| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 1 | /* |
| 2 | * libbb/selinux_common.c |
| 3 | * -- common SELinux utility functions |
| 4 | * |
| 5 | * Copyright 2007 KaiGai Kohei <kaigai@kaigai.gr.jp> |
| 6 | * |
| 7 | * Licensed under GPLv2, see file LICENSE in this source tree. |
| 8 | */ |
| 9 | #include "libbb.h" |
| 10 | #include <selinux/context.h> |
| 11 | |
| 12 | context_t FAST_FUNC set_security_context_component(security_context_t cur_context, |
| 13 | char *user, char *role, char *type, char *range) |
| 14 | { |
| 15 | context_t con = context_new(cur_context); |
| 16 | if (!con) |
| 17 | return NULL; |
| 18 | |
| 19 | if (user && context_user_set(con, user)) |
| 20 | goto error; |
| 21 | if (type && context_type_set(con, type)) |
| 22 | goto error; |
| 23 | if (range && context_range_set(con, range)) |
| 24 | goto error; |
| 25 | if (role && context_role_set(con, role)) |
| 26 | goto error; |
| 27 | return con; |
| 28 | |
| 29 | error: |
| 30 | context_free(con); |
| 31 | return NULL; |
| 32 | } |
| 33 | |
| 34 | void FAST_FUNC setfscreatecon_or_die(security_context_t scontext) |
| 35 | { |
| 36 | if (setfscreatecon(scontext) < 0) { |
| 37 | /* Can be NULL. All known printf implementations |
| 38 | * display "(null)", "<null>" etc */ |
| 39 | bb_perror_msg_and_die("can't set default " |
| 40 | "file creation context to %s", scontext); |
| 41 | } |
| 42 | } |
| 43 | |
| 44 | void FAST_FUNC selinux_preserve_fcontext(int fdesc) |
| 45 | { |
| 46 | security_context_t context; |
| 47 | |
| 48 | if (fgetfilecon(fdesc, &context) < 0) { |
| 49 | if (errno == ENODATA || errno == ENOTSUP) |
| 50 | return; |
| 51 | bb_perror_msg_and_die("fgetfilecon failed"); |
| 52 | } |
| 53 | setfscreatecon_or_die(context); |
| 54 | freecon(context); |
| 55 | } |