File: selinux_check_access.c

package info (click to toggle)
libselinux 2.8-1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster, experimental, sid
  • size: 2,080 kB
  • sloc: ansic: 16,057; makefile: 379; sh: 23
file content (52 lines) | stat: -rw-r--r-- 1,101 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <selinux/selinux.h>

static __attribute__ ((__noreturn__)) void usage(const char *progname)
{
	fprintf(stderr, "usage:  %s [-a auditdata] scon tcon class perm\n"
		"\nWhere:\n\t"
		"-a  Optional information added to audit message.\n",
		progname);
	exit(1);
}

static int cb_auditinfo(void *auditdata,
			__attribute__((unused))security_class_t class,
			char *msgbuf, size_t msgbufsize)
{
	return snprintf(msgbuf, msgbufsize, "%s", (char *)auditdata);
}

int main(int argc, char **argv)
{
	int opt, rc;
	char *audit_msg = NULL;

	while ((opt = getopt(argc, argv, "a:")) != -1) {
		switch (opt) {
		case 'a':
			audit_msg = optarg;
			break;
		default:
			usage(argv[0]);
		}
	}

	if ((argc - optind) != 4)
		usage(argv[0]);

	if (audit_msg)
		selinux_set_callback(SELINUX_CB_AUDIT,
				     (union selinux_callback)cb_auditinfo);

	rc = selinux_check_access(argv[optind], argv[optind + 1],
				  argv[optind + 2], argv[optind + 3],
				  audit_msg);
	if (rc < 0)
		perror("selinux_check_access");

	return rc;
}