int do_setsebool(int nargs, char **args) { const char *name = args[1]; const char *value = args[2]; SELboolean b; int ret; if (is_selinux_enabled() <= 0) return 0; b.name = name; if (!strcmp(value, "1") || !strcasecmp(value, "true") || !strcasecmp(value, "on")) b.value = 1; else if (!strcmp(value, "0") || !strcasecmp(value, "false") || !strcasecmp(value, "off")) b.value = 0; else { ERROR("setsebool: invalid value %s\n", value); return -EINVAL; } if (security_set_boolean_list(1, &b, 0) < 0) { ret = -errno; ERROR("setsebool: could not set %s to %s\n", name, value); return ret; } return 0; }
int do_setsebool(int nargs, char **args) { #ifdef HAVE_SELINUX SELboolean *b = alloca(nargs * sizeof(SELboolean)); char *v; int i; if (is_selinux_enabled() <= 0) return 0; for (i = 1; i < nargs; i++) { char *name = args[i]; v = strchr(name, '='); if (!v) { ERROR("setsebool: argument %s had no =\n", name); return -EINVAL; } *v++ = 0; b[i-1].name = name; if (!strcmp(v, "1") || !strcasecmp(v, "true") || !strcasecmp(v, "on")) b[i-1].value = 1; else if (!strcmp(v, "0") || !strcasecmp(v, "false") || !strcasecmp(v, "off")) b[i-1].value = 0; else { ERROR("setsebool: invalid value %s\n", v); return -EINVAL; } } if (security_set_boolean_list(nargs - 1, b, 0) < 0) return -errno; #endif return 0; }
/* Apply temporal boolean changes to policy via libselinux */ static int selinux_set_boolean_list(size_t boolcnt, SELboolean * boollist) { if (security_set_boolean_list(boolcnt, boollist, 0)) { if (errno == ENOENT) fprintf(stderr, "Could not change active booleans: " "Invalid boolean\n"); else if (errno) { if (getuid() == 0) { perror("Could not change active booleans"); } else { perror("Could not change active booleans. Please try as root"); } } return -1; } return 0; }