/* * libbb/selinux_common.c * -- common SELinux utility functions * * Copyright 2007 KaiGai Kohei <kaigai@kaigai.gr.jp> */ #include "libbb.h" #include <selinux/context.h> context_t set_security_context_component(security_context_t cur_context, char *user, char *role, char *type, char *range) { context_t con = context_new(cur_context); if (!con) return NULL; if (user && context_user_set(con, user)) goto error; if (type && context_type_set(con, type)) goto error; if (range && context_range_set(con, range)) goto error; if (role && context_role_set(con, role)) goto error; return con; error: context_free(con); return NULL; } void setfscreatecon_or_die(security_context_t scontext) { if (setfscreatecon(scontext) < 0) { /* Can be NULL. All known printf implementations * display "(null)", "<null>" etc */ bb_perror_msg_and_die("cannot set default " "file creation context to %s", scontext); } } void selinux_preserve_fcontext(int fdesc) { security_context_t context; if (fgetfilecon(fdesc, &context) < 0) { if (errno == ENODATA || errno == ENOTSUP) return; bb_perror_msg_and_die("fgetfilecon failed"); } setfscreatecon_or_die(context); freecon(context); }