diff options
author | Nick Kralevich <nnk@google.com> | 2015-04-24 16:55:16 +0000 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2015-04-24 16:55:16 +0000 |
commit | b862bd00a4192d48c3ae82156d8c35b32283e9e4 (patch) | |
tree | b50813183473d929b7dea66ac26243b10d879c72 /init | |
parent | 7b15ac99f3bfef33c82ea109487c99a77b41ebfb (diff) | |
download | system_core-b862bd00a4192d48c3ae82156d8c35b32283e9e4.zip system_core-b862bd00a4192d48c3ae82156d8c35b32283e9e4.tar.gz system_core-b862bd00a4192d48c3ae82156d8c35b32283e9e4.tar.bz2 |
Revert "Remove now-unusable 'setcon' command."
Temporarily revert because device isn't booting.
This reverts commit 7b15ac99f3bfef33c82ea109487c99a77b41ebfb.
Change-Id: Ice986bac62e20c70f7bedf1744a617b97392ae8c
Diffstat (limited to 'init')
-rw-r--r-- | init/builtins.cpp | 9 | ||||
-rw-r--r-- | init/init_parser.cpp | 1 | ||||
-rw-r--r-- | init/keywords.h | 2 | ||||
-rw-r--r-- | init/readme.txt | 5 |
4 files changed, 17 insertions, 0 deletions
diff --git a/init/builtins.cpp b/init/builtins.cpp index 4567b04..3bbaf83 100644 --- a/init/builtins.cpp +++ b/init/builtins.cpp @@ -515,6 +515,15 @@ int do_swapon_all(int nargs, char **args) return ret; } +int do_setcon(int nargs, char **args) { + if (is_selinux_enabled() <= 0) + return 0; + if (setcon(args[1]) < 0) { + return -errno; + } + return 0; +} + int do_setprop(int nargs, char **args) { const char *name = args[1]; diff --git a/init/init_parser.cpp b/init/init_parser.cpp index b76b04e..ff31093 100644 --- a/init/init_parser.cpp +++ b/init/init_parser.cpp @@ -184,6 +184,7 @@ static int lookup_keyword(const char *s) case 's': if (!strcmp(s, "eclabel")) return K_seclabel; if (!strcmp(s, "ervice")) return K_service; + if (!strcmp(s, "etcon")) return K_setcon; if (!strcmp(s, "etenv")) return K_setenv; if (!strcmp(s, "etprop")) return K_setprop; if (!strcmp(s, "etrlimit")) return K_setrlimit; diff --git a/init/keywords.h b/init/keywords.h index 37f01b8..059dde1 100644 --- a/init/keywords.h +++ b/init/keywords.h @@ -20,6 +20,7 @@ int do_restorecon(int nargs, char **args); int do_restorecon_recursive(int nargs, char **args); int do_rm(int nargs, char **args); int do_rmdir(int nargs, char **args); +int do_setcon(int nargs, char **args); int do_setprop(int nargs, char **args); int do_setrlimit(int nargs, char **args); int do_start(int nargs, char **args); @@ -75,6 +76,7 @@ enum { KEYWORD(rmdir, COMMAND, 1, do_rmdir) KEYWORD(seclabel, OPTION, 0, 0) KEYWORD(service, SECTION, 0, 0) + KEYWORD(setcon, COMMAND, 1, do_setcon) KEYWORD(setenv, OPTION, 2, 0) KEYWORD(setprop, COMMAND, 2, do_setprop) KEYWORD(setrlimit, COMMAND, 3, do_setrlimit) diff --git a/init/readme.txt b/init/readme.txt index 6b9c42d..84afd11 100644 --- a/init/readme.txt +++ b/init/readme.txt @@ -252,6 +252,11 @@ rm <path> rmdir <path> Calls rmdir(2) on the given path. +setcon <seclabel> + Set the current process security context to the specified string. + This is typically only used from early-init to set the init context + before any other process is started. + setprop <name> <value> Set system property <name> to <value>. Properties are expanded within <value>. |