setenforce.c 1.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657
  1. /*
  2. * setenforce
  3. *
  4. * Based on libselinux 1.33.1
  5. * Port to BusyBox Hiroshi Shinji <shiroshi@my.email.ne.jp>
  6. *
  7. * Licensed under GPLv2, see file LICENSE in this source tree.
  8. */
  9. //config:config SETENFORCE
  10. //config: bool "setenforce (2.1 kb)"
  11. //config: default n
  12. //config: depends on SELINUX
  13. //config: help
  14. //config: Enable support to modify the mode SELinux is running in.
  15. //applet:IF_SETENFORCE(APPLET(setenforce, BB_DIR_USR_SBIN, BB_SUID_DROP))
  16. //kbuild:lib-$(CONFIG_SETENFORCE) += setenforce.o
  17. //usage:#define setenforce_trivial_usage
  18. //usage: "[Enforcing | Permissive | 1 | 0]"
  19. //usage:#define setenforce_full_usage ""
  20. #include "libbb.h"
  21. /* These strings are arranged so that odd ones
  22. * result in security_setenforce(1) being done,
  23. * the rest will do security_setenforce(0) */
  24. static const char *const setenforce_cmd[] ALIGN_PTR = {
  25. "0",
  26. "1",
  27. "permissive",
  28. "enforcing",
  29. NULL,
  30. };
  31. int setenforce_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
  32. int setenforce_main(int argc UNUSED_PARAM, char **argv)
  33. {
  34. int i, rc;
  35. if (!argv[1] || argv[2])
  36. bb_show_usage();
  37. selinux_or_die();
  38. for (i = 0; setenforce_cmd[i]; i++) {
  39. if (strcasecmp(argv[1], setenforce_cmd[i]) != 0)
  40. continue;
  41. rc = security_setenforce(i & 1);
  42. if (rc < 0)
  43. bb_simple_perror_msg_and_die("setenforce() failed");
  44. return 0;
  45. }
  46. bb_show_usage();
  47. }