getsebool.c revision 8290d1083ec7eee3f32265012f5d6be2774c4afc
18290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley#include <unistd.h> 28290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley#include <stdlib.h> 38290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley#include <stdio.h> 48290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley#include <getopt.h> 58290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley#include <errno.h> 68290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley#include <string.h> 78290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley#include <selinux/selinux.h> 88290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley 98290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalleystatic void usage(const char *progname) 108290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley{ 118290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley fprintf(stderr, "usage: %s -a or %s boolean...\n", progname, progname); 128290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley exit(1); 138290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley} 148290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley 158290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalleyint getsebool_main(int argc, char **argv) 168290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley{ 178290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley int i, get_all = 0, rc = 0, active, pending, len = 0, opt; 188290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley char **names; 198290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley 208290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley while ((opt = getopt(argc, argv, "a")) > 0) { 218290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley switch (opt) { 228290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley case 'a': 238290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (argc > 2) 248290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley usage(argv[0]); 258290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (is_selinux_enabled() <= 0) { 268290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley fprintf(stderr, "%s: SELinux is disabled\n", 278290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley argv[0]); 288290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley return 1; 298290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 308290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley errno = 0; 318290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley rc = security_get_boolean_names(&names, &len); 328290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (rc) { 338290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley fprintf(stderr, 348290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley "%s: Unable to get boolean names: %s\n", 358290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley argv[0], strerror(errno)); 368290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley return 1; 378290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 388290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (!len) { 398290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley printf("No booleans\n"); 408290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley return 0; 418290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 428290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley get_all = 1; 438290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley break; 448290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley default: 458290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley usage(argv[0]); 468290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 478290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 488290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley 498290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (is_selinux_enabled() <= 0) { 508290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley fprintf(stderr, "%s: SELinux is disabled\n", argv[0]); 518290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley return 1; 528290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 538290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (!len) { 548290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (argc < 2) 558290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley usage(argv[0]); 568290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley len = argc - 1; 578290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley names = malloc(sizeof(char *) * len); 588290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (!names) { 598290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley fprintf(stderr, "%s: out of memory\n", argv[0]); 608290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley return 2; 618290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 628290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley for (i = 0; i < len; i++) { 638290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley names[i] = strdup(argv[i + 1]); 648290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (!names[i]) { 658290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley fprintf(stderr, "%s: out of memory\n", 668290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley argv[0]); 678290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley return 2; 688290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 698290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 708290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 718290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley 728290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley for (i = 0; i < len; i++) { 738290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley active = security_get_boolean_active(names[i]); 748290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (active < 0) { 758290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (get_all && errno == EACCES) 768290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley continue; 778290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley fprintf(stderr, "Error getting active value for %s\n", 788290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley names[i]); 798290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley rc = -1; 808290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley goto out; 818290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 828290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley pending = security_get_boolean_pending(names[i]); 838290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (pending < 0) { 848290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley fprintf(stderr, "Error getting pending value for %s\n", 858290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley names[i]); 868290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley rc = -1; 878290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley goto out; 888290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 898290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley if (pending != active) { 908290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley printf("%s --> %s pending: %s\n", names[i], 918290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley (active ? "on" : "off"), 928290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley (pending ? "on" : "off")); 938290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } else { 948290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley printf("%s --> %s\n", names[i], 958290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley (active ? "on" : "off")); 968290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 978290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley } 988290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley 998290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalleyout: 1008290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley for (i = 0; i < len; i++) 1018290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley free(names[i]); 1028290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley free(names); 1038290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley return rc; 1048290d1083ec7eee3f32265012f5d6be2774c4afcStephen Smalley} 105