6 static inline void selinux_setfilecon(char *file, unsigned int mode) {}
7 static inline void selinux_setfscreatecon(char *file, unsigned int mode) {}
8 static inline void selinux_init(void) {}
9 static inline void selinux_restore(void) {}
13 #include <selinux/selinux.h>
18 static int selinux_enabled=-1;
19 static security_context_t prev_scontext=NULL;
21 static inline int is_selinux_running(void)
23 if (selinux_enabled == -1)
24 return selinux_enabled = is_selinux_enabled() > 0;
25 return selinux_enabled;
28 static inline int selinux_get_media(char *path, int mode, char **media)
32 char mediabuf[PATH_MAX];
36 if (!(mode && S_IFBLK)) {
40 snprintf(buf, sizeof(buf), "/proc/ide/%s/media", basename(path));
48 if (fgets(mediabuf, sizeof(mediabuf), fp) == NULL)
51 int size = strlen(mediabuf);
53 if (isspace(mediabuf[size])) {
59 *media = strdup(mediabuf);
60 info("selinux_get_media(%s)->%s \n", path, *media);
69 static inline void selinux_setfilecon(char *file, unsigned int mode)
71 if (is_selinux_running()) {
72 security_context_t scontext=NULL;
74 int ret=selinux_get_media(file, mode, &media);
76 ret = matchmediacon(media, &scontext);
80 if (matchpathcon(file, mode, &scontext) < 0) {
81 dbg("matchpathcon(%s) failed\n", file);
84 if (setfilecon(file, scontext) < 0)
85 dbg("setfiles %s failed with error '%s'",
86 file, strerror(errno));
91 static inline void selinux_setfscreatecon(char *file, unsigned int mode)
94 security_context_t scontext=NULL;
96 if (is_selinux_running()) {
98 int ret = selinux_get_media(file, mode, &media);
101 ret = matchmediacon(media, &scontext);
106 if (matchpathcon(file, mode, &scontext) < 0) {
107 dbg("matchpathcon(%s) failed\n", file);
111 retval = setfscreatecon(scontext);
113 dbg("setfiles %s failed with error '%s'",
114 file, strerror(errno));
119 static inline void selinux_init(void)
122 * record the present security context, for file-creation
123 * restoration creation purposes.
125 if (is_selinux_running()) {
126 if (getfscreatecon(&prev_scontext) < 0) {
127 dbg("getfscreatecon failed\n");
129 prev_scontext = NULL;
133 static inline void selinux_restore(void)
135 if (is_selinux_running()) {
136 /* reset the file create context to its former glory */
137 if (setfscreatecon(prev_scontext) < 0)
138 dbg("setfscreatecon failed\n");
140 freecon(prev_scontext);
141 prev_scontext = NULL;
146 #endif /* USE_SELINUX */
148 #endif /* SELINUX_H */