C++程序  |  53行  |  1.08 KB

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <selinux/selinux.h>

static __attribute__ ((__noreturn__)) void usage(const char *progname)
{
	fprintf(stderr, "usage:  %s [-a auditdata] scon tcon class perm\n"
		"\nWhere:\n\t"
		"-a  Optional information added to audit message.\n",
		progname);
	exit(1);
}

static int cb_auditinfo(void *auditdata,
			__attribute__((unused))security_class_t class,
			char *msgbuf, size_t msgbufsize)
{
	return snprintf(msgbuf, msgbufsize, "%s", (char *)auditdata);
}

int main(int argc, char **argv)
{
	int opt, rc;
	char *audit_msg = NULL;

	while ((opt = getopt(argc, argv, "a:")) != -1) {
		switch (opt) {
		case 'a':
			audit_msg = optarg;
			break;
		default:
			usage(argv[0]);
		}
	}

	if ((argc - optind) != 4)
		usage(argv[0]);

	if (audit_msg)
		selinux_set_callback(SELINUX_CB_AUDIT,
				     (union selinux_callback)cb_auditinfo);

	rc = selinux_check_access(argv[optind], argv[optind + 1],
				  argv[optind + 2], argv[optind + 3],
				  audit_msg);
	if (rc < 0)
		perror("selinux_check_access");

	return rc;
}