1bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes/* restorecon.c - Restore default security contexts for files 2bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes * 3bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes * Copyright 2015 The Android Open Source Project 4bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes 5bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott HughesUSE_RESTORECON(NEWTOY(restorecon, "<1DFnRrv", TOYFLAG_USR|TOYFLAG_SBIN)) 6bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes 7bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughesconfig RESTORECON 8bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes bool "restorecon" 9bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes depends on TOYBOX_SELINUX 10bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes default y 11bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes help 12bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes usage: restorecon [-D] [-F] [-R] [-n] [-v] FILE... 13bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes 14bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes Restores the default security contexts for the given files. 15bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes 16bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes -D apply to /data/data too 17bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes -F force reset 18bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes -R recurse into directories 19bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes -n don't make any changes; useful with -v to see what would change 20bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes -v verbose: show any changes 21bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes*/ 22bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes 23bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes#define FOR_restorecon 24bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes#include "toys.h" 25bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes 26bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes#if defined(__ANDROID__) 27bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes#include <selinux/android.h> 28bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes#endif 29bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes 30bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughesvoid restorecon_main(void) 31bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes{ 32bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes#if defined(__ANDROID__) 33bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes char **s; 34bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes int flags = 0; 35bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes 36bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes if (toys.optflags & FLAG_D) flags |= SELINUX_ANDROID_RESTORECON_DATADATA; 37bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes if (toys.optflags & FLAG_F) flags |= SELINUX_ANDROID_RESTORECON_FORCE; 38bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes if (toys.optflags & (FLAG_R|FLAG_r)) 39bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes flags |= SELINUX_ANDROID_RESTORECON_RECURSE; 40bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes if (toys.optflags & FLAG_n) flags |= SELINUX_ANDROID_RESTORECON_NOCHANGE; 41bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes if (toys.optflags & FLAG_v) flags |= SELINUX_ANDROID_RESTORECON_VERBOSE; 42bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes 43bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes for (s = toys.optargs; *s; s++) 44bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes if (selinux_android_restorecon(*s, flags) < 0) 45bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes perror_msg("restorecon failed: %s", *s); 46bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes#endif 47bbf0ba1ec7e2348d9f72265bac1f3faef867bffeElliott Hughes} 48