-
Notifications
You must be signed in to change notification settings - Fork 0
/
selinux.c
39 lines (34 loc) · 916 Bytes
/
selinux.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
#include "contain.h"
#include <selinux/selinux.h>
#include <argp.h>
#include <err.h>
#include <errno.h>
static struct argp_option selinux_options[] = {
{"context", 'c', "context", 0, "Set SELinux context", 0},
{NULL, 0, 0, 0, NULL, 0 },
};
static security_context_t context;
static bool set_context = false;
static error_t parse_selinux_opt(int key, char *arg, struct argp_state *state)
{
switch(key) {
case 'c':
if (security_get_initial_context(arg, &context) == -1)
argp_failure(state, 1, errno,
"Failed to create selinux context");
set_context = true;
break;
default:
return ARGP_ERR_UNKNOWN;
}
return 0;
}
struct argp selinux_argp = {
selinux_options, parse_selinux_opt, "", "SELinux flags", 0, 0, 0 };
int do_selinux(void)
{
if (set_context)
if (setexeccon(context) == -1)
err(1, "Unable to set the SELinux exec context");
return 0;
}