1 #include <stdio.h> 2 #include <stdlib.h> 3 #include <string.h> 4 #include <getopt.h> 5 #include <errno.h> 6 #include <selinux/selinux.h> 7 #include <selinux/label.h> 8 9 static void usage(const char *progname) 10 { 11 fprintf(stderr, 12 "usage: %s -b backend [-v] [-r] -k key [-t type] [-f file]\n\n" 13 "Where:\n\t" 14 "-b The backend - \"file\", \"media\", \"x\", \"db\" or " 15 "\"prop\"\n\t" 16 "-v Validate entries against loaded policy.\n\t" 17 "-r Use \"raw\" function.\n\t" 18 "-k Lookup key - Depends on backend.\n\t" 19 "-t Lookup type - Optional as depends on backend.\n\t" 20 "-f Optional file containing the specs (defaults to\n\t" 21 " those used by loaded policy).\n\n" 22 "Examples:\n\t" 23 "%s -v -b file -k /run -t 0\n\t" 24 " lookup with validation against the loaded policy, the\n\t" 25 " \"file\" backend for path \"/run\" with mode = 0\n\t" 26 "%s -r -b x -t 4 -k X11:ButtonPress\n\t" 27 " lookup_raw the \"X\" backend for type SELABEL_X_EVENT\n\t" 28 " using key \"X11:ButtonPress\"\n\n", 29 progname, progname, progname); 30 exit(1); 31 } 32 33 int main(int argc, char **argv) 34 { 35 int raw = 0, type = 0, backend = 0, rc, opt; 36 char *validate = NULL, *key = NULL, *context = NULL, *file = NULL; 37 38 struct selabel_handle *hnd; 39 struct selinux_opt selabel_option[] = { 40 { SELABEL_OPT_PATH, file }, 41 { SELABEL_OPT_VALIDATE, validate } 42 }; 43 44 if (argc < 3) 45 usage(argv[0]); 46 47 while ((opt = getopt(argc, argv, "b:f:vrk:t:")) > 0) { 48 switch (opt) { 49 case 'b': 50 if (!strcasecmp(optarg, "file")) { 51 backend = SELABEL_CTX_FILE; 52 } else if (!strcmp(optarg, "media")) { 53 backend = SELABEL_CTX_MEDIA; 54 } else if (!strcmp(optarg, "x")) { 55 backend = SELABEL_CTX_X; 56 } else if (!strcmp(optarg, "db")) { 57 backend = SELABEL_CTX_DB; 58 } else if (!strcmp(optarg, "prop")) { 59 backend = SELABEL_CTX_ANDROID_PROP; 60 } else { 61 fprintf(stderr, "Unknown backend: %s\n", 62 optarg); 63 usage(argv[0]); 64 } 65 break; 66 case 'f': 67 file = optarg; 68 break; 69 case 'v': 70 validate = (char *)1; 71 break; 72 case 'r': 73 raw = 1; 74 break; 75 case 'k': 76 key = optarg; 77 break; 78 case 't': 79 type = atoi(optarg); 80 break; 81 default: 82 usage(argv[0]); 83 } 84 } 85 86 selabel_option[0].value = file; 87 selabel_option[1].value = validate; 88 89 hnd = selabel_open(backend, selabel_option, 2); 90 if (!hnd) { 91 fprintf(stderr, "ERROR: selabel_open - Could not obtain " 92 "handle.\n"); 93 return -1; 94 } 95 96 switch (raw) { 97 case 1: 98 rc = selabel_lookup_raw(hnd, &context, key, type); 99 break; 100 default: 101 rc = selabel_lookup(hnd, &context, key, type); 102 } 103 selabel_close(hnd); 104 105 if (rc) { 106 switch (errno) { 107 case ENOENT: 108 fprintf(stderr, "ERROR: selabel_lookup failed to " 109 "find a valid context.\n"); 110 break; 111 case EINVAL: 112 fprintf(stderr, "ERROR: selabel_lookup failed to " 113 "validate context, or key / type are " 114 "invalid.\n"); 115 break; 116 default: 117 fprintf(stderr, "selabel_lookup ERROR: %s\n", 118 strerror(errno)); 119 } 120 } else { 121 printf("Default context: %s\n", context); 122 freecon(context); 123 } 124 125 return rc; 126 } 127
