diff options
| author | Stephen Smalley <sds@tycho.nsa.gov> | 2012-11-13 12:56:48 -0500 |
|---|---|---|
| committer | Stephen Smalley <sds@tycho.nsa.gov> | 2012-11-13 12:56:48 -0500 |
| commit | 4ead8beac8fe59b01ad1e5670713b99e7f841b9b (patch) | |
| tree | 840b006c4a2c99c443506b2e526c1a30b1b296b9 | |
| parent | ee854b077766a85279fa1849b537c50837d1a204 (diff) | |
| download | system_core-4ead8beac8fe59b01ad1e5670713b99e7f841b9b.zip system_core-4ead8beac8fe59b01ad1e5670713b99e7f841b9b.tar.gz system_core-4ead8beac8fe59b01ad1e5670713b99e7f841b9b.tar.bz2 | |
run-as: set the SELinux security context.
Before invoking the specified command or a shell, set the
SELinux security context.
Change-Id: Ifc7f91aed9d298290b95d771484b322ed7a4c594
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
| -rw-r--r-- | run-as/Android.mk | 2 | ||||
| -rw-r--r-- | run-as/run-as.c | 6 |
2 files changed, 8 insertions, 0 deletions
diff --git a/run-as/Android.mk b/run-as/Android.mk index 043cc3a..a8f2885 100644 --- a/run-as/Android.mk +++ b/run-as/Android.mk @@ -3,6 +3,8 @@ include $(CLEAR_VARS) LOCAL_SRC_FILES:= run-as.c package.c +LOCAL_SHARED_LIBRARIES := libselinux + LOCAL_MODULE:= run-as include $(BUILD_EXECUTABLE) diff --git a/run-as/run-as.c b/run-as/run-as.c index 20e1530..9eb09ae 100644 --- a/run-as/run-as.c +++ b/run-as/run-as.c @@ -29,6 +29,7 @@ #include <time.h> #include <stdarg.h> +#include <selinux/android.h> #include <private/android_filesystem_config.h> #include "package.h" @@ -162,6 +163,11 @@ int main(int argc, char **argv) return 1; } + if (selinux_android_setcontext(uid, 0, NULL, pkgname) < 0) { + panic("Could not set SELinux security context: %s\n", strerror(errno)); + return 1; + } + /* User specified command for exec. */ if (argc >= 3 ) { if (execvp(argv[2], argv+2) < 0) { |