getenforce.c 1.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748
  1. /*
  2. * getenforce
  3. *
  4. * Based on libselinux 1.33.1
  5. * Port to BusyBox Hiroshi Shinji <shiroshi@my.email.ne.jp>
  6. *
  7. * Licensed under GPLv2, see file LICENSE in this source tree.
  8. */
  9. //config:config GETENFORCE
  10. //config: bool "getenforce"
  11. //config: default n
  12. //config: depends on SELINUX
  13. //config: help
  14. //config: Enable support to get the current mode of SELinux.
  15. //applet:IF_GETENFORCE(APPLET(getenforce, BB_DIR_USR_SBIN, BB_SUID_DROP))
  16. //kbuild:lib-$(CONFIG_GETENFORCE) += getenforce.o
  17. //usage:#define getenforce_trivial_usage NOUSAGE_STR
  18. //usage:#define getenforce_full_usage ""
  19. #include "libbb.h"
  20. int getenforce_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
  21. int getenforce_main(int argc UNUSED_PARAM, char **argv UNUSED_PARAM)
  22. {
  23. int rc;
  24. rc = is_selinux_enabled();
  25. if (rc < 0)
  26. bb_error_msg_and_die("is_selinux_enabled() failed");
  27. if (rc == 1) {
  28. rc = security_getenforce();
  29. if (rc < 0)
  30. bb_error_msg_and_die("getenforce() failed");
  31. if (rc)
  32. puts("Enforcing");
  33. else
  34. puts("Permissive");
  35. } else {
  36. puts("Disabled");
  37. }
  38. return 0;
  39. }