int do_setsebool(int nargs, char **args) {
const char *name = args[1];
const char *value = args[2];
SELboolean b;
int ret;
if (is_selinux_enabled() <= 0)
return 0;
b.name = name;
if (!strcmp(value, "1") || !strcasecmp(value, "true") || !strcasecmp(value, "on"))
b.value = 1;
else if (!strcmp(value, "0") || !strcasecmp(value, "false") || !strcasecmp(value, "off"))
b.value = 0;
else {
ERROR("setsebool: invalid value %s\n", value);
return -EINVAL;
}
if (security_set_boolean_list(1, &b, 0) < 0) {
ret = -errno;
ERROR("setsebool: could not set %s to %s\n", name, value);
return ret;
}
return 0;
}
int do_setsebool(int nargs, char **args) {
#ifdef HAVE_SELINUX
SELboolean *b = alloca(nargs * sizeof(SELboolean));
char *v;
int i;
if (is_selinux_enabled() <= 0)
return 0;
for (i = 1; i < nargs; i++) {
char *name = args[i];
v = strchr(name, '=');
if (!v) {
ERROR("setsebool: argument %s had no =\n", name);
return -EINVAL;
}
*v++ = 0;
b[i-1].name = name;
if (!strcmp(v, "1") || !strcasecmp(v, "true") || !strcasecmp(v, "on"))
b[i-1].value = 1;
else if (!strcmp(v, "0") || !strcasecmp(v, "false") || !strcasecmp(v, "off"))
b[i-1].value = 0;
else {
ERROR("setsebool: invalid value %s\n", v);
return -EINVAL;
}
}
if (security_set_boolean_list(nargs - 1, b, 0) < 0)
return -errno;
#endif
return 0;
}
/* Apply temporal boolean changes to policy via libselinux */
static int selinux_set_boolean_list(size_t boolcnt,
SELboolean * boollist)
{
if (security_set_boolean_list(boolcnt, boollist, 0)) {
if (errno == ENOENT)
fprintf(stderr, "Could not change active booleans: "
"Invalid boolean\n");
else if (errno) {
if (getuid() == 0) {
perror("Could not change active booleans");
} else {
perror("Could not change active booleans. Please try as root");
}
}
return -1;
}
return 0;
}
