1#include <unistd.h>
2#include <stdlib.h>
3#include <stdio.h>
4#include <errno.h>
5#include <getopt.h>
6#include <string.h>
7#include <selinux/selinux.h>
8#include <sepol/sepol.h>
9#ifdef USE_NLS
10#include <locale.h>		/* for setlocale() */
11#include <libintl.h>		/* for gettext() */
12#define _(msgid) gettext (msgid)
13#else
14#define _(msgid) (msgid)
15#endif
16#ifndef PACKAGE
17#define PACKAGE "policycoreutils"	/* the name of this package lang translation */
18#endif
19
20void usage(char *progname)
21{
22	fprintf(stderr, _("usage:  %s [-qi]\n"), progname);
23	exit(1);
24}
25
26int main(int argc, char **argv)
27{
28	int ret, opt, quiet = 0, nargs, init=0, enforce=0;
29
30#ifdef USE_NLS
31	setlocale(LC_ALL, "");
32	bindtextdomain(PACKAGE, LOCALEDIR);
33	textdomain(PACKAGE);
34#endif
35
36	while ((opt = getopt(argc, argv, "bqi")) > 0) {
37		switch (opt) {
38		case 'b':
39			fprintf(stderr, "%s:  Warning! The -b option is no longer supported, booleans are always preserved across reloads.  Continuing...\n",
40				argv[0]);
41			break;
42		case 'q':
43			quiet = 1;
44			sepol_debug(0);
45			break;
46		case 'i':
47			init = 1;
48			break;
49		default:
50			usage(argv[0]);
51		}
52	}
53
54	nargs = argc - optind;
55	if (nargs > 2)
56		usage(argv[0]);
57	if (nargs >= 1 && !quiet) {
58			fprintf(stderr,
59				"%s:  Warning!  Policy file argument (%s) is no longer supported, installed policy is always loaded.  Continuing...\n",
60				argv[0], argv[optind++]);
61	}
62	if (nargs == 2 && ! quiet) {
63		fprintf(stderr,
64			"%s:  Warning!  Boolean file argument (%s) is no longer supported, installed booleans file is always used.  Continuing...\n",
65			argv[0], argv[optind++]);
66	}
67	if (init) {
68		if (is_selinux_enabled() == 1) {
69			/* SELinux is already enabled, we should not do an initial load again */
70			fprintf(stderr,
71					_("%s:  Policy is already loaded and initial load requested\n"),
72					argv[0]);
73			exit(2);
74		}
75		ret = selinux_init_load_policy(&enforce);
76		if (ret != 0 ) {
77			if (enforce > 0) {
78				/* SELinux in enforcing mode but load_policy failed */
79				fprintf(stderr,
80						_("%s:  Can't load policy and enforcing mode requested:  %s\n"),
81						argv[0], strerror(errno));
82				exit(3);
83			}
84		}
85	}
86	else {
87		ret = selinux_mkload_policy(1);
88	}
89	if (ret < 0) {
90		fprintf(stderr, _("%s:  Can't load policy:  %s\n"),
91			argv[0], strerror(errno));
92		exit(2);
93	}
94	exit(0);
95}
96