diff options
Diffstat (limited to 'selinux')
| -rw-r--r-- | selinux/chcon.c | 41 | ||||
| -rw-r--r-- | selinux/runcon.c | 22 |
2 files changed, 14 insertions, 49 deletions
diff --git a/selinux/chcon.c b/selinux/chcon.c index ae87fb554..3cf9e928a 100644 --- a/selinux/chcon.c +++ b/selinux/chcon.c | |||
| @@ -13,11 +13,6 @@ | |||
| 13 | //config: depends on SELINUX | 13 | //config: depends on SELINUX |
| 14 | //config: help | 14 | //config: help |
| 15 | //config: Enable support to change the security context of file. | 15 | //config: Enable support to change the security context of file. |
| 16 | //config: | ||
| 17 | //config:config FEATURE_CHCON_LONG_OPTIONS | ||
| 18 | //config: bool "Enable long options" | ||
| 19 | //config: default y | ||
| 20 | //config: depends on CHCON && LONG_OPTS | ||
| 21 | 16 | ||
| 22 | //applet:IF_CHCON(APPLET(chcon, BB_DIR_USR_BIN, BB_SUID_DROP)) | 17 | //applet:IF_CHCON(APPLET(chcon, BB_DIR_USR_BIN, BB_SUID_DROP)) |
| 23 | 18 | ||
| @@ -26,34 +21,22 @@ | |||
| 26 | //usage:#define chcon_trivial_usage | 21 | //usage:#define chcon_trivial_usage |
| 27 | //usage: "[OPTIONS] CONTEXT FILE..." | 22 | //usage: "[OPTIONS] CONTEXT FILE..." |
| 28 | //usage: "\n chcon [OPTIONS] [-u USER] [-r ROLE] [-l RANGE] [-t TYPE] FILE..." | 23 | //usage: "\n chcon [OPTIONS] [-u USER] [-r ROLE] [-l RANGE] [-t TYPE] FILE..." |
| 29 | //usage: IF_FEATURE_CHCON_LONG_OPTIONS( | ||
| 30 | //usage: "\n chcon [OPTIONS] --reference=RFILE FILE..." | 24 | //usage: "\n chcon [OPTIONS] --reference=RFILE FILE..." |
| 31 | //usage: ) | 25 | //usage: |
| 32 | //usage:#define chcon_full_usage "\n\n" | 26 | //usage:#define chcon_full_usage "\n\n" |
| 33 | //usage: "Change the security context of each FILE to CONTEXT\n" | 27 | //usage: "Change the security context of each FILE to CONTEXT\n" |
| 34 | //usage: IF_FEATURE_CHCON_LONG_OPTIONS( | ||
| 35 | //usage: "\n -v,--verbose Verbose" | ||
| 36 | //usage: "\n -c,--changes Report changes made" | ||
| 37 | //usage: "\n -h,--no-dereference Affect symlinks instead of their targets" | ||
| 38 | //usage: "\n -f,--silent,--quiet Suppress most error messages" | ||
| 39 | //usage: "\n --reference RFILE Use RFILE's group instead of using a CONTEXT value" | ||
| 40 | //usage: "\n -u,--user USER Set user/role/type/range in the target" | ||
| 41 | //usage: "\n -r,--role ROLE security context" | ||
| 42 | //usage: "\n -t,--type TYPE" | ||
| 43 | //usage: "\n -l,--range RANGE" | ||
| 44 | //usage: "\n -R,--recursive Recurse" | ||
| 45 | //usage: ) | ||
| 46 | //usage: IF_NOT_FEATURE_CHCON_LONG_OPTIONS( | ||
| 47 | //usage: "\n -v Verbose" | 28 | //usage: "\n -v Verbose" |
| 48 | //usage: "\n -c Report changes made" | 29 | //usage: "\n -c Report changes made" |
| 49 | //usage: "\n -h Affect symlinks instead of their targets" | 30 | //usage: "\n -h Affect symlinks instead of their targets" |
| 50 | //usage: "\n -f Suppress most error messages" | 31 | //usage: "\n -f Suppress most error messages" |
| 32 | //usage: IF_LONG_OPTS( | ||
| 33 | //usage: "\n --reference RFILE Use RFILE's group instead of using a CONTEXT value" | ||
| 34 | //usage: ) | ||
| 51 | //usage: "\n -u USER Set user/role/type/range in the target security context" | 35 | //usage: "\n -u USER Set user/role/type/range in the target security context" |
| 52 | //usage: "\n -r ROLE" | 36 | //usage: "\n -r ROLE" |
