Extend toolbox with SE Android support.
Add -Z option to ls and ps for displaying security contexts.
Modify id to display security context.
Add new SELinux commands: chcon, getenforce, getsebool, load_policy, restorecon, runcon, setenforce, setsebool.
Change-Id: Ia20941be4a6cd706fe392fed6e38a37d880ec5f1
diff --git a/toolbox/getenforce.c b/toolbox/getenforce.c
new file mode 100644
index 0000000..9e7589a
--- /dev/null
+++ b/toolbox/getenforce.c
@@ -0,0 +1,30 @@
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <selinux/selinux.h>
+
+int getenforce_main(int argc, char **argv)
+{
+ int rc;
+
+ rc = is_selinux_enabled();
+ if (rc <= 0) {
+ printf("Disabled\n");
+ return 0;
+ }
+
+ rc = security_getenforce();
+ if (rc < 0) {
+ fprintf(stderr, "Could not get enforcing status: %s\n",
+ strerror(errno));
+ return 2;
+ }
+
+ if (rc)
+ printf("Enforcing\n");
+ else
+ printf("Permissive\n");
+
+ return 0;
+}