1 #include <unistd.h>
2 #include <sys/types.h>
3 #include <fcntl.h>
4 #include <stdio.h>
5 #include <stdlib.h>
6 #include <errno.h>
7 #include <string.h>
8 #include <ctype.h>
9 #include <selinux/selinux.h>
10
usage(const char * name,const char * detail,int rc)11 static __attribute__ ((__noreturn__)) void usage(const char *name, const char *detail, int rc)
12 {
13 fprintf(stderr, "usage: %s command [ fromcon ]\n", name);
14 if (detail)
15 fprintf(stderr, "%s: %s\n", name, detail);
16 exit(rc);
17 }
18
get_selinux_proc_context(const char * command,const char * execcon)19 static char * get_selinux_proc_context(const char *command, const char * execcon) {
20 char * fcon = NULL, *newcon = NULL;
21
22 int ret = getfilecon(command, &fcon);
23 if (ret < 0) goto err;
24 ret = security_compute_create(execcon, fcon, string_to_security_class("process"), &newcon);
25 if (ret < 0) goto err;
26
27 err:
28 freecon(fcon);
29 return newcon;
30 }
31
main(int argc,char ** argv)32 int main(int argc, char **argv)
33 {
34 int ret = -1;
35 char * proccon = NULL, *con = NULL;
36 if (argc < 2 || argc > 3)
37 usage(argv[0], "Invalid number of arguments", -1);
38
39 if (argc == 2) {
40 if (getcon(&con) < 0) {
41 perror(argv[0]);
42 return -1;
43 }
44 } else {
45 con = strdup(argv[2]);
46 if (security_check_context(con)) {
47 fprintf(stderr, "%s: invalid from context '%s'\n", argv[0], con);
48 return -1;
49 }
50 }
51
52 proccon = get_selinux_proc_context(argv[1], con);
53 if (proccon) {
54 printf("%s\n", proccon);
55 ret = 0;
56 } else {
57 perror(argv[0]);
58 }
59
60 free(proccon);
61 free(con);
62 return ret;
63 }
64