diff options
author | Andreas Baumann <mail@andreasbaumann.cc> | 2015-01-03 13:58:15 +0100 |
---|---|---|
committer | Andreas Baumann <mail@andreasbaumann.cc> | 2015-01-03 13:58:15 +0100 |
commit | 4aca87515a5083ae0e31ce3177189fd43b6d05ac (patch) | |
tree | 7b1d9a31393ca090757dc6f0d3859b4fcd93f271 /release/src/router/busybox/libbb/selinux_common.c | |
parent | 008d0be72b2f160382c6e880765e96b64a050c65 (diff) | |
download | tomato-4aca87515a5083ae0e31ce3177189fd43b6d05ac.tar.gz tomato-4aca87515a5083ae0e31ce3177189fd43b6d05ac.tar.bz2 |
patch to Vanilla Tomato 1.28
Diffstat (limited to 'release/src/router/busybox/libbb/selinux_common.c')
-rw-r--r-- | release/src/router/busybox/libbb/selinux_common.c | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/release/src/router/busybox/libbb/selinux_common.c b/release/src/router/busybox/libbb/selinux_common.c new file mode 100644 index 00000000..275a761d --- /dev/null +++ b/release/src/router/busybox/libbb/selinux_common.c @@ -0,0 +1,56 @@ +/* + * libbb/selinux_common.c + * -- common SELinux utility functions + * + * Copyright 2007 KaiGai Kohei <kaigai@kaigai.gr.jp> + * + * Licensed under GPLv2, see file LICENSE in this tarball for details. + */ +#include "libbb.h" +#include <selinux/context.h> + +context_t FAST_FUNC set_security_context_component(security_context_t cur_context, + char *user, char *role, char *type, char *range) +{ + context_t con = context_new(cur_context); + if (!con) + return NULL; + + if (user && context_user_set(con, user)) + goto error; + if (type && context_type_set(con, type)) + goto error; + if (range && context_range_set(con, range)) + goto error; + if (role && context_role_set(con, role)) + goto error; + return con; + +error: + context_free(con); + return NULL; +} + +void FAST_FUNC setfscreatecon_or_die(security_context_t scontext) +{ + if (setfscreatecon(scontext) < 0) { + /* Can be NULL. All known printf implementations + * display "(null)", "<null>" etc */ + bb_perror_msg_and_die("cannot set default " + "file creation context to %s", scontext); + } +} + +void FAST_FUNC selinux_preserve_fcontext(int fdesc) +{ + security_context_t context; + + if (fgetfilecon(fdesc, &context) < 0) { + if (errno == ENODATA || errno == ENOTSUP) + return; + bb_perror_msg_and_die("fgetfilecon failed"); + } + setfscreatecon_or_die(context); + freecon(context); +} + |