Denis Vlasenko | 1203c9b | 2007-03-11 22:16:02 +0000 | [diff] [blame] | 1 | /* |
| 2 | * libbb/selinux_common.c |
| 3 | * -- common SELinux utility functions |
Denis Vlasenko | c86e052 | 2007-03-20 11:30:28 +0000 | [diff] [blame] | 4 | * |
Denis Vlasenko | 1203c9b | 2007-03-11 22:16:02 +0000 | [diff] [blame] | 5 | * Copyright 2007 KaiGai Kohei <kaigai@kaigai.gr.jp> |
Denis Vlasenko | db12d1d | 2008-12-07 00:52:58 +0000 | [diff] [blame] | 6 | * |
Denys Vlasenko | 0ef64bd | 2010-08-16 20:14:46 +0200 | [diff] [blame] | 7 | * Licensed under GPLv2, see file LICENSE in this source tree. |
Denis Vlasenko | 1203c9b | 2007-03-11 22:16:02 +0000 | [diff] [blame] | 8 | */ |
Denis Vlasenko | b6adbf1 | 2007-05-26 19:00:18 +0000 | [diff] [blame] | 9 | #include "libbb.h" |
Denis Vlasenko | 1203c9b | 2007-03-11 22:16:02 +0000 | [diff] [blame] | 10 | #include <selinux/context.h> |
| 11 | |
Denis Vlasenko | defc1ea | 2008-06-27 02:52:20 +0000 | [diff] [blame] | 12 | context_t FAST_FUNC set_security_context_component(security_context_t cur_context, |
Denys Vlasenko | 60cb48c | 2013-01-14 15:57:44 +0100 | [diff] [blame] | 13 | char *user, char *role, char *type, char *range) |
Denis Vlasenko | 1203c9b | 2007-03-11 22:16:02 +0000 | [diff] [blame] | 14 | { |
| 15 | context_t con = context_new(cur_context); |
| 16 | if (!con) |
| 17 | return NULL; |
| 18 | |
| 19 | if (user && context_user_set(con, user)) |
| 20 | goto error; |
| 21 | if (type && context_type_set(con, type)) |
| 22 | goto error; |
| 23 | if (range && context_range_set(con, range)) |
| 24 | goto error; |
| 25 | if (role && context_role_set(con, role)) |
| 26 | goto error; |
| 27 | return con; |
| 28 | |
| 29 | error: |
| 30 | context_free(con); |
| 31 | return NULL; |
| 32 | } |
Denis Vlasenko | 39c651e | 2007-03-12 18:22:55 +0000 | [diff] [blame] | 33 | |
Denis Vlasenko | defc1ea | 2008-06-27 02:52:20 +0000 | [diff] [blame] | 34 | void FAST_FUNC setfscreatecon_or_die(security_context_t scontext) |
Denis Vlasenko | 39c651e | 2007-03-12 18:22:55 +0000 | [diff] [blame] | 35 | { |
| 36 | if (setfscreatecon(scontext) < 0) { |
| 37 | /* Can be NULL. All known printf implementations |
| 38 | * display "(null)", "<null>" etc */ |
Denys Vlasenko | 6331cf0 | 2009-11-13 09:08:27 +0100 | [diff] [blame] | 39 | bb_perror_msg_and_die("can't set default " |
Denis Vlasenko | 39c651e | 2007-03-12 18:22:55 +0000 | [diff] [blame] | 40 | "file creation context to %s", scontext); |
| 41 | } |
| 42 | } |
Denis Vlasenko | 2edbc2a | 2007-10-20 02:00:49 +0000 | [diff] [blame] | 43 | |
Denis Vlasenko | defc1ea | 2008-06-27 02:52:20 +0000 | [diff] [blame] | 44 | void FAST_FUNC selinux_preserve_fcontext(int fdesc) |
Denis Vlasenko | 2edbc2a | 2007-10-20 02:00:49 +0000 | [diff] [blame] | 45 | { |
| 46 | security_context_t context; |
| 47 | |
| 48 | if (fgetfilecon(fdesc, &context) < 0) { |
| 49 | if (errno == ENODATA || errno == ENOTSUP) |
| 50 | return; |
| 51 | bb_perror_msg_and_die("fgetfilecon failed"); |
| 52 | } |
| 53 | setfscreatecon_or_die(context); |
| 54 | freecon(context); |
| 55 | } |