| Stephen Smalley | 8290d10 | 2012-01-13 08:53:56 -0500 | [diff] [blame] | 1 | #include <unistd.h> |
| 2 | #include <stdio.h> |
| 3 | #include <stdlib.h> |
| 4 | #include <ctype.h> |
| 5 | #include <string.h> |
| 6 | #include <strings.h> |
| 7 | #include <errno.h> |
| 8 | #include <selinux/selinux.h> |
| 9 | |
| Matt Finifter | 492051e | 2012-07-18 14:06:02 -0700 | [diff] [blame] | 10 | static void usage(const char *progname) |
| Stephen Smalley | 8290d10 | 2012-01-13 08:53:56 -0500 | [diff] [blame] | 11 | { |
| 12 | fprintf(stderr, "usage: %s [ Enforcing | Permissive | 1 | 0 ]\n", |
| 13 | progname); |
| 14 | exit(1); |
| 15 | } |
| 16 | |
| 17 | int setenforce_main(int argc, char **argv) |
| 18 | { |
| 19 | int rc = 0; |
| 20 | if (argc != 2) { |
| 21 | usage(argv[0]); |
| 22 | } |
| 23 | |
| 24 | if (is_selinux_enabled() <= 0) { |
| 25 | fprintf(stderr, "%s: SELinux is disabled\n", argv[0]); |
| 26 | return 1; |
| 27 | } |
| 28 | if (strlen(argv[1]) == 1 && (argv[1][0] == '0' || argv[1][0] == '1')) { |
| 29 | rc = security_setenforce(atoi(argv[1])); |
| 30 | } else { |
| 31 | if (strcasecmp(argv[1], "enforcing") == 0) { |
| 32 | rc = security_setenforce(1); |
| 33 | } else if (strcasecmp(argv[1], "permissive") == 0) { |
| 34 | rc = security_setenforce(0); |
| 35 | } else |
| 36 | usage(argv[0]); |
| 37 | } |
| 38 | if (rc < 0) { |
| 39 | fprintf(stderr, "%s: Could not set enforcing status: %s\n", |
| 40 | argv[0], strerror(errno)); |
| 41 | return 2; |
| 42 | } |
| 43 | return 0; |
| 44 | } |