fixed chcon to insist on being given the a context argument.
This patch also adds -Z to id and fixes id's regular output (-G should
be separated by spaces, non-G output should be separated by commas,
and you don't want a double comma where the egid is omitted from the
list of groups).
| author | Elliott Hughes <enh@google.com> |
|---|---|
| date | Fri, 16 Jan 2015 13:36:53 -0600 |
| parents | 51b7d1af353b |
| children | d79dc782c2d9 |
| rev | line source |
|---|---|
|
1603
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
1 /* chcon.c - Change file security context |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
2 * |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
3 * Copyright 2014 The Android Open Source Project |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
4 |
|
1660
b84024067049
This patch adds a TOYBOX_SELINUX configuration option to control both
Elliott Hughes <enh@google.com>
parents:
1603
diff
changeset
|
5 USE_CHCON(NEWTOY(chcon, "<1hRv", TOYFLAG_USR|TOYFLAG_BIN)) |
|
1603
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
6 |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
7 config CHCON |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
8 bool "chcon" |
|
1660
b84024067049
This patch adds a TOYBOX_SELINUX configuration option to control both
Elliott Hughes <enh@google.com>
parents:
1603
diff
changeset
|
9 depends on TOYBOX_SELINUX |
|
b84024067049
This patch adds a TOYBOX_SELINUX configuration option to control both
Elliott Hughes <enh@google.com>
parents:
1603
diff
changeset
|
10 default y |
|
1603
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
11 help |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
12 usage: chcon [-hRv] CONTEXT FILE... |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
13 |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
14 Change the SELinux security context of listed file[s] (recursively with -R). |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
15 |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
16 -h change symlinks instead of what they point to. |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
17 -R recurse into subdirectories. |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
18 -v verbose output. |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
19 */ |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
20 |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
21 #define FOR_chcon |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
22 #include "toys.h" |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
23 |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
24 GLOBALS( |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
25 char *context; |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
26 ) |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
27 |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
28 int do_chcon(struct dirtree *try) |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
29 { |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
30 int ret; |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
31 |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
32 if (!dirtree_notdotdot(try)) return 0; |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
33 |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
34 char *path = dirtree_path(try, 0); |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
35 if (toys.optflags & FLAG_v) |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
36 printf("chcon '%s' to %s\n", path, TT.context); |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
37 ret = ((toys.optflags&FLAG_h) ? lsetfilecon : setfilecon)(path, TT.context); |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
38 if (ret == -1) |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
39 perror_msg("'%s' to %s", path, TT.context); |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
40 free(path); |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
41 |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
42 return (toys.optflags & FLAG_R) ? DIRTREE_RECURSE : 0; |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
43 } |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
44 |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
45 void chcon_main(void) |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
46 { |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
47 TT.context = *toys.optargs; |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
48 char **file; |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
49 |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
50 for (file = toys.optargs+1; *file; file++) dirtree_read(*file, do_chcon); |
|
51b7d1af353b
here's a patch that should let us replace toolbox's chcon.
Elliott Hughes <enh@google.com>
parents:
diff
changeset
|
51 } |