blob: 8d18abd29fef05614037010fb5f9f69d5fa93b55
1 | /* |
2 | * setenforce |
3 | * |
4 | * Based on libselinux 1.33.1 |
5 | * Port to BusyBox Hiroshi Shinji <shiroshi@my.email.ne.jp> |
6 | * |
7 | * Licensed under GPLv2, see file LICENSE in this source tree. |
8 | */ |
9 | //config:config SETENFORCE |
10 | //config: bool "setenforce" |
11 | //config: default n |
12 | //config: depends on SELINUX |
13 | //config: help |
14 | //config: Enable support to modify the mode SELinux is running in. |
15 | |
16 | //applet:IF_SETENFORCE(APPLET(setenforce, BB_DIR_USR_SBIN, BB_SUID_DROP)) |
17 | |
18 | //kbuild:lib-$(CONFIG_SETENFORCE) += setenforce.o |
19 | |
20 | //usage:#define setenforce_trivial_usage |
21 | //usage: "[Enforcing | Permissive | 1 | 0]" |
22 | //usage:#define setenforce_full_usage "" |
23 | |
24 | #include "libbb.h" |
25 | |
26 | /* These strings are arranged so that odd ones |
27 | * result in security_setenforce(1) being done, |
28 | * the rest will do security_setenforce(0) */ |
29 | static const char *const setenforce_cmd[] = { |
30 | "0", |
31 | "1", |
32 | "permissive", |
33 | "enforcing", |
34 | NULL, |
35 | }; |
36 | |
37 | int setenforce_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; |
38 | int setenforce_main(int argc UNUSED_PARAM, char **argv) |
39 | { |
40 | int i, rc; |
41 | |
42 | if (!argv[1] || argv[2]) |
43 | bb_show_usage(); |
44 | |
45 | selinux_or_die(); |
46 | |
47 | for (i = 0; setenforce_cmd[i]; i++) { |
48 | if (strcasecmp(argv[1], setenforce_cmd[i]) != 0) |
49 | continue; |
50 | rc = security_setenforce(i & 1); |
51 | if (rc < 0) |
52 | bb_perror_msg_and_die("setenforce() failed"); |
53 | return 0; |
54 | } |
55 | |
56 | bb_show_usage(); |
57 | } |
58 |