Exemple #1
0
int runcon_main(int argc UNUSED_PARAM, char **argv)
{
    char *role = NULL;
    char *range = NULL;
    char *user = NULL;
    char *type = NULL;
    char *context = NULL;
    unsigned opts;
    context_t con;

    selinux_or_die();

#if ENABLE_FEATURE_RUNCON_LONG_OPTIONS
    applet_long_options = runcon_longopts;
#endif
    opt_complementary = "-1";
    opts = getopt32(argv, "r:t:u:l:ch", &role, &type, &user, &range);
    argv += optind;

    if (!(opts & OPTS_CONTEXT_COMPONENT)) {
        context = *argv++;
        if (!argv[0])
            bb_error_msg_and_die("no command given");
    }

    if (context) {
        con = context_new(context);
        if (!con)
            bb_error_msg_and_die("'%s' is not a valid context", context);
    } else {
        con = runcon_compute_new_context(user, role, type, range,
                                         argv[0], opts & OPTS_COMPUTE);
    }

    if (security_check_context(context_str(con)))
        bb_error_msg_and_die("'%s' is not a valid context",
                             context_str(con));

    if (setexeccon(context_str(con)))
        bb_error_msg_and_die("cannot set up security context '%s'",
                             context_str(con));

    execvp(argv[0], argv);

    bb_perror_msg_and_die("cannot execute '%s'", argv[0]);
}
Exemple #2
0
int runcon_main(int argc UNUSED_PARAM, char **argv)
{
	char *role = NULL;
	char *range = NULL;
	char *user = NULL;
	char *type = NULL;
	char *context = NULL;
	unsigned opts;
	context_t con;

	selinux_or_die();

	opts = getopt32long(argv, "^"
			"r:t:u:l:ch"
			"\0" "-1",
			runcon_longopts,
			&role, &type, &user, &range
	);
	argv += optind;

	if (!(opts & OPTS_CONTEXT_COMPONENT)) {
		context = *argv++;
		if (!argv[0])
			bb_error_msg_and_die("no command given");
	}

	if (context) {
		con = context_new(context);
		if (!con)
			bb_error_msg_and_die("'%s' is not a valid context", context);
	} else {
		con = runcon_compute_new_context(user, role, type, range,
				argv[0], opts & OPTS_COMPUTE);
	}

	if (security_check_context(context_str(con)))
		bb_error_msg_and_die("'%s' is not a valid context",
				context_str(con));

	if (setexeccon(context_str(con)))
		bb_error_msg_and_die("can't set up security context '%s'",
				context_str(con));

	BB_EXECVP_or_die(argv);
}