summaryrefslogtreecommitdiff
path: root/release/src/router/busybox/selinux/getenforce.c
diff options
context:
space:
mode:
Diffstat (limited to 'release/src/router/busybox/selinux/getenforce.c')
-rw-r--r--release/src/router/busybox/selinux/getenforce.c35
1 files changed, 35 insertions, 0 deletions
diff --git a/release/src/router/busybox/selinux/getenforce.c b/release/src/router/busybox/selinux/getenforce.c
new file mode 100644
index 00000000..3d3eef14
--- /dev/null
+++ b/release/src/router/busybox/selinux/getenforce.c
@@ -0,0 +1,35 @@
+/*
+ * getenforce
+ *
+ * Based on libselinux 1.33.1
+ * Port to BusyBox Hiroshi Shinji <shiroshi@my.email.ne.jp>
+ *
+ * Licensed under GPLv2, see file LICENSE in this tarball for details.
+ */
+
+#include "libbb.h"
+
+int getenforce_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
+int getenforce_main(int argc UNUSED_PARAM, char **argv UNUSED_PARAM)
+{
+ int rc;
+
+ rc = is_selinux_enabled();
+ if (rc < 0)
+ bb_error_msg_and_die("is_selinux_enabled() failed");
+
+ if (rc == 1) {
+ rc = security_getenforce();
+ if (rc < 0)
+ bb_error_msg_and_die("getenforce() failed");
+
+ if (rc)
+ puts("Enforcing");
+ else
+ puts("Permissive");
+ } else {
+ puts("Disabled");
+ }
+
+ return 0;
+}