| 53 | //usage: "\n -t TYPE" | 37 | //usage: "\n -t TYPE" |
| 54 | //usage: "\n -l RNG" | 38 | //usage: "\n -l RNG" |
| 55 | //usage: "\n -R Recurse" | 39 | //usage: "\n -R Recurse" |
| 56 | //usage: ) | ||
| 57 | 40 | ||
| 58 | #include <selinux/context.h> | 41 | #include <selinux/context.h> |
| 59 | 42 | ||
| @@ -68,7 +51,7 @@ | |||
| 68 | #define OPT_TYPE (1<<6) /* 't' */ | 51 | #define OPT_TYPE (1<<6) /* 't' */ |
| 69 | #define OPT_RANGE (1<<7) /* 'l' */ | 52 | #define OPT_RANGE (1<<7) /* 'l' */ |
| 70 | #define OPT_VERBOSE (1<<8) /* 'v' */ | 53 | #define OPT_VERBOSE (1<<8) /* 'v' */ |
| 71 | #define OPT_REFERENCE ((1<<9) * ENABLE_FEATURE_CHCON_LONG_OPTIONS) | 54 | #define OPT_REFERENCE ((1<<9) * ENABLE_LONG_OPTS) |
| 72 | #define OPT_COMPONENT_SPECIFIED (OPT_USER | OPT_ROLE | OPT_TYPE | OPT_RANGE) | 55 | #define OPT_COMPONENT_SPECIFIED (OPT_USER | OPT_ROLE | OPT_TYPE | OPT_RANGE) |
| 73 | 56 | ||
| 74 | static char *user = NULL; | 57 | static char *user = NULL; |
| @@ -157,7 +140,7 @@ skip: | |||
| 157 | return rc; | 140 | return rc; |
| 158 | } | 141 | } |
| 159 | 142 | ||
| 160 | #if ENABLE_FEATURE_CHCON_LONG_OPTIONS | 143 | #if ENABLE_LONG_OPTS |
| 161 | static const char chcon_longopts[] ALIGN1 = | 144 | static const char chcon_longopts[] ALIGN1 = |
| 162 | "recursive\0" No_argument "R" | 145 | "recursive\0" No_argument "R" |
| 163 | "changes\0" No_argument "c" | 146 | "changes\0" No_argument "c" |
| @@ -180,20 +163,18 @@ int chcon_main(int argc UNUSED_PARAM, char **argv) | |||
| 180 | char *fname; | 163 | char *fname; |
| 181 | int i, errors = 0; | 164 | int i, errors = 0; |
| 182 | 165 | ||
| 183 | #if ENABLE_FEATURE_CHCON_LONG_OPTIONS | ||
| 184 | applet_long_options = chcon_longopts; | ||
| 185 | #endif | ||
| 186 | opt_complementary = "-1" /* at least 1 param */ | 166 | opt_complementary = "-1" /* at least 1 param */ |
| 187 | ":?" /* error if exclusivity constraints are violated */ | 167 | ":?" /* error if exclusivity constraints are violated */ |
| 188 | #if ENABLE_FEATURE_CHCON_LONG_OPTIONS | 168 | #if ENABLE_LONG_OPTS |
| 189 | ":\xff--urtl:u--\xff:r--\xff:t--\xff:l--\xff" | 169 | ":\xff--urtl:u--\xff:r--\xff:t--\xff:l--\xff" |
| 190 | #endif | 170 | #endif |
| 191 | ":f--v:v--f"; /* 'verbose' and 'quiet' are exclusive */ | 171 | ":f--v:v--f"; /* 'verbose' and 'quiet' are exclusive */ |
| 192 | getopt32(argv, "Rchfu:r:t:l:v", | 172 | getopt32long(argv, "Rchfu:r:t:l:v", chcon_longopts, |
| 193 | &user, &role, &type, &range, &reference_file); | 173 | &user, &role, &type, &range, &reference_file |
| 174 | ); | ||
| 194 | argv += optind; | 175 | argv += optind; |
| 195 | 176 | ||
| 196 | #if ENABLE_FEATURE_CHCON_LONG_OPTIONS | 177 | #if ENABLE_LONG_OPTS |
| 197 | if (option_mask32 & OPT_REFERENCE) { | 178 | if (option_mask32 & OPT_REFERENCE) { |
| 198 | /* FIXME: lgetfilecon() should be used when '-h' is specified. | 179 | /* FIXME: lgetfilecon() should be used when '-h' is specified. |
| 199 | * But current implementation follows the original one. */ | 180 | * But current implementation follows the original one. */ |
diff --git a/selinux/runcon.c b/selinux/runcon.c index 09082d6c2..199da25c6 100644 --- a/selinux/runcon.c +++ b/selinux/runcon.c | |||
| @@ -34,11 +34,6 @@ | |||
| 34 | //config: depends on SELINUX | 34 | //config: depends on SELINUX |
