diff options
| author | Stephen Smalley <sds@tycho.nsa.gov> | 2012-11-28 13:52:12 -0500 |
|---|---|---|
| committer | Ricardo Cerqueira <cyanogenmod@cerqueira.org> | 2013-07-18 20:38:39 +0100 |
| commit | 56ef4f0cca828febcd923833b22c38c3e61b0285 (patch) | |
| tree | a742168d914d631e49ddd714d2f3fc19f276f87d | |
| parent | 0995719a7cf5c1aed43d1d8409de5d432f2a2973 (diff) | |
| download | system_core-56ef4f0cca828febcd923833b22c38c3e61b0285.zip system_core-56ef4f0cca828febcd923833b22c38c3e61b0285.tar.gz system_core-56ef4f0cca828febcd923833b22c38c3e61b0285.tar.bz2 | |
Change setsebool syntax to be consistent with other init built-ins.
Change setsebool syntax from name=value to name value.
This is to make it consistent with setprop and similar commands.
Update both the init built-in command and the toolbox command
for consistency.
Change-Id: I2c8e016ba26731c4a2ad4a49ae3b89362bf8f8a8
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Conflicts:
init/builtins.c
| -rw-r--r-- | init/builtins.c | 39 | ||||
| -rw-r--r-- | init/keywords.h | 2 | ||||
| -rw-r--r-- | init/readme.txt | 2 | ||||
| -rw-r--r-- | toolbox/setsebool.c | 39 |
4 files changed, 34 insertions, 48 deletions
diff --git a/init/builtins.c b/init/builtins.c index de067ce..1d8854d 100644 --- a/init/builtins.c +++ b/init/builtins.c @@ -885,34 +885,29 @@ int do_restorecon(int nargs, char **args) { int do_setsebool(int nargs, char **args) { #ifdef HAVE_SELINUX - SELboolean *b = alloca(nargs * sizeof(SELboolean)); - char *v; - int i; + const char *name = args[1]; + const char *value = args[2]; + SELboolean b; + int ret; if (is_selinux_enabled() <= 0) return 0; - for (i = 1; i < nargs; i++) { - char *name = args[i]; - v = strchr(name, '='); - if (!v) { - ERROR("setsebool: argument %s had no =\n", name); - return -EINVAL; - } - *v++ = 0; - b[i-1].name = name; - if (!strcmp(v, "1") || !strcasecmp(v, "true") || !strcasecmp(v, "on")) - b[i-1].value = 1; - else if (!strcmp(v, "0") || !strcasecmp(v, "false") || !strcasecmp(v, "off")) - b[i-1].value = 0; - else { - ERROR("setsebool: invalid value %s\n", v); - return -EINVAL; - } + b.name = name; + if (!strcmp(value, "1") || !strcasecmp(value, "true") || !strcasecmp(value, "on")) + b.value = 1; + else if (!strcmp(value, "0") || !strcasecmp(value, "false") || !strcasecmp(value, "off")) + b.value = 0; + else { + ERROR("setsebool: invalid value %s\n", value); + return -EINVAL; } - if (security_set_boolean_list(nargs - 1, b, 0) < 0) - return -errno; + if (security_set_boolean_list(1, &b, 0) < 0) { + ret = -errno; + ERROR("setsebool: could not set %s to %s\n", name, value); + return ret; + } #endif return 0; } diff --git a/init/keywords.h b/init/keywords.h index 66a165f..b0b2b54 100644 --- a/init/keywords.h +++ b/init/keywords.h @@ -82,7 +82,7 @@ enum { KEYWORD(setkey, COMMAND, 0, do_setkey) KEYWORD(setprop, COMMAND, 2, do_setprop) KEYWORD(setrlimit, COMMAND, 3, do_setrlimit) - KEYWORD(setsebool, COMMAND, 1, do_setsebool) + KEYWORD(setsebool, COMMAND, 2, do_setsebool) KEYWORD(socket, OPTION, 0, 0) KEYWORD(start, COMMAND, 1, do_start) KEYWORD(stop, COMMAND, 1, do_stop) diff --git a/init/readme.txt b/init/readme.txt index 55afdd7..ccefcde 100644 --- a/init/readme.txt +++ b/init/readme.txt @@ -213,7 +213,7 @@ setprop <name> <value> setrlimit <resource> <cur> <max> Set the rlimit for a resource. -setsebool <name>=<value> +setsebool <name> <value> Set SELinux boolean <name> to <value>. <value> may be 1|true|on or 0|false|off diff --git a/toolbox/setsebool.c b/toolbox/setsebool.c index 4a3d87d..f79a612 100644 --- a/toolbox/setsebool.c +++ b/toolbox/setsebool.c @@ -9,35 +9,26 @@ #include <errno.h> static int do_setsebool(int nargs, char **args) { - SELboolean *b = alloca(nargs * sizeof(SELboolean)); - char *v; - int i; + const char *name = args[1]; + const char *value = args[2]; + SELboolean b; if (is_selinux_enabled() <= 0) return 0; - for (i = 1; i < nargs; i++) { - char *name = args[i]; - v = strchr(name, '='); - if (!v) { - fprintf(stderr, "setsebool: argument %s had no =\n", name); - return -1; - } - *v++ = 0; - b[i-1].name = name; - if (!strcmp(v, "1") || !strcasecmp(v, "true") || !strcasecmp(v, "on")) - b[i-1].value = 1; - else if (!strcmp(v, "0") || !strcasecmp(v, "false") || !strcasecmp(v, "off")) - b[i-1].value = 0; - else { - fprintf(stderr, "setsebool: invalid value %s\n", v); - return -1; - } + b.name = name; + if (!strcmp(value, "1") || !strcasecmp(value, "true") || !strcasecmp(value, "on")) + b.value = 1; + else if (!strcmp(value, "0") || !strcasecmp(value, "false") || !strcasecmp(value, "off")) + b.value = 0; + else { + fprintf(stderr, "setsebool: invalid value %s\n", value); + return -1; } - if (security_set_boolean_list(nargs - 1, b, 0) < 0) + if (security_set_boolean_list(1, &b, 0) < 0) { - fprintf(stderr, "setsebool: unable to set booleans: %s", strerror(errno)); + fprintf(stderr, "setsebool: could not set %s to %s: %s", name, value, strerror(errno)); return -1; } @@ -46,8 +37,8 @@ static int do_setsebool(int nargs, char **args) { int setsebool_main(int argc, char **argv) { - if (argc < 2) { - fprintf(stderr, "Usage: %s name=value...\n", argv[0]); + if (argc != 3) { + fprintf(stderr, "Usage: %s name value\n", argv[0]); exit(1); } |