selinux fixes by KaiGai Kohei <kaigai@kaigai.gr.jp>

5 files changed, 11 insertions, 9 deletions

diff --git a/selinux/getenforce.c b/selinux/getenforce.c
index e240e4dca..865fed9f2 100644
--- a/selinux/getenforce.c
+++ b/selinux/getenforce.c
@@ -8,6 +8,7 @@
 
 #include "busybox.h"
 
+int getenforce_main(int argc, char **argv);
 int getenforce_main(int argc, char **argv)
 {
         int rc;
diff --git a/selinux/getsebool.c b/selinux/getsebool.c
index d593937ba..0479598fb 100644
--- a/selinux/getsebool.c
+++ b/selinux/getsebool.c
@@ -8,6 +8,7 @@
 
 #include "busybox.h"
 
+int getsebool_main(int argc, char **argv);
 int getsebool_main(int argc, char **argv)
 {
         int i, rc = 0, active, pending, len = 0;
diff --git a/selinux/matchpathcon.c b/selinux/matchpathcon.c
index 4fa95b0ef..c9ebbd795 100644
--- a/selinux/matchpathcon.c
+++ b/selinux/matchpathcon.c
@@ -29,6 +29,7 @@ static int print_matchpathcon(char *path, int noprint)
 #define OPT_PREFIX      (1<<3)  /* -p */
 #define OPT_VERIFY      (1<<4)  /* -V */
 
+int matchpathcon_main(int argc, char **argv);
 int matchpathcon_main(int argc, char **argv)
 {
         int error = 0;
@@ -41,7 +42,7 @@ int matchpathcon_main(int argc, char **argv)
         argv += optind;
 
         if (opts & OPT_NOT_TRANS) {
-                set_matchpathcon_flags(NOTRANS);
+                set_matchpathcon_flags(MATCHPATHCON_NOTRANS);
         }
         if (opts & OPT_FCONTEXT) {
                 if (matchpathcon_init(fcontext))
@@ -57,7 +58,7 @@ int matchpathcon_main(int argc, char **argv)
                 int rc;
 
                 if (!(opts & OPT_VERIFY)) {
-                        error += print_matchpathcon(path, opt & OPT_NOT_PRINT);
+                        error += print_matchpathcon(path, opts & OPT_NOT_PRINT);
                         continue;
                 }
 
diff --git a/selinux/selinuxenabled.c b/selinux/selinuxenabled.c
index b34228098..400995af0 100644
--- a/selinux/selinuxenabled.c
+++ b/selinux/selinuxenabled.c
@@ -7,6 +7,7 @@
  */
 #include "busybox.h"
 
+int selinuxenabled_main(int argc, char **argv);
 int selinuxenabled_main(int argc, char **argv)
 {
         return !is_selinux_enabled();
diff --git a/selinux/setenforce.c b/selinux/setenforce.c
index 670e30086..9204fcc39 100644
--- a/selinux/setenforce.c
+++ b/selinux/setenforce.c
@@ -8,12 +8,9 @@
 
 #include "busybox.h"
 
-static const smallint setenforce_mode[] = {
-        0,
-        1,
-        0,
-        1,
-};
+/* These strings are arranged so that odd ones
+ * result in security_setenforce(1) being done,
+ * the rest will do security_setenforce(0) */
 static const char *const setenforce_cmd[] = {
         "0",
         "1",
@@ -22,6 +19,7 @@ static const char *const setenforce_cmd[] = {
         NULL,
 };
 
+int setenforce_main(int argc, char **argv);
 int setenforce_main(int argc, char **argv)
 {
         int i, rc;
@@ -34,7 +32,7 @@ int setenforce_main(int argc, char **argv)
         for (i = 0; setenforce_cmd[i]; i++) {
                 if (strcasecmp(argv[1], setenforce_cmd[i]) != 0)
                         continue;
-                rc = security_setenforce(setenforce_mode[i]);
+                rc = security_setenforce(i & 1);
                 if (rc < 0)
                         bb_perror_msg_and_die("setenforce() failed");
                 return 0;