void main(void)
{
access_vector_t requested = PACKET_SOCKET__IOCTL;
int ret = -1;
ret = checkPasswdAccess(requested);
if(!ret){
printf("the request access privicy is granted\n");
}
return ;
}
static int
check_for_root (pam_handle_t *pamh, int ctrl)
{
int retval = PAM_AUTH_ERR;
if (getuid() == 0)
#ifdef WITH_SELINUX
if (is_selinux_enabled()<1 || checkPasswdAccess(PASSWD__ROOTOK)==0)
#endif
retval = PAM_SUCCESS;
if (ctrl & PAM_DEBUG_ARG) {
pam_syslog(pamh, LOG_DEBUG, "root check %s",
(retval==PAM_SUCCESS) ? "succeeded" : "failed");
}
return retval;
}
static void check_selinux_update_passwd(const char *username)
{
security_context_t context;
char *seuser;
if (getuid() != (uid_t)0 || is_selinux_enabled() == 0)
return; /* No need to check */
if (getprevcon_raw(&context) < 0)
bb_perror_msg_and_die("getprevcon failed");
seuser = strtok(context, ":");
if (!seuser)
bb_error_msg_and_die("invalid context '%s'", context);
if (strcmp(seuser, username) != 0) {
if (checkPasswdAccess(PASSWD__PASSWD) != 0)
bb_error_msg_and_die("SELinux: access denied");
}
if (ENABLE_FEATURE_CLEAN_UP)
freecon(context);
}
