diff options
author | Elliott Hughes <enh@google.com> | 2015-04-07 14:07:46 -0700 |
---|---|---|
committer | Rob Landley <rob@landley.net> | 2015-04-10 20:47:40 -0500 |
commit | e398112bdf7f4ced9388bb814697e35144e4a1a5 (patch) | |
tree | 599fbbe1604894a269c62d6e816d0a5010377ae3 /toys/android | |
parent | 6425277b218ceea473baf453e3bfc632a0f518d9 (diff) | |
download | toybox-e398112bdf7f4ced9388bb814697e35144e4a1a5.tar.gz |
Implement Android restorecon.
On Android, much of the restorecon logic is in libselinux, so this
isn't portable. We do want to be able to build on the host for
testing *other* toys, though, so #if keeps this building.
Change-Id: Ida5a6713a926140c549d5770d62798f4aedca748
Diffstat (limited to 'toys/android')
-rw-r--r-- | toys/android/restorecon.c | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/toys/android/restorecon.c b/toys/android/restorecon.c new file mode 100644 index 00000000..5ea6b3f9 --- /dev/null +++ b/toys/android/restorecon.c @@ -0,0 +1,47 @@ +/* restorecon.c - Restore default security contexts for files + * + * Copyright 2015 The Android Open Source Project + +USE_RESTORECON(NEWTOY(restorecon, "<1DFnRrv", TOYFLAG_USR|TOYFLAG_SBIN)) + +config RESTORECON + bool "restorecon" + depends on TOYBOX_SELINUX + default y + help + usage: restorecon [-D] [-F] [-R] [-n] [-v] FILE... + + Restores the default security contexts for the given files. + + -D apply to /data/data too + -F force reset + -R recurse into directories + -n don't make any changes; useful with -v to see what would change + -v verbose: show any changes +*/ + +#define FOR_restorecon +#include "toys.h" + +#if defined(__ANDROID__) +#include <selinux/android.h> +#endif + +void restorecon_main(void) +{ +#if defined(__ANDROID__) + char **s; + int flags = 0; + + if (toys.optflags & FLAG_D) flags |= SELINUX_ANDROID_RESTORECON_DATADATA; + if (toys.optflags & FLAG_F) flags |= SELINUX_ANDROID_RESTORECON_FORCE; + if (toys.optflags & (FLAG_R|FLAG_r)) + flags |= SELINUX_ANDROID_RESTORECON_RECURSE; + if (toys.optflags & FLAG_n) flags |= SELINUX_ANDROID_RESTORECON_NOCHANGE; + if (toys.optflags & FLAG_v) flags |= SELINUX_ANDROID_RESTORECON_VERBOSE; + + for (s = toys.optargs; *s; s++) + if (selinux_android_restorecon(*s, flags) < 0) + perror_msg("restorecon failed: %s", *s); +#endif +} |