| 35 | //config: help | 35 | //config: help |
| 36 | //config: Enable support to run command in specified security context. | 36 | //config: Enable support to run command in specified security context. |
| 37 | //config: | ||
| 38 | //config:config FEATURE_RUNCON_LONG_OPTIONS | ||
| 39 | //config: bool "Enable long options" | ||
| 40 | //config: default y | ||
| 41 | //config: depends on RUNCON && LONG_OPTS | ||
| 42 | 37 | ||
| 43 | //applet:IF_RUNCON(APPLET(runcon, BB_DIR_USR_BIN, BB_SUID_DROP)) | 38 | //applet:IF_RUNCON(APPLET(runcon, BB_DIR_USR_BIN, BB_SUID_DROP)) |
| 44 | 39 | ||
| @@ -50,20 +45,11 @@ | |||
| 50 | //usage:#define runcon_full_usage "\n\n" | 45 | //usage:#define runcon_full_usage "\n\n" |
| 51 | //usage: "Run PROG in a different security context\n" | 46 | //usage: "Run PROG in a different security context\n" |
| 52 | //usage: "\n CONTEXT Complete security context\n" | 47 | //usage: "\n CONTEXT Complete security context\n" |
| 53 | //usage: IF_FEATURE_RUNCON_LONG_OPTIONS( | ||
| 54 | //usage: "\n -c,--compute Compute process transition context before modifying" | ||
| 55 | //usage: "\n -t,--type TYPE Type (for same role as parent)" | ||
| 56 | //usage: "\n -u,--user USER User identity" | ||
| 57 | //usage: "\n -r,--role ROLE Role" | ||
| 58 | //usage: "\n -l,--range RNG Levelrange" | ||
| 59 | //usage: ) | ||
| 60 | //usage: IF_NOT_FEATURE_RUNCON_LONG_OPTIONS( | ||
| 61 | //usage: "\n -c Compute process transition context before modifying" | 48 | //usage: "\n -c Compute process transition context before modifying" |
| 62 | //usage: "\n -t TYPE Type (for same role as parent)" | 49 | //usage: "\n -t TYPE Type (for same role as parent)" |
| 63 | //usage: "\n -u USER User identity" | 50 | //usage: "\n -u USER User identity" |
| 64 | //usage: "\n -r ROLE Role" | 51 | //usage: "\n -r ROLE Role" |
| 65 | //usage: "\n -l RNG Levelrange" | 52 | //usage: "\n -l RNG Levelrange" |
| 66 | //usage: ) | ||
| 67 | 53 | ||
| 68 | #include <selinux/context.h> | 54 | #include <selinux/context.h> |
| 69 | /* from deprecated <selinux/flask.h>: */ | 55 | /* from deprecated <selinux/flask.h>: */ |
| @@ -108,7 +94,7 @@ static context_t runcon_compute_new_context(char *user, char *role, char *type, | |||
| 108 | return con; | 94 | return con; |
| 109 | } | 95 | } |
| 110 | 96 | ||
| 111 | #if ENABLE_FEATURE_RUNCON_LONG_OPTIONS | 97 | #if ENABLE_LONG_OPTS |
| 112 | static const char runcon_longopts[] ALIGN1 = | 98 | static const char runcon_longopts[] ALIGN1 = |
| 113 | "user\0" Required_argument "u" | 99 | "user\0" Required_argument "u" |
| 114 | "role\0" Required_argument "r" | 100 | "role\0" Required_argument "r" |
| @@ -140,11 +126,9 @@ int runcon_main(int argc UNUSED_PARAM, char **argv) | |||
| 140 | 126 | ||
| 141 | selinux_or_die(); | 127 | selinux_or_die(); |
| 142 | 128 | ||
| 143 | #if ENABLE_FEATURE_RUNCON_LONG_OPTIONS | ||
| 144 | applet_long_options = runcon_longopts; | ||
| 145 | #endif | ||
| 146 | opt_complementary = "-1"; | 129 | opt_complementary = "-1"; |
| 147 | opts = getopt32(argv, "r:t:u:l:ch", &role, &type, &user, &range); | 130 | opts = getopt32long(argv, "r:t:u:l:ch", runcon_longopts, |
| 131 | &role, &type, &user, &range); | ||
| 148 | argv += optind; | 132 | argv += optind; |
| 149 | 133 | ||
| 150 | if (!(opts & OPTS_CONTEXT_COMPONENT)) { | 134 | if (!(opts & OPTS_CONTEXT_COMPONENT)) { |