1 #include <unistd.h> 2 #include <sys/types.h> 3 #include <stdio.h> 4 #include <stdlib.h> 5 #include <errno.h> 6 #include <selinux/selinux.h> 7 8 int main(int argc, char **argv) 9 { 10 struct av_decision avd; 11 security_class_t tclass; 12 int ret; 13 14 if (argc != 4) { 15 fprintf(stderr, "usage: %s scontext tcontext tclass\n", 16 argv[0]); 17 exit(1); 18 } 19 20 tclass = string_to_security_class(argv[3]); 21 if (!tclass) { 22 fprintf(stderr, "%s: invalid class '%s'\n", argv[0], argv[3]); 23 exit(2); 24 } 25 26 ret = security_compute_av(argv[1], argv[2], tclass, 1, &avd); 27 if (ret < 0) { 28 fprintf(stderr, "%s: security_compute_av failed\n", argv[0]); 29 exit(3); 30 } 31 32 printf("allowed="); 33 print_access_vector(tclass, avd.allowed); 34 printf("\n"); 35 36 if (avd.decided != ~0U) { 37 printf("decided="); 38 print_access_vector(tclass, avd.decided); 39 printf("\n"); 40 } 41 42 if (avd.auditallow) { 43 printf("auditallow="); 44 print_access_vector(tclass, avd.auditallow); 45 printf("\n"); 46 } 47 48 if (avd.auditdeny != ~0U) { 49 printf("auditdeny"); 50 print_access_vector(tclass, avd.auditdeny); 51 printf("\n"); 52 } 53 54 exit(0); 55 } 56
