1/* 2 * setenforce 3 * 4 * Based on libselinux 1.33.1 5 * Port to BusyBox Hiroshi Shinji <shiroshi@my.email.ne.jp> 6 * 7 * Licensed under GPLv2, see file LICENSE in this source tree. 8 */ 9//config:config SETENFORCE 10//config: bool "setenforce (2.1 kb)" 11//config: default n 12//config: depends on SELINUX 13//config: help 14//config: Enable support to modify the mode SELinux is running in. 15 16//applet:IF_SETENFORCE(APPLET(setenforce, BB_DIR_USR_SBIN, BB_SUID_DROP)) 17 18//kbuild:lib-$(CONFIG_SETENFORCE) += setenforce.o 19 20//usage:#define setenforce_trivial_usage 21//usage: "[Enforcing | Permissive | 1 | 0]" 22//usage:#define setenforce_full_usage "" 23 24#include "libbb.h" 25 26/* These strings are arranged so that odd ones 27 * result in security_setenforce(1) being done, 28 * the rest will do security_setenforce(0) */ 29static const char *const setenforce_cmd[] = { 30 "0", 31 "1", 32 "permissive", 33 "enforcing", 34 NULL, 35}; 36 37int setenforce_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; 38int setenforce_main(int argc UNUSED_PARAM, char **argv) 39{ 40 int i, rc; 41 42 if (!argv[1] || argv[2]) 43 bb_show_usage(); 44 45 selinux_or_die(); 46 47 for (i = 0; setenforce_cmd[i]; i++) { 48 if (strcasecmp(argv[1], setenforce_cmd[i]) != 0) 49 continue; 50 rc = security_setenforce(i & 1); 51 if (rc < 0) 52 bb_simple_perror_msg_and_die("setenforce() failed"); 53 return 0; 54 } 55 56 bb_show_usage(); 57} 58