2017-05-01 13:20:14 +00:00
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <unistd.h>
|
|
|
|
#include <selinux/selinux.h>
|
|
|
|
|
2017-05-03 20:58:01 +00:00
|
|
|
static __attribute__ ((__noreturn__)) void usage(const char *progname)
|
2017-05-01 13:20:14 +00:00
|
|
|
{
|
|
|
|
fprintf(stderr, "usage: %s [-a auditdata] scon tcon class perm\n"
|
|
|
|
"\nWhere:\n\t"
|
|
|
|
"-a Optional information added to audit message.\n",
|
|
|
|
progname);
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int cb_auditinfo(void *auditdata,
|
|
|
|
__attribute__((unused))security_class_t class,
|
|
|
|
char *msgbuf, size_t msgbufsize)
|
|
|
|
{
|
|
|
|
return snprintf(msgbuf, msgbufsize, "%s", (char *)auditdata);
|
|
|
|
}
|
|
|
|
|
|
|
|
int main(int argc, char **argv)
|
|
|
|
{
|
|
|
|
int opt, rc;
|
|
|
|
char *audit_msg = NULL;
|
|
|
|
|
|
|
|
while ((opt = getopt(argc, argv, "a:")) != -1) {
|
|
|
|
switch (opt) {
|
|
|
|
case 'a':
|
|
|
|
audit_msg = optarg;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
usage(argv[0]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ((argc - optind) != 4)
|
|
|
|
usage(argv[0]);
|
|
|
|
|
|
|
|
if (audit_msg)
|
|
|
|
selinux_set_callback(SELINUX_CB_AUDIT,
|
|
|
|
(union selinux_callback)cb_auditinfo);
|
|
|
|
|
|
|
|
rc = selinux_check_access(argv[optind], argv[optind + 1],
|
|
|
|
argv[optind + 2], argv[optind + 3],
|
|
|
|
audit_msg);
|
|
|
|
if (rc < 0)
|
|
|
|
perror("selinux_check_access");
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
}
|