| Stephen Smalley | 01a58af | 2012-10-02 12:46:37 -0400 | [diff] [blame] | 1 | #include <stdio.h> |
| 2 | #include <stdlib.h> |
| 3 | #include <sepol/sepol.h> |
| 4 | #include <selinux/selinux.h> |
| 5 | #include <selinux/label.h> |
| 6 | |
| 7 | static int nerr; |
| 8 | |
| 9 | static int validate(char **contextp) |
| 10 | { |
| 11 | char *context = *contextp; |
| 12 | if (sepol_check_context(context) < 0) { |
| 13 | nerr++; |
| 14 | return -1; |
| 15 | } |
| 16 | return 0; |
| 17 | } |
| 18 | |
| 19 | int main(int argc, char **argv) |
| 20 | { |
| 21 | struct selinux_opt opts[] = { |
| 22 | { SELABEL_OPT_VALIDATE, (void*)1 }, |
| 23 | { SELABEL_OPT_PATH, NULL } |
| 24 | }; |
| 25 | FILE *fp; |
| 26 | struct selabel_handle *sehnd; |
| 27 | |
| 28 | if (argc != 3) { |
| 29 | fprintf(stderr, "usage: %s policy file_contexts\n", argv[0]); |
| 30 | exit(1); |
| 31 | } |
| 32 | |
| 33 | fp = fopen(argv[1], "r"); |
| 34 | if (!fp) { |
| 35 | perror(argv[1]); |
| 36 | exit(2); |
| 37 | } |
| 38 | if (sepol_set_policydb_from_file(fp) < 0) { |
| 39 | fprintf(stderr, "Error loading policy from %s\n", argv[1]); |
| 40 | exit(3); |
| 41 | } |
| 42 | |
| 43 | selinux_set_callback(SELINUX_CB_VALIDATE, |
| 44 | (union selinux_callback)&validate); |
| 45 | |
| 46 | |
| 47 | opts[1].value = argv[2]; |
| 48 | sehnd = selabel_open(SELABEL_CTX_FILE, opts, 2); |
| 49 | if (!sehnd) { |
| 50 | fprintf(stderr, "Error loading file contexts from %s\n", argv[2]); |
| 51 | exit(4); |
| 52 | } |
| 53 | if (nerr) { |
| 54 | fprintf(stderr, "Invalid file contexts found in %s\n", argv[2]); |
| 55 | exit(5); |
| 56 | } |
| 57 | exit(0); |
| 58 | } |