Remove getsebool/setsebool from init and toolbox.

These were leftovers from the SELinux boolean support that
was originally merged.  Since Android prohibits SELinux policy
booleans, we can just drop it.

Change-Id: I02f646a7d8db65e153702205b082b87a73f60d73
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

3 files changed, 0 insertions, 152 deletions

diff --git a/toolbox/Android.mk b/toolbox/Android.mk
index 2c7544c..424ba23 100644
--- a/toolbox/Android.mk
+++ b/toolbox/Android.mk
@@ -44,7 +44,6 @@ OUR_TOOLS := \
     df \
     getevent \
     getprop \
-    getsebool \
     iftop \
     ioctl \
     ionice \
@@ -64,7 +63,6 @@ OUR_TOOLS := \
     schedtop \
     sendevent \
     setprop \
-    setsebool \
     smd \
     start \
     stop \
diff --git a/toolbox/getsebool.c b/toolbox/getsebool.c
deleted file mode 100644
index aab5200..0000000
--- a/toolbox/getsebool.c
+++ /dev/null
@@ -1,104 +0,0 @@
-#include <unistd.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <getopt.h>
-#include <errno.h>
-#include <string.h>
-#include <selinux/selinux.h>
-
-static void usage(const char *progname)
-{
-    fprintf(stderr, "usage:  %s -a or %s boolean...\n", progname, progname);
-    exit(1);
-}
-
-int getsebool_main(int argc, char **argv)
-{
-    int i, get_all = 0, rc = 0, active, pending, len = 0, opt;
-    char **names;
-
-    while ((opt = getopt(argc, argv, "a")) > 0) {
-        switch (opt) {
-        case 'a':
-            if (argc > 2)
-                usage(argv[0]);
-            if (is_selinux_enabled() <= 0) {
-                fprintf(stderr, "%s:  SELinux is disabled\n",
-                        argv[0]);
-                return 1;
-            }
-            errno = 0;
-            rc = security_get_boolean_names(&names, &len);
-            if (rc) {
-                fprintf(stderr,
-                        "%s:  Unable to get boolean names:  %s\n",
-                        argv[0], strerror(errno));
-                return 1;
-            }
-            if (!len) {
-                printf("No booleans\n");
-                return 0;
-            }
-            get_all = 1;
-            break;
-        default:
-            usage(argv[0]);
-        }
-    }
-
-    if (is_selinux_enabled() <= 0) {
-        fprintf(stderr, "%s:  SELinux is disabled\n", argv[0]);
-        return 1;
-    }
-    if (!len) {
-        if (argc < 2)
-            usage(argv[0]);
-        len = argc - 1;
-        names = malloc(sizeof(char *) * len);
-        if (!names) {
-            fprintf(stderr, "%s:  out of memory\n", argv[0]);
-            return 2;
-        }
-        for (i = 0; i < len; i++) {
-            names[i] = strdup(argv[i + 1]);
-            if (!names[i]) {
-                fprintf(stderr, "%s:  out of memory\n",
-                        argv[0]);
-                return 2;
-            }
-        }
-    }
-
-    for (i = 0; i < len; i++) {
-        active = security_get_boolean_active(names[i]);
-        if (active < 0) {
-            if (get_all && errno == EACCES)
-                continue;
-            fprintf(stderr, "Error getting active value for %s\n",
-                    names[i]);
-            rc = -1;
-            goto out;
-        }
-        pending = security_get_boolean_pending(names[i]);
-        if (pending < 0) {
-            fprintf(stderr, "Error getting pending value for %s\n",
-                    names[i]);
-            rc = -1;
-            goto out;
-        }
-        if (pending != active) {
-            printf("%s --> %s pending: %s\n", names[i],
-                   (active ? "on" : "off"),
-                   (pending ? "on" : "off"));
-        } else {
-            printf("%s --> %s\n", names[i],
-                   (active ? "on" : "off"));
-        }
-    }
-
-out:
-    for (i = 0; i < len; i++)
-        free(names[i]);
-    free(names);
-    return rc;
-}
diff --git a/toolbox/setsebool.c b/toolbox/setsebool.c
deleted file mode 100644
index f79a612..0000000
--- a/toolbox/setsebool.c
+++ /dev/null
@@ -1,46 +0,0 @@
-#include <unistd.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <errno.h>
-#include <selinux/selinux.h>
-#include <errno.h>
-
-static int do_setsebool(int nargs, char **args) {
-    const char *name = args[1];
-    const char *value = args[2];
-    SELboolean b;
-
-    if (is_selinux_enabled() <= 0)
-        return 0;
-
-    b.name = name;
-    if (!strcmp(value, "1") || !strcasecmp(value, "true") || !strcasecmp(value, "on"))
-        b.value = 1;
-    else if (!strcmp(value, "0") || !strcasecmp(value, "false") || !strcasecmp(value, "off"))
-        b.value = 0;
-    else {
-        fprintf(stderr, "setsebool: invalid value %s\n", value);
-        return -1;
-    }
-
-    if (security_set_boolean_list(1, &b, 0) < 0)
-    {
-        fprintf(stderr, "setsebool: could not set %s to %s:  %s", name, value, strerror(errno));
-        return -1;
-    }
-
-    return 0;
-}
-
-int setsebool_main(int argc, char **argv)
-{
-    if (argc != 3) {
-        fprintf(stderr, "Usage:  %s name value\n", argv[0]);
-        exit(1);
-    }
-
-    return do_setsebool(argc, argv);
-}