From d46d3c292e9aff0550f6540ab631d742fe353964 Mon Sep 17 00:00:00 2001 From: Denis Vlasenko Date: Tue, 6 Feb 2007 19:28:50 +0000 Subject: new applets: selinux utils by KaiGai Kohei --- include/applets.h | 5 +++++ include/libbb.h | 1 + include/usage.h | 44 ++++++++++++++++++++++++++++++++++---------- 3 files changed, 40 insertions(+), 10 deletions(-) (limited to 'include') diff --git a/include/applets.h b/include/applets.h index 397a8b789..d1bf0f36b 100644 --- a/include/applets.h +++ b/include/applets.h @@ -133,7 +133,9 @@ USE_FSCK_MINIX(APPLET_ODDNAME(fsck.minix, fsck_minix, _BB_DIR_SBIN, _BB_SUID_NEV USE_FTPGET(APPLET_ODDNAME(ftpget, ftpgetput, _BB_DIR_USR_BIN, _BB_SUID_NEVER,ftpget)) USE_FTPPUT(APPLET_ODDNAME(ftpput, ftpgetput, _BB_DIR_USR_BIN, _BB_SUID_NEVER,ftpput)) USE_FUSER(APPLET(fuser, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) +USE_GETENFORCE(APPLET(getenforce, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) USE_GETOPT(APPLET(getopt, _BB_DIR_BIN, _BB_SUID_NEVER)) +USE_GETSEBOOL(APPLET(getsebool, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) USE_GETTY(APPLET(getty, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_GREP(APPLET(grep, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_GUNZIP(APPLET(gunzip, _BB_DIR_BIN, _BB_SUID_NEVER)) @@ -187,6 +189,7 @@ USE_LS(APPLET(ls, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_LSATTR(APPLET(lsattr, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_LSMOD(APPLET(lsmod, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_UNLZMA(APPLET_ODDNAME(lzmacat, unlzma, _BB_DIR_USR_BIN, _BB_SUID_NEVER, lzmacat)) +USE_MATCHPATHCON(APPLET(matchpathcon, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) USE_MAKEDEVS(APPLET(makedevs, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_MD5SUM(APPLET_ODDNAME(md5sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_NEVER, md5sum)) USE_MDEV(APPLET(mdev, _BB_DIR_SBIN, _BB_SUID_NEVER)) @@ -249,10 +252,12 @@ USE_RUNLEVEL(APPLET(runlevel, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_RUNSV(APPLET(runsv, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_RUNSVDIR(APPLET(runsvdir, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_RX(APPLET(rx, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) +USE_SELINUXENABLED(APPLET(selinuxenabled, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) USE_SED(APPLET(sed, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_SEQ(APPLET(seq, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_SETARCH(APPLET(setarch, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_SETCONSOLE(APPLET(setconsole, _BB_DIR_SBIN, _BB_SUID_NEVER)) +USE_SETENFORCE(APPLET(setenforce, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) USE_SETKEYCODES(APPLET(setkeycodes, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_SETLOGCONS(APPLET(setlogcons, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) USE_SETSID(APPLET(setsid, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) diff --git a/include/libbb.h b/include/libbb.h index babb39ba9..d6f08ff73 100644 --- a/include/libbb.h +++ b/include/libbb.h @@ -592,6 +592,7 @@ extern void run_shell(const char *shell, int loginshell, const char *command, co extern void renew_current_security_context(void); extern void set_current_security_context(security_context_t sid); #endif +extern void selinux_or_die(void); extern int restricted_shell(const char *shell); extern void setup_environment(const char *shell, int loginshell, int changeenv, const struct passwd *pw); extern int correct_password(const struct passwd *pw); diff --git a/include/usage.h b/include/usage.h index 4ba540ccb..17dcf9be9 100644 --- a/include/usage.h +++ b/include/usage.h @@ -1013,6 +1013,9 @@ " -6 When using port/proto only search IPv6 space\n" \ " -SIGNAL When used with -k, this signal will be used to kill" +#define getenforce_trivial_usage +#define getenforce_full_usage + #define getopt_trivial_usage \ "[OPTIONS]..." #define getopt_full_usage \ @@ -1047,6 +1050,11 @@ " esac\n" \ "done\n" +#define getsebool_trivial_usage \ + "-a or getsebool boolean..." +#define getsebool_full_usage \ + " -a Show all SELinux booleans" + #define getty_trivial_usage \ "[OPTIONS]... baud_rate,... line [termtype]" #define getty_full_usage \ @@ -1896,6 +1904,15 @@ "/dev/hda[0-15]\n" #endif +#define matchpathcon_trivial_usage \ + "[-n] [-N] [-f file_contexts_file] [-p prefix] [-V]" +#define matchpathcon_full_usage \ + " -n Do not display path" \ + "\n -N Do not use translations" \ + "\n -f Use alternate file_context file" \ + "\n -p Use prefix to speed translations" \ + "\n -V Verify file context on disk matches defaults" + #define md5sum_trivial_usage \ "[OPTION] [FILEs...]" \ USE_FEATURE_MD5_SHA1_SUM_CHECK("\n or: md5sum [OPTION] -c [FILE]") @@ -2714,6 +2731,9 @@ "$ echo \"foo\" | sed -e 's/f[a-zA-Z]o/bar/g'\n" \ "bar\n" +#define selinuxenabled_trivial_usage +#define selinuxenabled_full_usage + #define seq_trivial_usage \ "[first [increment]] last" #define seq_full_usage \ @@ -2731,6 +2751,10 @@ "\n\nOptions:\n" \ " -r Reset output to /dev/console" +#define setenforce_trivial_usage \ + "[ Enforcing | Permissive | 1 | 0 ]" +#define setenforce_full_usage + #define setkeycodes_trivial_usage \ "SCANCODE KEYCODE ..." #define setkeycodes_full_usage \ @@ -3449,12 +3473,12 @@ #define vconfig_full_usage \ "Create and remove virtual ethernet devices" \ "\n\nOptions:\n" \ - " add [interface-name] [vlan_id]\n" \ - " rem [vlan-name]\n" \ - " set_flag [interface-name] [flag-num] [0 | 1]\n" \ - " set_egress_map [vlan-name] [skb_priority] [vlan_qos]\n" \ - " set_ingress_map [vlan-name] [skb_priority] [vlan_qos]\n" \ - " set_name_type [name-type]" + " add [interface-name] [vlan_id]\n" \ + " rem [vlan-name]\n" \ + " set_flag [interface-name] [flag-num] [0 | 1]\n" \ + " set_egress_map [vlan-name] [skb_priority] [vlan_qos]\n" \ + " set_ingress_map [vlan-name] [skb_priority] [vlan_qos]\n" \ + " set_name_type [name-type]" #define vi_trivial_usage \ "[OPTION] [FILE]..." @@ -3569,9 +3593,9 @@ #define zcip_full_usage \ "Manage a ZeroConf IPv4 link-local address" \ "\n\nOptions:\n" \ - " -f foreground mode\n" \ - " -q quit after address (no daemon)\n" \ - " -r 169.254.x.x request this address first\n" \ - " -v verbose" + " -f Foreground mode\n" \ + " -q Quit after address (no daemon)\n" \ + " -r 169.254.x.x Request this address first\n" \ + " -v Verbose" #endif /* __BB_USAGE_H__ */ -- cgit v1.2.3