diff options
author | Rob Landley <rob@landley.net> | 2015-03-27 22:03:13 -0500 |
---|---|---|
committer | Rob Landley <rob@landley.net> | 2015-03-27 22:03:13 -0500 |
commit | 32422d1b640617a56688370e3ebf4025bb3cf087 (patch) | |
tree | dca921b840a72fbbf4a87af92d0b0d79fe38af9f /toys/android | |
parent | 960cad18087dd629567b5156331cbb03ef7d28d0 (diff) | |
download | toybox-32422d1b640617a56688370e3ebf4025bb3cf087.tar.gz |
Promote setenforce to android.
Diffstat (limited to 'toys/android')
-rw-r--r-- | toys/android/setenforce.c | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/toys/android/setenforce.c b/toys/android/setenforce.c new file mode 100644 index 00000000..68957465 --- /dev/null +++ b/toys/android/setenforce.c @@ -0,0 +1,32 @@ +/* setenforce.c - Set the current SELinux mode + * + * Copyright 2014 The Android Open Source Project + +USE_SETENFORCE(NEWTOY(setenforce, "<1", TOYFLAG_USR|TOYFLAG_SBIN)) + +config SETENFORCE + bool "setenforce" + default y + depends on TOYBOX_SELINUX + help + usage: setenforce [enforcing|permissive|1|0] + + Sets whether SELinux is enforcing (1) or permissive (0). +*/ + +#define FOR_setenforce +#include "toys.h" + +void setenforce_main(void) +{ + char *new = *toys.optargs; + int state, ret; + + if (!is_selinux_enabled()) error_exit("SELinux is disabled"); + else if (!strcmp(new, "1") || !strcasecmp(new, "enforcing")) state = 1; + else if (!strcmp(new, "0") || !strcasecmp(new, "permissive")) state = 0; + else error_exit("Invalid state: %s", new); + + ret = security_setenforce(state); + if (ret == -1) perror_msg("Couldn't set enforcing status to '%s'", new); +} |