Merge "Change setsebool syntax to be consistent with other init built-ins."
This commit is contained in:
Dima Zavin
Gerrit Code Review
commit
82ea44f88f
4 changed files with 34 additions and 48 deletions
|
|
@ -754,34 +754,29 @@ int do_restorecon(int nargs, char **args) {
|
||||||
}
|
}
|
||||||
|
|
||||||
int do_setsebool(int nargs, char **args) {
|
int do_setsebool(int nargs, char **args) {
|
||||||
SELboolean *b = alloca(nargs * sizeof(SELboolean));
|
const char *name = args[1];
|
||||||
char *v;
|
const char *value = args[2];
|
||||||
int i;
|
SELboolean b;
|
||||||
|
int ret;
|
||||||
|
|
||||||
if (is_selinux_enabled() <= 0)
|
if (is_selinux_enabled() <= 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
for (i = 1; i < nargs; i++) {
|
b.name = name;
|
||||||
char *name = args[i];
|
if (!strcmp(value, "1") || !strcasecmp(value, "true") || !strcasecmp(value, "on"))
|
||||||
v = strchr(name, '=');
|
b.value = 1;
|
||||||
if (!v) {
|
else if (!strcmp(value, "0") || !strcasecmp(value, "false") || !strcasecmp(value, "off"))
|
||||||
ERROR("setsebool: argument %s had no =\n", name);
|
b.value = 0;
|
||||||
return -EINVAL;
|
else {
|
||||||
}
|
ERROR("setsebool: invalid value %s\n", value);
|
||||||
*v++ = 0;
|
return -EINVAL;
|
||||||
b[i-1].name = name;
|
|
||||||
if (!strcmp(v, "1") || !strcasecmp(v, "true") || !strcasecmp(v, "on"))
|
|
||||||
b[i-1].value = 1;
|
|
||||||
else if (!strcmp(v, "0") || !strcasecmp(v, "false") || !strcasecmp(v, "off"))
|
|
||||||
b[i-1].value = 0;
|
|
||||||
else {
|
|
||||||
ERROR("setsebool: invalid value %s\n", v);
|
|
||||||
return -EINVAL;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (security_set_boolean_list(nargs - 1, b, 0) < 0)
|
if (security_set_boolean_list(1, &b, 0) < 0) {
|
||||||
return -errno;
|
ret = -errno;
|
||||||
|
ERROR("setsebool: could not set %s to %s\n", name, value);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -78,7 +78,7 @@ enum {
|
||||||
KEYWORD(setkey, COMMAND, 0, do_setkey)
|
KEYWORD(setkey, COMMAND, 0, do_setkey)
|
||||||
KEYWORD(setprop, COMMAND, 2, do_setprop)
|
KEYWORD(setprop, COMMAND, 2, do_setprop)
|
||||||
KEYWORD(setrlimit, COMMAND, 3, do_setrlimit)
|
KEYWORD(setrlimit, COMMAND, 3, do_setrlimit)
|
||||||
KEYWORD(setsebool, COMMAND, 1, do_setsebool)
|
KEYWORD(setsebool, COMMAND, 2, do_setsebool)
|
||||||
KEYWORD(socket, OPTION, 0, 0)
|
KEYWORD(socket, OPTION, 0, 0)
|
||||||
KEYWORD(start, COMMAND, 1, do_start)
|
KEYWORD(start, COMMAND, 1, do_start)
|
||||||
KEYWORD(stop, COMMAND, 1, do_stop)
|
KEYWORD(stop, COMMAND, 1, do_stop)
|
||||||
|
|
|
||||||
|
|
@ -213,7 +213,7 @@ setprop <name> <value>
|
||||||
setrlimit <resource> <cur> <max>
|
setrlimit <resource> <cur> <max>
|
||||||
Set the rlimit for a resource.
|
Set the rlimit for a resource.
|
||||||
|
|
||||||
setsebool <name>=<value>
|
setsebool <name> <value>
|
||||||
Set SELinux boolean <name> to <value>.
|
Set SELinux boolean <name> to <value>.
|
||||||
<value> may be 1|true|on or 0|false|off
|
<value> may be 1|true|on or 0|false|off
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -9,35 +9,26 @@
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
|
|
||||||
static int do_setsebool(int nargs, char **args) {
|
static int do_setsebool(int nargs, char **args) {
|
||||||
SELboolean *b = alloca(nargs * sizeof(SELboolean));
|
const char *name = args[1];
|
||||||
char *v;
|
const char *value = args[2];
|
||||||
int i;
|
SELboolean b;
|
||||||
|
|
||||||
if (is_selinux_enabled() <= 0)
|
if (is_selinux_enabled() <= 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
for (i = 1; i < nargs; i++) {
|
b.name = name;
|
||||||
char *name = args[i];
|
if (!strcmp(value, "1") || !strcasecmp(value, "true") || !strcasecmp(value, "on"))
|
||||||
v = strchr(name, '=');
|
b.value = 1;
|
||||||
if (!v) {
|
else if (!strcmp(value, "0") || !strcasecmp(value, "false") || !strcasecmp(value, "off"))
|
||||||
fprintf(stderr, "setsebool: argument %s had no =\n", name);
|
b.value = 0;
|
||||||
return -1;
|
else {
|
||||||
}
|
fprintf(stderr, "setsebool: invalid value %s\n", value);
|
||||||
*v++ = 0;
|
return -1;
|
||||||
b[i-1].name = name;
|
|
||||||
if (!strcmp(v, "1") || !strcasecmp(v, "true") || !strcasecmp(v, "on"))
|
|
||||||
b[i-1].value = 1;
|
|
||||||
else if (!strcmp(v, "0") || !strcasecmp(v, "false") || !strcasecmp(v, "off"))
|
|
||||||
b[i-1].value = 0;
|
|
||||||
else {
|
|
||||||
fprintf(stderr, "setsebool: invalid value %s\n", v);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (security_set_boolean_list(nargs - 1, b, 0) < 0)
|
if (security_set_boolean_list(1, &b, 0) < 0)
|
||||||
{
|
{
|
||||||
fprintf(stderr, "setsebool: unable to set booleans: %s", strerror(errno));
|
fprintf(stderr, "setsebool: could not set %s to %s: %s", name, value, strerror(errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -46,8 +37,8 @@ static int do_setsebool(int nargs, char **args) {
|
||||||
|
|
||||||
int setsebool_main(int argc, char **argv)
|
int setsebool_main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
if (argc < 2) {
|
if (argc != 3) {
|
||||||
fprintf(stderr, "Usage: %s name=value...\n", argv[0]);
|
fprintf(stderr, "Usage: %s name value\n", argv[0]);
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue