113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <stdlib.h> 313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <stdio.h> 413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <assert.h> 513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <string.h> 713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define xstreq(x, y) !strcmp(x, y) 913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 1013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <err.h> 1113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 1213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <getopt.h> 1313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <sys/types.h> 1413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <unistd.h> 1513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <selinux/selinux.h> 1613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <selinux/context.h> 1713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 1813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define TRUE 1 1913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define FALSE 0 2013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 2113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define SECON_CONF_PROG_NAME "secon" /* default program name */ 220faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore#define SECON_OPTS_SM "hVurtscmPRCfLp" /* small options available, print */ 230faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore#define SECON_OPTS_GO "hVurtlscmPRCf:L:p:" /* small options available, getopt */ 2413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 2513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define OPTS_FROM_ARG 0 2613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define OPTS_FROM_FILE 1 2713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define OPTS_FROM_LINK 2 2813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define OPTS_FROM_STDIN 3 2913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define OPTS_FROM_CUR 4 3013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define OPTS_FROM_CUREXE 5 3113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define OPTS_FROM_CURFS 6 3213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define OPTS_FROM_CURKEY 7 3313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define OPTS_FROM_PROC 8 3413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define OPTS_FROM_PROCEXE 9 3513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define OPTS_FROM_PROCFS 10 3613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#define OPTS_FROM_PROCKEY 11 3713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 380faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moorestruct context_color_t { 390faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore unsigned int valid; 400faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 410faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore char *user_fg; 420faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore char *user_bg; 430faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore char *role_fg; 440faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore char *role_bg; 450faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore char *type_fg; 460faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore char *type_bg; 470faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore char *range_fg; 480faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore char *range_bg; 490faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore}; 500faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 5113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlestruct { 5213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle unsigned int disp_user:1; 5313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle unsigned int disp_role:1; 5413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle unsigned int disp_type:1; 5513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle unsigned int disp_sen:1; 5613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle unsigned int disp_clr:1; 5713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle unsigned int disp_mlsr:1; 5813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 5913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle unsigned int disp_raw:1; 600faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore unsigned int disp_color:1; 6113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 6213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle unsigned int disp_prompt:1; /* no return, use : to sep */ 6313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 6413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle unsigned int from_type:8; /* 16 bits, uses 4 bits */ 6513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 6613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle union { 6713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle pid_t pid; 6813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle const char *file; 6913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle const char *link; 7013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle const char *arg; 7113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } f; 7213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} opts[1] = { { 7313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle FALSE, FALSE, FALSE, FALSE, FALSE, FALSE, 740faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore FALSE, FALSE, FALSE, OPTS_FROM_ARG, {0} } }; 7513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 76cd20f9c257e7e86fde2259f698677c914c35cfeeNicolas Ioossstatic __attribute__((__noreturn__)) void usage(const char *name, int exit_code) 7713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 7813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle fprintf(exit_code ? stderr : stdout, 7913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Usage: %s [-%s] [ context | - ]\n" 800fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --help -h Show this message.\n" 810fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --version -V Show the version.\n" 820fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --prompt -P Output in a format good for a prompt.\n" 830fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --user -u Show the user of the context.\n" 840fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --role -r Show the role of the context.\n" 850fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --type -t Show the type of the context.\n" 860fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --sensitivity -s Show the sensitivity level of the context.\n" 870fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --clearance -c Show the clearance level of the context.\n" 880fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --mls-range -m Show the sensitivity to clearance range of \n" 890fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " the context.\n" 900fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --raw -R Show the context in \"raw\" format.\n" 910fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --color -C Output using ANSI color codes (requires -P).\n" 920fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --current, --self Get the context for the current process.\n" 930fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --current-exec, --self-exec Get the exec context for the current process.\n" 940fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --current-fs, --self-fs Get the fs context for the current process.\n" 950fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --current-key, --self-key Get the key context for the current process.\n" 960fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --parent Get the context for the parent process.\n" 970fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --parent-exec Get the exec context for the parent process.\n" 980fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --parent-fs Get the fs context for the parent process.\n" 990fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --parent-key Get the key context for the parent process.\n" 1000fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --pid -p <arg> Use the context from the specified pid.\n" 1010fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --pid-exec <arg> Use the exec context from the specified pid.\n" 1020fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --pid-fs <arg> Use the fs context from the specified pid.\n" 1030fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --pid-key <arg> Use the key context from the specified pid.\n" 1040fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --file -f <arg> Use the context from the specified file.\n" 1050fc39ca4f7de50eb03a5955a819f545133c9f328Lukas Vrabec " --link -L <arg> Use the context from the specified link.\n", 10613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle name, SECON_OPTS_SM); 10713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 10813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle exit(exit_code); 10913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 11013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 11113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlestatic const char *opt_program_name(const char *argv0, const char *def) 11213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 11313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (argv0) { 11413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if ((def = strrchr(argv0, '/'))) 11513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ++def; 11613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle else 11713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle def = argv0; 11813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 11913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle /* hack for libtool */ 12013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if ((strlen(def) > strlen("lt-")) 12113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle && !memcmp("lt-", def, strlen("lt-"))) 12213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle def += 3; 12313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 12413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 12513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return (def); 12613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 12713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 12813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlestatic int disp_num(void) 12913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 13013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle int num = 0; 13113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 13213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle num += opts->disp_user; 13313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle num += opts->disp_role; 13413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle num += opts->disp_type; 13513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle num += opts->disp_sen; 13613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle num += opts->disp_clr; 13713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle num += opts->disp_mlsr; 13813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 13913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return (num); 14013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 14113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 14213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlestatic int disp_none(void) 14313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 14413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return (!disp_num()); 14513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 14613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 14713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlestatic int disp_multi(void) 14813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 14913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return (disp_num() > 1); 15013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 15113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 15213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlestatic void cmd_line(int argc, char *argv[]) 15313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 15413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle int optchar = 0; 15513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle const char *program_name = NULL; 15613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle struct option long_options[] = { 15713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"help", no_argument, NULL, 'h'}, 15813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"version", no_argument, NULL, 'V'}, 15913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 16013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"prompt", no_argument, NULL, 'P'}, 16113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 16213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"user", no_argument, NULL, 'u'}, 16313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"role", no_argument, NULL, 'r'}, 16413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"type", no_argument, NULL, 't'}, 16513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"level", no_argument, NULL, 'l'}, /* compat. */ 16613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"sensitivity", no_argument, NULL, 's'}, 16713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"range", no_argument, NULL, 'm'}, 16813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"clearance", no_argument, NULL, 'c'}, 16913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"mls-range", no_argument, NULL, 'm'}, 17013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 17113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"raw", no_argument, NULL, 'R'}, 1720faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore {"color", no_argument, NULL, 'C'}, 17313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 17413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"current", no_argument, NULL, 1}, 17513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"self", no_argument, NULL, 1}, 17613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"current-exec", no_argument, NULL, 2}, 17713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"self-exec", no_argument, NULL, 2}, 17813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"current-fs", no_argument, NULL, 3}, 17913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"self-fs", no_argument, NULL, 3}, 18013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"current-key", no_argument, NULL, 4}, 18113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"self-key", no_argument, NULL, 4}, 18213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 18313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"parent", no_argument, NULL, 5}, 18413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"parent-exec", no_argument, NULL, 6}, 18513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"parent-fs", no_argument, NULL, 7}, 18613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"parent-key", no_argument, NULL, 8}, 18713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 18813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"file", required_argument, NULL, 'f'}, 18913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"link", required_argument, NULL, 'L'}, 19013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"pid", required_argument, NULL, 'p'}, 19113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"pid-exec", required_argument, NULL, 9}, 19213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"pid-fs", required_argument, NULL, 10}, 19313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {"pid-key", required_argument, NULL, 11}, 19413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 19513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle {NULL, 0, NULL, 0} 19613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle }; 19713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle int done = FALSE; 19813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 19913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle program_name = opt_program_name(argv[0], SECON_CONF_PROG_NAME); 20013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 20113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle while ((optchar = getopt_long(argc, argv, SECON_OPTS_GO, 20213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle long_options, NULL)) != -1) { 20313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle switch (optchar) { 20413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case '?': 20513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle usage(program_name, EXIT_FAILURE); 20613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 'h': 20713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle usage(program_name, EXIT_SUCCESS); 20813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 'V': 20913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle fprintf(stdout, 21013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " %s version %s.\n", program_name, VERSION); 21113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle exit(EXIT_SUCCESS); 21213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 21313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 'u': 21413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle done = TRUE; 21513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_user = !opts->disp_user; 21613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 21713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 'r': 21813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle done = TRUE; 21913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_role = !opts->disp_role; 22013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 22113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 't': 22213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle done = TRUE; 22313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_type = !opts->disp_type; 22413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 22513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 'l': 22613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle done = TRUE; 22713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_sen = !opts->disp_sen; 22813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 22913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 's': 23013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle done = TRUE; 23113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_sen = !opts->disp_sen; 23213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 23313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 'c': 23413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle done = TRUE; 23513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_clr = !opts->disp_clr; 23613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 23713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 'm': 23813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle done = TRUE; 23913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_mlsr = !opts->disp_mlsr; 24013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 24113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 24213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 'P': 24313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_prompt = !opts->disp_prompt; 24413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 24513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 24613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 'R': 24713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_raw = !opts->disp_raw; 24813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 2490faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore case 'C': 2500faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore opts->disp_color = !opts->disp_color; 2510faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore break; 25213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 1: 25313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_CUR; 25413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 25513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 2: 25613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_CUREXE; 25713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 25813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 3: 25913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_CURFS; 26013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 26113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 4: 26213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_CURKEY; 26313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 26413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 26513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 5: 26613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_PROC; 26713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.pid = getppid(); 26813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 26913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 6: 27013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_PROCEXE; 27113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.pid = getppid(); 27213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 27313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 7: 27413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_PROCFS; 27513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.pid = getppid(); 27613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 27713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 8: 27813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_PROCKEY; 27913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.pid = getppid(); 28013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 28113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 28213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 'f': 28313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_FILE; 28413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.file = optarg; 28513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 28613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 'L': 28713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_LINK; 28813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.link = optarg; 28913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 29013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 'p': 29113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_PROC; 29213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.pid = atoi(optarg); 29313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 29413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 9: 29513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_PROCEXE; 29613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.pid = atoi(optarg); 29713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 29813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 10: 29913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_PROCFS; 30013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.pid = atoi(optarg); 30113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 30213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case 11: 30313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_PROCKEY; 30413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.pid = atoi(optarg); 30513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 30613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 30713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle default: 30813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle assert(FALSE); 30913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 31013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 31113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 31213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!done) { /* defualt, if nothing specified */ 31313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_user = TRUE; 31413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_role = TRUE; 31513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_type = TRUE; 31613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!opts->disp_prompt) { /* when displaying prompt, just output "normal" by default */ 31713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_sen = TRUE; 31813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_clr = TRUE; 31913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 32013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->disp_mlsr = TRUE; 32113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 32213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 32313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (disp_none()) 32413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, " Nothing to display"); 32513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 32613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle argc -= optind; 32713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle argv += optind; 32813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 32913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!argc && (opts->from_type == OPTS_FROM_ARG) 33013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle && !isatty(STDIN_FILENO)) 33113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_STDIN; 33213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!argc && (opts->from_type == OPTS_FROM_ARG)) 33313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_CUR; 33413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 33513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (opts->from_type == OPTS_FROM_ARG) { 33613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.arg = argv[0]; 33713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 33813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (xstreq(argv[0], "-")) 33913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_STDIN; 34013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } else if (!is_selinux_enabled()) 34113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle errx(EXIT_FAILURE, "SELinux is not enabled"); 34213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 34313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 34413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlestatic int my_getXcon_raw(pid_t pid, security_context_t * con, const char *val) 34513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 34613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle char buf[4096]; 34713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle FILE *fp = NULL; 34813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle const char *ptr = NULL; 34913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 35013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle snprintf(buf, sizeof(buf), "%s/%ld/attr/%s", "/proc", (long int)pid, 35113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle val); 35213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 35313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!(fp = fopen(buf, "rb"))) 35413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return (-1); 35513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 35613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ptr = fgets(buf, sizeof(buf), fp); 35713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 35813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle fclose(fp); 35913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 36013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle *con = NULL; 36113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (ptr) { /* return *con = NULL, when proc file is empty */ 36213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle char *tmp = strchr(ptr, '\n'); 36313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 36413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (tmp) 36513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle *tmp = 0; 36613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 36713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (*ptr && !(*con = strdup(ptr))) 36813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return (-1); 36913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 37013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 37113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return (0); 37213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 37313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 37413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlestatic int my_getpidexeccon_raw(pid_t pid, security_context_t * con) 37513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 37613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return (my_getXcon_raw(pid, con, "exec")); 37713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 37813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlestatic int my_getpidfscreatecon_raw(pid_t pid, security_context_t * con) 37913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 38013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return (my_getXcon_raw(pid, con, "fscreate")); 38113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 38213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlestatic int my_getpidkeycreatecon_raw(pid_t pid, security_context_t * con) 38313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 38413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return (my_getXcon_raw(pid, con, "keycreate")); 38513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 38613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 38713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlestatic security_context_t get_scon(void) 38813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 38913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle static char dummy_NIL[1] = ""; 3900faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore security_context_t con = NULL, con_tmp; 39113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle int ret = -1; 39213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 39313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle switch (opts->from_type) { 39413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case OPTS_FROM_ARG: 3950faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (!(con_tmp = strdup(opts->f.arg))) 39613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 39713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't allocate security context"); 3980faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (selinux_trans_to_raw_context(con_tmp, &con) < 0) 3990faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore err(EXIT_FAILURE, 4000faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore " Couldn't translate security context"); 4010faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore freecon(con_tmp); 40213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 40313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 40413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case OPTS_FROM_STDIN: 40513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle { 40613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle char buf[4096] = ""; 40713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle char *ptr = buf; 40813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 40913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle while (!*ptr) { 41013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!(ptr = fgets(buf, sizeof(buf), stdin))) 41113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 41213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't read security context"); 41313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 41413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ptr += strspn(ptr, " \n\t"); 41513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ptr[strcspn(ptr, " \n\t")] = 0; 41613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 41713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 4180faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (!(con_tmp = strdup(ptr))) 41913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 42013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't allocate security context"); 4210faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (selinux_trans_to_raw_context(con_tmp, &con) < 0) 4220faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore err(EXIT_FAILURE, 4230faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore " Couldn't translate security context"); 4240faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore freecon(con_tmp); 42513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 42613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 42713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 42813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case OPTS_FROM_CUR: 42913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ret = getcon_raw(&con); 43013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 43113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (ret == -1) 43213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 43313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't get current security context"); 43413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 43513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case OPTS_FROM_CUREXE: 43613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ret = getexeccon_raw(&con); 43713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 43813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (ret == -1) 43913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 44013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't get current exec security context"); 44113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 44213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!con) 44313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle con = strdup(dummy_NIL); 44413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 44513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case OPTS_FROM_CURFS: 44613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ret = getfscreatecon_raw(&con); 44713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 44813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (ret == -1) 44913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 45013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't get current fs security context"); 45113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 45213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!con) 45313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle con = strdup(dummy_NIL); 45413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 45513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case OPTS_FROM_CURKEY: 45613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ret = getkeycreatecon_raw(&con); 45713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 45813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (ret == -1) 45913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 46013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't get current key security context"); 46113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 46213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!con) 46313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle con = strdup(dummy_NIL); 46413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 46513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 46613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case OPTS_FROM_PROC: 46713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ret = getpidcon_raw(opts->f.pid, &con); 46813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 46913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (ret == -1) 47013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 47113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't get security context for pid %lu", 47213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle (unsigned long)opts->f.pid); 47313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 47413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case OPTS_FROM_PROCEXE: 47513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ret = my_getpidexeccon_raw(opts->f.pid, &con); 47613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 47713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (ret == -1) 47813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 47913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't get security context for pid %lu", 48013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle (unsigned long)opts->f.pid); 48113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 48213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!con) 48313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle con = strdup(dummy_NIL); 48413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 48513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case OPTS_FROM_PROCFS: 48613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ret = my_getpidfscreatecon_raw(opts->f.pid, &con); 48713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 48813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (ret == -1) 48913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 49013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't get security context for pid %lu", 49113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle (unsigned long)opts->f.pid); 49213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 49313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!con) 49413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle con = strdup(dummy_NIL); 49513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle /* disabled -- override with normal context ... 49613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle { 49713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->from_type = OPTS_FROM_PROC; 49813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return (get_scon()); 49913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } */ 50013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 50113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case OPTS_FROM_PROCKEY: 50213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ret = my_getpidkeycreatecon_raw(opts->f.pid, &con); 50313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 50413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (ret == -1) 50513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 50613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't get security context for pid %lu", 50713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle (unsigned long)opts->f.pid); 50813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 50913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!con) 51013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle con = strdup(dummy_NIL); 51113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 51213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 51313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case OPTS_FROM_FILE: 51413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ret = getfilecon_raw(opts->f.file, &con); 51513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 51613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (ret == -1) 51713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 51813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't get security context for file %s", 51913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.file); 52013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 52113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 52213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle case OPTS_FROM_LINK: 52313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ret = lgetfilecon_raw(opts->f.link, &con); 52413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 52513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (ret == -1) 52613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle err(EXIT_FAILURE, 52713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle " Couldn't get security context for symlink %s", 52813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle opts->f.link); 52913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle break; 53013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 53113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle default: 53213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle assert(FALSE); 53313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 53413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 5350faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore return (con); 5360faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore} 53713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 5380faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moorestatic unsigned int disp__color_to_ansi(const char *color_str) 5390faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore{ 5400faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore int val = 30; 54113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 5420faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore /* NOTE: ansi black is 30 for foreground colors */ 54313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 5440faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore /* red */ 5450faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (strncasecmp(&color_str[1], "7f", 2) >= 0) 5460faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore val += 1; 5470faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore /* green */ 5480faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (strncasecmp(&color_str[3], "7f", 2) >= 0) 5490faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore val += 2; 5500faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore /* blue */ 5510faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (strncasecmp(&color_str[5], "7f", 2) >= 0) 5520faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore val += 4; 5530faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 5540faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore return val; 55513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 55613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 5570faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moorestatic char *disp__con_color_ansi(const char *name, 5580faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore struct context_color_t *color) 5590faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore{ 5600faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore unsigned int fg, bg; 5610faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore char *ansi; 5620faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore int ansi_len = strlen("\e[99;99m") + 1; 5630faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 5640faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore /* NOTE: ansi background codes are the same as foreground codes +10 */ 5650faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 5660faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (xstreq("user", name)) { 5670faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore fg = disp__color_to_ansi(color->user_fg); 5680faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore bg = disp__color_to_ansi(color->user_bg) + 10; 5690faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore } else if (xstreq("role", name)) { 5700faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore fg = disp__color_to_ansi(color->role_fg); 5710faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore bg = disp__color_to_ansi(color->role_bg) + 10; 5720faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore } else if (xstreq("type", name)) { 5730faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore fg = disp__color_to_ansi(color->type_fg); 5740faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore bg = disp__color_to_ansi(color->type_bg) + 10; 5750faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore } else if (xstreq("sensitivity", name) || 5760faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore xstreq("clearance", name) || 5770faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore xstreq("mls-range", name)) { 5780faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore fg = disp__color_to_ansi(color->range_fg); 5790faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore bg = disp__color_to_ansi(color->range_bg) + 10; 5800faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore } else 5810faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore err(EXIT_FAILURE, " No color information for context field"); 5820faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 5830faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (!(ansi = malloc(ansi_len))) 5840faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore err(EXIT_FAILURE, " Unable to allocate memory"); 5850faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (snprintf(ansi, ansi_len, "\e[%d;%dm", fg, bg) > ansi_len) 5860faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore err(EXIT_FAILURE, " Unable to convert colors to ANSI codes"); 5870faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 5880faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore return ansi; 5890faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore} 5900faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 5910faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moorestatic void disp__con_val(const char *name, const char *val, 5920faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore struct context_color_t *color) 59313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 59413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle static int done = FALSE; 59513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 59613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle assert(name); 5970faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore assert(color); 59813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 59913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!val) 60013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle val = ""; /* targeted has no "level" etc., 60113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle any errors should happen at context_new() time */ 60213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 60313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (opts->disp_prompt) { 60413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (xstreq("mls-range", name) && !*val) 60513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return; /* skip, mls-range if it's empty */ 60613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 6070faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (opts->disp_color && color->valid) { 6080faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore char *ansi = disp__con_color_ansi(name, color); 6090faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore fprintf(stdout, "%s", ansi); 6100faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore free(ansi); 6110faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore } 61213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle fprintf(stdout, "%s%s", done ? ":" : "", val); 6130faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (opts->disp_color && color->valid) 6140faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore fprintf(stdout, "\e[0m"); 61513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } else if (disp_multi()) 61613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle fprintf(stdout, "%s: %s\n", name, val); 61713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle else 61813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle fprintf(stdout, "%s\n", val); 61913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 62013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle done = TRUE; 62113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 62213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 6230faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moorestatic void disp_con(security_context_t scon_raw) 62413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 6250faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore security_context_t scon_trans, scon; 62613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle context_t con = NULL; 6270faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore char *color_str = NULL; 6280faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore struct context_color_t color = { .valid = 0 }; 6290faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 6300faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore selinux_raw_to_trans_context(scon_raw, &scon_trans); 6310faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (opts->disp_raw) 6320faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore scon = scon_raw; 6330faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore else 6340faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore scon = scon_trans; 63513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 63613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!*scon) { /* --self-exec and --self-fs etc. */ 63713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (opts->disp_user) 6380faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("user", NULL, &color); 63913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (opts->disp_role) 6400faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("role", NULL, &color); 64113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (opts->disp_type) 6420faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("type", NULL, &color); 64313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (opts->disp_sen) 6440faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("sensitivity", NULL, &color); 64513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (opts->disp_clr) 6460faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("clearance", NULL, &color); 64713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (opts->disp_mlsr) 6480faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("mls-range", NULL, &color); 64913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return; 65013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 65113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 6520faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (opts->disp_color) { 6530faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (selinux_raw_context_to_color(scon_raw, &color_str) < 0) 6540faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore errx(EXIT_FAILURE, "Couldn't determine colors for: %s", 6550faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore scon); 6560faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 6570faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore color.user_fg = strtok(color_str, " "); 6580faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (!color.user_fg) 6590faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore errx(EXIT_FAILURE, "Invalid color string"); 6600faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore color.user_bg = strtok(NULL, " "); 6610faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (!color.user_bg) 6620faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore errx(EXIT_FAILURE, "Invalid color string"); 6630faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 6640faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore color.role_fg = strtok(NULL, " "); 6650faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (!color.role_fg) 6660faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore errx(EXIT_FAILURE, "Invalid color string"); 6670faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore color.role_bg = strtok(NULL, " "); 6680faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (!color.role_bg) 6690faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore errx(EXIT_FAILURE, "Invalid color string"); 6700faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 6710faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore color.type_fg = strtok(NULL, " "); 6720faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (!color.type_fg) 6730faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore errx(EXIT_FAILURE, "Invalid color string"); 6740faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore color.type_bg = strtok(NULL, " "); 6750faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (!color.type_bg) 6760faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore errx(EXIT_FAILURE, "Invalid color string"); 6770faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 6780faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore color.range_fg = strtok(NULL, " "); 6790faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (!color.range_fg) 6800faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore errx(EXIT_FAILURE, "Invalid color string"); 6810faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore color.range_bg = strtok(NULL, " "); 6820faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 6830faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore color.valid = 1; 6840faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore }; 6850faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore 68613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!(con = context_new(scon))) 68713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle errx(EXIT_FAILURE, "Couldn't create context from: %s", scon); 68813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 6890faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (opts->disp_user) { 6900faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("user", context_user_get(con), &color); 6910faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore } 6920faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (opts->disp_role) { 6930faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("role", context_role_get(con), &color); 6940faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore } 6950faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (opts->disp_type) { 6960faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("type", context_type_get(con), &color); 6970faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore } 69813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (opts->disp_sen) { 69913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle const char *val = NULL; 70013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle char *tmp = NULL; 70113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 70213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle val = context_range_get(con); 70313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!val) 70413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle val = ""; /* targeted has no "level" etc., 70513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle any errors should happen at context_new() time */ 70613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 70713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle tmp = strdup(val); 70813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!tmp) 70913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle errx(EXIT_FAILURE, "Couldn't create context from: %s", 71013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle scon); 71113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (strchr(tmp, '-')) 71213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle *strchr(tmp, '-') = 0; 71313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 7140faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("sensitivity", tmp, &color); 71513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 71613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle free(tmp); 71713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 71813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (opts->disp_clr) { 71913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle const char *val = NULL; 72013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle char *tmp = NULL; 72113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 72213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle val = context_range_get(con); 72313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!val) 72413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle val = ""; /* targeted has no "level" etc., 72513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle any errors should happen at context_new() time */ 72613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 72713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle tmp = strdup(val); 72813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!tmp) 72913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle errx(EXIT_FAILURE, "Couldn't create context from: %s", 73013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle scon); 73113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (strchr(tmp, '-')) 7320faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("clearance", strchr(tmp, '-') + 1, &color); 73313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle else 7340faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("clearance", tmp, &color); 73513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 73613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle free(tmp); 73713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 73813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 73913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (opts->disp_mlsr) 7400faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp__con_val("mls-range", context_range_get(con), &color); 74113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 74213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle context_free(con); 7430faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore freecon(scon_trans); 7440faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore if (color_str) 7450faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore free(color_str); 74613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 74713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 74813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleint main(int argc, char *argv[]) 74913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 7500faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore security_context_t scon_raw = NULL; 75113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 75213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle cmd_line(argc, argv); 75313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 7540faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore scon_raw = get_scon(); 75513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 7560faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore disp_con(scon_raw); 75713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 7580faee34ebd804a49a79eb3e9b7e67ac9741cfa64Paul Moore freecon(scon_raw); 75913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 76013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle exit(EXIT_SUCCESS); 76113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 762