2 * chsmack - Set smack attributes on files
4 * Copyright (C) 2011 Nokia Corporation.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, version 2.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
15 * You should have received a copy of the GNU General Public
16 * License along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
21 * Casey Schaufler <casey@schaufler-ca.com>
24 #include <sys/types.h>
26 #include <sys/xattr.h>
35 static inline int leads(char *in, char *lead)
37 return (strncmp(in, lead, strlen(lead)) == 0);
41 main(int argc, char *argv[])
46 char buffer[LSIZE + 1];
51 for (argi = 1; argi < argc; argi++) {
52 if (strcmp(argv[argi], "-a") == 0)
53 access = argv[++argi];
54 else if (leads(argv[argi], "--access="))
55 access = argv[argi] + strlen("--access=");
56 else if (strcmp(argv[argi], "-e") == 0)
57 execute = argv[++argi];
58 else if (leads(argv[argi], "--exec="))
59 execute = argv[argi] + strlen("--exec=");
60 else if (leads(argv[argi], "--execute="))
61 execute = argv[argi] + strlen("--execute=");
62 else if (strcmp(argv[argi], "-m") == 0)
64 else if (leads(argv[argi], "--mmap="))
65 mm = argv[argi] + strlen("--mmap=");
66 else if (strcmp(argv[argi], "-t") == 0)
68 else if (strcmp(argv[argi], "--transmute") == 0)
70 else if (*argv[argi] == '-') {
71 fprintf(stderr, "Invalid argument \"%s\".\n",
76 * Indicates the start of filenames.
82 fprintf(stderr, "No files specified.\n");
85 if (access != NULL && strlen(access) > LSIZE) {
86 fprintf(stderr, "Access label \"%s\" exceeds %d characters.\n",
90 if (mm != NULL && strlen(mm) > LSIZE) {
91 fprintf(stderr, "mmap label \"%s\" exceeds %d characters.\n",
95 if (execute != NULL && strlen(execute) > LSIZE) {
96 fprintf(stderr, "execute label \"%s\" exceeds %d characters.\n",
100 for (; argi < argc; argi++) {
101 if (access == NULL && mm == NULL &&
102 execute == NULL && !transmute) {
103 printf("%s", argv[argi]);
104 rc = lgetxattr(argv[argi], "security.SMACK64",
108 printf(" access=\"%s\"", buffer);
110 rc = lgetxattr(argv[argi], "security.SMACK64EXEC",
114 printf(" execute=\"%s\"", buffer);
116 rc = lgetxattr(argv[argi], "security.SMACK64MMAP",
120 printf(" mmap=\"%s\"", buffer);
122 rc = lgetxattr(argv[argi], "security.SMACK64TRANSMUTE",
126 printf(" transmute=\"%s\"", buffer);
131 if (access != NULL) {
132 rc = lsetxattr(argv[argi], "security.SMACK64",
133 access, strlen(access) + 1, 0);
137 if (execute != NULL) {
138 rc = lsetxattr(argv[argi], "security.SMACK64EXEC",
139 execute, strlen(execute) + 1, 0);
144 rc = lsetxattr(argv[argi], "security.SMACK64MMAP",
145 mm, strlen(mm) + 1, 0);
150 rc = lsetxattr(argv[argi], "security.SMACK64TRANSMUTE",