From: Elliott Hughes Date: Tue, 7 Apr 2015 21:07:46 +0000 (-0700) Subject: Implement Android restorecon. X-Git-Tag: upstream/0.6.0~115 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=e398112bdf7f4ced9388bb814697e35144e4a1a5;p=platform%2Fupstream%2Ftoybox.git Implement Android restorecon. On Android, much of the restorecon logic is in libselinux, so this isn't portable. We do want to be able to build on the host for testing *other* toys, though, so #if keeps this building. Change-Id: Ida5a6713a926140c549d5770d62798f4aedca748 --- diff --git a/toys/android/restorecon.c b/toys/android/restorecon.c new file mode 100644 index 0000000..5ea6b3f --- /dev/null +++ b/toys/android/restorecon.c @@ -0,0 +1,47 @@ +/* restorecon.c - Restore default security contexts for files + * + * Copyright 2015 The Android Open Source Project + +USE_RESTORECON(NEWTOY(restorecon, "<1DFnRrv", TOYFLAG_USR|TOYFLAG_SBIN)) + +config RESTORECON + bool "restorecon" + depends on TOYBOX_SELINUX + default y + help + usage: restorecon [-D] [-F] [-R] [-n] [-v] FILE... + + Restores the default security contexts for the given files. + + -D apply to /data/data too + -F force reset + -R recurse into directories + -n don't make any changes; useful with -v to see what would change + -v verbose: show any changes +*/ + +#define FOR_restorecon +#include "toys.h" + +#if defined(__ANDROID__) +#include +#endif + +void restorecon_main(void) +{ +#if defined(__ANDROID__) + char **s; + int flags = 0; + + if (toys.optflags & FLAG_D) flags |= SELINUX_ANDROID_RESTORECON_DATADATA; + if (toys.optflags & FLAG_F) flags |= SELINUX_ANDROID_RESTORECON_FORCE; + if (toys.optflags & (FLAG_R|FLAG_r)) + flags |= SELINUX_ANDROID_RESTORECON_RECURSE; + if (toys.optflags & FLAG_n) flags |= SELINUX_ANDROID_RESTORECON_NOCHANGE; + if (toys.optflags & FLAG_v) flags |= SELINUX_ANDROID_RESTORECON_VERBOSE; + + for (s = toys.optargs; *s; s++) + if (selinux_android_restorecon(*s, flags) < 0) + perror_msg("restorecon failed: %s", *s); +#endif +}