File: togglesebool.c

package info (click to toggle)
android-platform-external-libselinux 10.0.0%2Br36-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye
  • size: 34,176 kB
  • sloc: ansic: 147,112; python: 25,790; makefile: 1,930; yacc: 1,389; sh: 1,206; lex: 452; xml: 180
file content (97 lines) | stat: -rw-r--r-- 2,188 bytes parent folder | download | duplicates (8) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <libgen.h>
#include <errno.h>
#include <selinux/selinux.h>
#include <syslog.h>
#include <pwd.h>
#include <string.h>

/* Attempt to rollback the transaction. No need to check error
   codes since this is rolling back something that blew up. */
static __attribute__ ((__noreturn__)) void rollback(int argc, char **argv)
{
	int i;

	for (i = 1; i < argc; i++)
		security_set_boolean(argv[i],
				     security_get_boolean_active(argv[i]));
	exit(1);
}

int main(int argc, char **argv)
{

	int rc, i, commit = 0;

	if (is_selinux_enabled() <= 0) {
		fprintf(stderr, "%s:  SELinux is disabled\n", argv[0]);
		return 1;
	}

	if (argc < 2) {
		printf("Usage:  %s boolname1 [boolname2 ...]\n",
		       basename(argv[0]));
		return 1;
	}

	for (i = 1; i < argc; i++) {
		printf("%s: ", argv[i]);
		rc = security_get_boolean_active(argv[i]);
		switch (rc) {
		case 1:
			if (security_set_boolean(argv[i], 0) >= 0) {
				printf("inactive\n");
				commit++;
			} else {
				printf("%s - rolling back all changes\n",
				       strerror(errno));
				rollback(i, argv);
			}
			break;
		case 0:
			if (security_set_boolean(argv[i], 1) >= 0) {
				printf("active\n");
				commit++;
			} else {
				printf("%s - rolling back all changes\n",
				       strerror(errno));
				rollback(i, argv);
			}
			break;
		default:
			if (errno == ENOENT)
				printf
				    ("Boolean does not exist - rolling back all changes.\n");
			else
				printf("%s - rolling back all changes.\n",
				       strerror(errno));
			rollback(i, argv);
			break;	/* Not reached. */
		}
	}

	if (commit > 0) {
		if (security_commit_booleans() < 0) {
			printf("Commit failed. (%s)  No change to booleans.\n",
			       strerror(errno));
		} else {
			/* syslog all the changes */
			struct passwd *pwd = getpwuid(getuid());
			for (i = 1; i < argc; i++) {
				if (pwd && pwd->pw_name)
					syslog(LOG_NOTICE,
					       "The %s policy boolean was toggled by %s",
					       argv[i], pwd->pw_name);
				else
					syslog(LOG_NOTICE,
					       "The %s policy boolean was toggled by uid:%u",
					       argv[i], getuid());

			}
			return 0;
		}
	}
	return 1;
}