Mercurial > hg > toybox
annotate toys/android/setenforce.c @ 1764:276664aa5ced draft
Promote setenforce to android.
| author | Rob Landley <rob@landley.net> |
|---|---|
| date | Fri, 27 Mar 2015 22:03:13 -0500 |
| parents | toys/pending/setenforce.c@61166a30ae47 |
| children |
| rev | line source |
|---|---|
| 1625 | 1 /* setenforce.c - Set the current SELinux mode |
| 2 * | |
| 3 * Copyright 2014 The Android Open Source Project | |
| 4 | |
| 5 USE_SETENFORCE(NEWTOY(setenforce, "<1", TOYFLAG_USR|TOYFLAG_SBIN)) | |
| 6 | |
| 7 config SETENFORCE | |
| 8 bool "setenforce" | |
|
1764
276664aa5ced
Promote setenforce to android.
Rob Landley <rob@landley.net>
parents:
1763
diff
changeset
|
9 default y |
| 1763 | 10 depends on TOYBOX_SELINUX |
| 1625 | 11 help |
| 12 usage: setenforce [enforcing|permissive|1|0] | |
| 13 | |
| 14 Sets whether SELinux is enforcing (1) or permissive (0). | |
| 15 */ | |
| 16 | |
| 17 #define FOR_setenforce | |
| 18 #include "toys.h" | |
| 19 | |
| 20 void setenforce_main(void) | |
| 21 { | |
| 1763 | 22 char *new = *toys.optargs; |
| 23 int state, ret; | |
| 1625 | 24 |
| 1763 | 25 if (!is_selinux_enabled()) error_exit("SELinux is disabled"); |
| 26 else if (!strcmp(new, "1") || !strcasecmp(new, "enforcing")) state = 1; | |
| 27 else if (!strcmp(new, "0") || !strcasecmp(new, "permissive")) state = 0; | |
| 28 else error_exit("Invalid state: %s", new); | |
| 29 | |
| 30 ret = security_setenforce(state); | |
| 31 if (ret == -1) perror_msg("Couldn't set enforcing status to '%s'", new); | |
| 1625 | 32 } |