* [PATCH] libselinux/getconlist: add verbose switch to print more information
@ 2020-02-19 20:27 Christian Göttsche
2020-02-25 14:33 ` Stephen Smalley
0 siblings, 1 reply; 2+ messages in thread
From: Christian Göttsche @ 2020-02-19 20:27 UTC (permalink / raw)
To: selinux
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
libselinux/utils/getconlist.c | 25 +++++++++++++++++++++----
1 file changed, 21 insertions(+), 4 deletions(-)
diff --git a/libselinux/utils/getconlist.c b/libselinux/utils/getconlist.c
index 29c16640..8841c96f 100644
--- a/libselinux/utils/getconlist.c
+++ b/libselinux/utils/getconlist.c
@@ -11,7 +11,7 @@
static __attribute__ ((__noreturn__)) void usage(const char *name, const char *detail, int rc)
{
- fprintf(stderr, "usage: %s [-l level] user [context]\n", name);
+ fprintf(stderr, "usage: %s [-l level] user [context] [-v]\n", name);
if (detail)
fprintf(stderr, "%s: %s\n", name, detail);
exit(rc);
@@ -21,9 +21,9 @@ int main(int argc, char **argv)
{
char **list, *cur_context = NULL;
char *user = NULL, *level = NULL;
- int ret, i, opt;
+ int ret, i, opt, verbose = 0;
- while ((opt = getopt(argc, argv, "l:")) > 0) {
+ while ((opt = getopt(argc, argv, "l:v")) > 0) {
switch (opt) {
case 'l':
level = strdup(optarg);
@@ -33,6 +33,9 @@ int main(int argc, char **argv)
return 3;
}
break;
+ case 'v':
+ verbose = 1;
+ break;
default:
usage(argv[0], "invalid option", 1);
}
@@ -58,8 +61,16 @@ int main(int argc, char **argv)
free(level);
return 2;
}
- } else
+ } else {
cur_context = argv[optind + 1];
+ if (verbose) {
+ if (security_check_context(cur_context) != 0) {
+ fprintf(stderr, "Given context '%s' is invalid.\n", cur_context);
+ free(level);
+ return 3;
+ }
+ }
+ }
/* Get the list and print it */
if (level)
@@ -72,6 +83,12 @@ int main(int argc, char **argv)
for (i = 0; list[i]; i++)
puts(list[i]);
freeconary(list);
+
+ if (ret == 0 && verbose)
+ fprintf(stderr, "No valid contexts found.\n");
+ } else {
+ if (verbose)
+ fprintf(stderr, "get_ordered_context_list%s failed.\n", level ? "_with_level" : "");
}
free(level);
--
2.25.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] libselinux/getconlist: add verbose switch to print more information
2020-02-19 20:27 [PATCH] libselinux/getconlist: add verbose switch to print more information Christian Göttsche
@ 2020-02-25 14:33 ` Stephen Smalley
0 siblings, 0 replies; 2+ messages in thread
From: Stephen Smalley @ 2020-02-25 14:33 UTC (permalink / raw)
To: Christian Göttsche; +Cc: selinux
On Wed, Feb 19, 2020 at 3:28 PM Christian Göttsche
<cgzones@googlemail.com> wrote:
>
> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
I don't have any strong opinion on the patch itself but am unclear on
the motivation for it.
More generally, the libselinux utils could stand an overhaul:
- a number of them are really just examples or tests of using the
libselinux APIs and not really suitable for end users in their current
form,
- some of them should be prefixed with some kind of namespacing (e.g.
se or selinux) to avoid potential conflicts,
- there is overlap among getdefaultcon, getconlist, and getseuser;
probably should be coalesced or some dropped
I think Fedora renames some of them and omits of them from its package.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-02-25 14:31 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-19 20:27 [PATCH] libselinux/getconlist: add verbose switch to print more information Christian Göttsche
2020-02-25 14:33 ` Stephen Smalley
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).