Gitiles
Code Review Sign In
gerrit.nordix.org / codeaurora / busybox / f705f3c491047cd005253e829716c1a5671c10ab / . / selinux / setenforce.c
blob: 2267be4511201d7b59b71222e97e7690f908bab2 [file] [log] [blame]
Denis Vlasenkod46d3c22007-02-06 19:28:50 +0000[diff] [blame]1/*
2 * setenforce
3 *
4 * Based on libselinux 1.33.1
5 * Port to BusyBox Hiroshi Shinji <shiroshi@my.email.ne.jp>
6 *
Denys Vlasenko0ef64bd2010-08-16 20:14:46 +0200[diff] [blame]7 * Licensed under GPLv2, see file LICENSE in this source tree.
Denis Vlasenkod46d3c22007-02-06 19:28:50 +0000[diff] [blame]8 */
Denys Vlasenkoa8e52da2016-11-23 18:46:40 +0100[diff] [blame]9//config:config SETENFORCE
Denys Vlasenkoae178ce2017-07-19 14:32:54 +0200[diff] [blame]10//config: bool "setenforce (2.1 kb)"
Denys Vlasenkoa8e52da2016-11-23 18:46:40 +0100[diff] [blame]11//config: default n
12//config: depends on SELINUX
13//config: help
Denys Vlasenko72089cf2017-07-21 09:50:55 +0200[diff] [blame]14//config: Enable support to modify the mode SELinux is running in.
Denys Vlasenkoa8e52da2016-11-23 18:46:40 +0100[diff] [blame]15
16//applet:IF_SETENFORCE(APPLET(setenforce, BB_DIR_USR_SBIN, BB_SUID_DROP))
17
18//kbuild:lib-$(CONFIG_SETENFORCE) += setenforce.o
Denis Vlasenkod46d3c22007-02-06 19:28:50 +0000[diff] [blame]19
Pere Orga5bc8c002011-04-11 03:29:49 +0200[diff] [blame]20//usage:#define setenforce_trivial_usage
21//usage: "[Enforcing | Permissive | 1 | 0]"
22//usage:#define setenforce_full_usage ""
23
Denis Vlasenkob6adbf12007-05-26 19:00:18 +0000[diff] [blame]24#include "libbb.h"
Denis Vlasenkod46d3c22007-02-06 19:28:50 +0000[diff] [blame]25
Denis Vlasenko8c6c6e92007-02-07 22:08:42 +0000[diff] [blame]26/* These strings are arranged so that odd ones
27 * result in security_setenforce(1) being done,
28 * the rest will do security_setenforce(0) */
Denys Vlasenko987be932022-02-06 20:07:12 +0100[diff] [blame]29static const char *const setenforce_cmd[] ALIGN_PTR = {
Denis Vlasenkod46d3c22007-02-06 19:28:50 +0000[diff] [blame]30 "0",
31 "1",
32 "permissive",
33 "enforcing",
34 NULL,
35};
36
Denis Vlasenko9b49a5e2007-10-11 10:05:36 +0000[diff] [blame]37int setenforce_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
Denys Vlasenko2ec91ae2010-01-04 14:15:38 +0100[diff] [blame]38int setenforce_main(int argc UNUSED_PARAM, char **argv)
Denis Vlasenkod46d3c22007-02-06 19:28:50 +0000[diff] [blame]39{
40 int i, rc;
41
Denys Vlasenko2ec91ae2010-01-04 14:15:38 +0100[diff] [blame]42 if (!argv[1] || argv[2])
Denis Vlasenkod46d3c22007-02-06 19:28:50 +0000[diff] [blame]43 bb_show_usage();
44
45 selinux_or_die();
46
47 for (i = 0; setenforce_cmd[i]; i++) {
48 if (strcasecmp(argv[1], setenforce_cmd[i]) != 0)
49 continue;
Denis Vlasenko8c6c6e92007-02-07 22:08:42 +0000[diff] [blame]50 rc = security_setenforce(i & 1);
Denis Vlasenkod46d3c22007-02-06 19:28:50 +0000[diff] [blame]51 if (rc < 0)
James Byrne69374872019-07-02 11:35:03 +0200[diff] [blame]52 bb_simple_perror_msg_and_die("setenforce() failed");
Denis Vlasenkod46d3c22007-02-06 19:28:50 +0000[diff] [blame]53 return 0;
54 }
55
56 bb_show_usage();
57}