Home | History | Annotate | Download | only in load_policy 
      1 #include <unistd.h>
      2 #include <stdlib.h>
      3 #include <stdio.h>
      4 #include <errno.h>
      5 #include <getopt.h>
      6 #include <string.h>
      7 #include <selinux/selinux.h>
      8 #include <sepol/sepol.h>
      9 #ifdef USE_NLS
     10 #include <locale.h>		/* for setlocale() */
     11 #include <libintl.h>		/* for gettext() */
     12 #define _(msgid) gettext (msgid)
     13 #else
     14 #define _(msgid) (msgid)
     15 #endif
     16 #ifndef PACKAGE
     17 #define PACKAGE "policycoreutils"	/* the name of this package lang translation */
     18 #endif
     19 
     20 void usage(char *progname)
     21 {
     22 	fprintf(stderr, _("usage:  %s [-qi]\n"), progname);
     23 	exit(1);
     24 }
     25 
     26 int main(int argc, char **argv)
     27 {
     28 	int ret, opt, quiet = 0, nargs, init=0, enforce=0;
     29 
     30 #ifdef USE_NLS
     31 	setlocale(LC_ALL, "");
     32 	bindtextdomain(PACKAGE, LOCALEDIR);
     33 	textdomain(PACKAGE);
     34 #endif
     35 
     36 	while ((opt = getopt(argc, argv, "bqi")) > 0) {
     37 		switch (opt) {
     38 		case 'b':
     39 			fprintf(stderr, "%s:  Warning! The -b option is no longer supported, booleans are always preserved across reloads.  Continuing...\n",
     40 				argv[0]);
     41 			break;
     42 		case 'q':
     43 			quiet = 1;
     44 			sepol_debug(0);
     45 			break;
     46 		case 'i':
     47 			init = 1;
     48 			break;
     49 		default:
     50 			usage(argv[0]);
     51 		}
     52 	}
     53 
     54 	nargs = argc - optind;
     55 	if (nargs > 2)
     56 		usage(argv[0]);
     57 	if (nargs >= 1 && !quiet) {
     58 			fprintf(stderr,
     59 				"%s:  Warning!  Policy file argument (%s) is no longer supported, installed policy is always loaded.  Continuing...\n",
     60 				argv[0], argv[optind++]);
     61 	}
     62 	if (nargs == 2 && ! quiet) {
     63 		fprintf(stderr,
     64 			"%s:  Warning!  Boolean file argument (%s) is no longer supported, installed booleans file is always used.  Continuing...\n",
     65 			argv[0], argv[optind++]);
     66 	}
     67 	if (init) {
     68 		if (is_selinux_enabled() == 1) {
     69 			/* SELinux is already enabled, we should not do an initial load again */
     70 			fprintf(stderr,
     71 					_("%s:  Policy is already loaded and initial load requested\n"),
     72 					argv[0]);
     73 			exit(2);
     74 		}
     75 		ret = selinux_init_load_policy(&enforce);
     76 		if (ret != 0 ) {
     77 			if (enforce > 0) {
     78 				/* SELinux in enforcing mode but load_policy failed */
     79 				fprintf(stderr,
     80 						_("%s:  Can't load policy and enforcing mode requested:  %s\n"),
     81 						argv[0], strerror(errno));
     82 				exit(3);
     83 			}
     84 		}
     85 	}
     86 	else {
     87 		ret = selinux_mkload_policy(1);
     88 	}
     89 	if (ret < 0) {
     90 		fprintf(stderr, _("%s:  Can't load policy:  %s\n"),
     91 			argv[0], strerror(errno));
     92 		exit(2);
     93 	}
     94 	exit(0);
     95 }
     96