Added smackctl back.

Added smackctl back because Debian needs it.

diff --git a/doc/Makefile.am b/doc/Makefile.am
index b02880d..37dc95a 100644 (file)
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -37,6 +37,7 @@ man_MANS = smackaccess.1 \
           smack_revoke_subject.3 \
           chsmack.8 \
           smackcipso.8 \
-          smackload.8
+          smackload.8 \
+          smackctl.8
 
 EXTRA_DIST += $(man_MANS)

diff --git a/doc/smackctl.8 b/doc/smackctl.8
new file mode 100644 (file)
index 0000000..cdd1ac2
--- /dev/null
+++ b/doc/smackctl.8
@@ -0,0 +1,47 @@
+'\" t
+.\" This file is part of libsmack
+.\" Copyright (C) 2012 Intel Corporation
+.\"
+.\" This library is free software; you can redistribute it and/or
+.\" modify it under the terms of the GNU Lesser General Public License
+.\" version 2.1 as published by the Free Software Foundation.
+.\"
+.\" This library is distributed in the hope that it will be useful, but
+.\" WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+.\" Lesser General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU Lesser General Public
+.\" License along with this library; if not, write to the Free Software
+.\" Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+.\" 02110-1301 USA
+.\"
+.\" Author:
+.\" Brian McGillion <brian.mcgillion@intel.com>
+.\"
+.TH "SMACKCTL" "8" "03/05/2012" "smack-utils 1\&.0"
+.SH NAME
+smackctl \- Load and unload the system Smack rules files
+.SH SYNOPSIS
+.B smackctl ['apply'] ['clear'] ['status']
+
+.SH DESCRIPTION
+.B smackctl
+is a program to load and unload the Smack context configurations.  It is generally called by an init process on startup and shutdown of the system when it is needed to change the Smack rules in the kernel.  The Smack system configuration files are all store in see FILES below.
+.SH OPTIONS
+.IP apply
+Apply all the rules found in the configuration directory's
+.IP clear
+Remove all system rules from the kernel
+.IP status
+Show the status of the Smack system, specifically if /smack is mounted
+.SH EXIT STATUS
+On success
+.B smackctl
+returns 0 and 1 on failure.
+.SH FILES
+/smack
+.br
+/etc/smack/acceses.d
+.br
+/etc/smack/cipso.d

diff --git a/utils/Makefile.am b/utils/Makefile.am
index 2f3693c..e8a543a 100644 (file)
--- a/utils/Makefile.am
+++ b/utils/Makefile.am
@@ -1,5 +1,5 @@
 instdir = ${bindir}
-bin_PROGRAMS = smackaccess smackload smackcipso chsmack
+bin_PROGRAMS = smackaccess smackload smackcipso chsmack smackctl
 AM_CPPFLAGS = -I$(top_srcdir)/libsmack
 
 smackaccess_SOURCES = smackaccess.c
@@ -11,6 +11,9 @@ smackload_LDADD = ../libsmack/libsmack.la
 smackcipso_SOURCES = smackcipso.c common.c
 smackcipso_LDADD = ../libsmack/libsmack.la
 
+smackctl_SOURCES = smackctl.c common.c
+smackctl_LDADD = ../libsmack/libsmack.la
+
 chsmack_SOURCES = chsmack.c
 
 EXTRA_DIST = common.h

diff --git a/utils/smackctl.c b/utils/smackctl.c
new file mode 100644 (file)
index 0000000..d489b38
--- /dev/null
+++ b/utils/smackctl.c
@@ -0,0 +1,87 @@
+/*
+ * This file is part of libsmack.
+ *
+ * Copyright (C) 2011 Intel Corporation
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * version 2.1 as published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA
+ *
+ * Authors:
+ * Jarkko Sakkinen <jarkko.sakkinen@intel.com>
+ * Brian McGillion <brian.mcgillion@intel.com>
+ */
+
+#include "common.h"
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+
+static int apply_all(void)
+{
+       if (is_smackfs_mounted() != 1) {
+               fprintf(stderr, "ERROR: SmackFS is not mounted.\n");
+               return -1;
+       }
+
+       if (clear())
+               return -1;
+
+       if (apply_rules(ACCESSES_D_PATH, 0))
+               perror("apply_rules");
+
+       if (apply_cipso(CIPSO_D_PATH))
+               perror("apply_cipso");
+
+       return 0;
+}
+
+static int status(void)
+{
+       int ret = is_smackfs_mounted();
+
+       switch (ret) {
+       case 1:
+               printf("SmackFS is mounted.\n");
+               return 0;
+       case 0:
+               printf("SmackFS is not mounted.\n");
+               return 0;
+       default:
+               return -1;
+       }
+}
+
+int main(int argc, char **argv)
+{
+       if (argc < 2) {
+               fprintf(stderr, "Usage: %s <action>\n", argv[0]);
+               return 1;
+       }
+
+       if (!strcmp(argv[1], "apply")) {
+               if (apply_all())
+                       return 1;
+       } else if (!strcmp(argv[1], "clear")) {
+               if (clear())
+                       return 1;
+       } else if (!strcmp(argv[1], "status")) {
+               if (status())
+                       return 1;
+       } else {
+               fprintf(stderr, "Uknown action: %s\n", argv[1]);
+               return 1;
+       }
+
+       return 0;
+}