From 8c6c6e955b4a73b8a2cac8c0d277bc109b329908 Mon Sep 17 00:00:00 2001 From: Denis Vlasenko Date: Wed, 7 Feb 2007 22:08:42 +0000 Subject: selinux fixes by KaiGai Kohei --- selinux/getenforce.c | 1 + selinux/getsebool.c | 1 + selinux/matchpathcon.c | 5 +++-- selinux/selinuxenabled.c | 1 + selinux/setenforce.c | 12 +++++------- 5 files changed, 11 insertions(+), 9 deletions(-) (limited to 'selinux') diff --git a/selinux/getenforce.c b/selinux/getenforce.c index e240e4d..865fed9 100644 --- a/selinux/getenforce.c +++ b/selinux/getenforce.c @@ -8,6 +8,7 @@ #include "busybox.h" +int getenforce_main(int argc, char **argv); int getenforce_main(int argc, char **argv) { int rc; diff --git a/selinux/getsebool.c b/selinux/getsebool.c index d593937..0479598 100644 --- a/selinux/getsebool.c +++ b/selinux/getsebool.c @@ -8,6 +8,7 @@ #include "busybox.h" +int getsebool_main(int argc, char **argv); int getsebool_main(int argc, char **argv) { int i, rc = 0, active, pending, len = 0; diff --git a/selinux/matchpathcon.c b/selinux/matchpathcon.c index 4fa95b0..c9ebbd7 100644 --- a/selinux/matchpathcon.c +++ b/selinux/matchpathcon.c @@ -29,6 +29,7 @@ static int print_matchpathcon(char *path, int noprint) #define OPT_PREFIX (1<<3) /* -p */ #define OPT_VERIFY (1<<4) /* -V */ +int matchpathcon_main(int argc, char **argv); int matchpathcon_main(int argc, char **argv) { int error = 0; @@ -41,7 +42,7 @@ int matchpathcon_main(int argc, char **argv) argv += optind; if (opts & OPT_NOT_TRANS) { - set_matchpathcon_flags(NOTRANS); + set_matchpathcon_flags(MATCHPATHCON_NOTRANS); } if (opts & OPT_FCONTEXT) { if (matchpathcon_init(fcontext)) @@ -57,7 +58,7 @@ int matchpathcon_main(int argc, char **argv) int rc; if (!(opts & OPT_VERIFY)) { - error += print_matchpathcon(path, opt & OPT_NOT_PRINT); + error += print_matchpathcon(path, opts & OPT_NOT_PRINT); continue; } diff --git a/selinux/selinuxenabled.c b/selinux/selinuxenabled.c index b342280..400995a 100644 --- a/selinux/selinuxenabled.c +++ b/selinux/selinuxenabled.c @@ -7,6 +7,7 @@ */ #include "busybox.h" +int selinuxenabled_main(int argc, char **argv); int selinuxenabled_main(int argc, char **argv) { return !is_selinux_enabled(); diff --git a/selinux/setenforce.c b/selinux/setenforce.c index 670e300..9204fcc 100644 --- a/selinux/setenforce.c +++ b/selinux/setenforce.c @@ -8,12 +8,9 @@ #include "busybox.h" -static const smallint setenforce_mode[] = { - 0, - 1, - 0, - 1, -}; +/* These strings are arranged so that odd ones + * result in security_setenforce(1) being done, + * the rest will do security_setenforce(0) */ static const char *const setenforce_cmd[] = { "0", "1", @@ -22,6 +19,7 @@ static const char *const setenforce_cmd[] = { NULL, }; +int setenforce_main(int argc, char **argv); int setenforce_main(int argc, char **argv) { int i, rc; @@ -34,7 +32,7 @@ int setenforce_main(int argc, char **argv) for (i = 0; setenforce_cmd[i]; i++) { if (strcasecmp(argv[1], setenforce_cmd[i]) != 0) continue; - rc = security_setenforce(setenforce_mode[i]); + rc = security_setenforce(i & 1); if (rc < 0) bb_perror_msg_and_die("setenforce() failed"); return 0; -- cgit v1.1