16cd6a6acSopenharmony_ci#include <stdio.h>
26cd6a6acSopenharmony_ci#include <stdlib.h>
36cd6a6acSopenharmony_ci#include <string.h>
46cd6a6acSopenharmony_ci#include <unistd.h>
56cd6a6acSopenharmony_ci#include <selinux/selinux.h>
66cd6a6acSopenharmony_ci
76cd6a6acSopenharmony_cistatic __attribute__ ((__noreturn__)) void usage(const char *progname)
86cd6a6acSopenharmony_ci{
96cd6a6acSopenharmony_ci	fprintf(stderr, "usage:  %s [-a auditdata] scon tcon class perm\n"
106cd6a6acSopenharmony_ci		"\nWhere:\n\t"
116cd6a6acSopenharmony_ci		"-a  Optional information added to audit message.\n",
126cd6a6acSopenharmony_ci		progname);
136cd6a6acSopenharmony_ci	exit(1);
146cd6a6acSopenharmony_ci}
156cd6a6acSopenharmony_ci
166cd6a6acSopenharmony_cistatic int cb_auditinfo(void *auditdata,
176cd6a6acSopenharmony_ci			__attribute__((unused))security_class_t class,
186cd6a6acSopenharmony_ci			char *msgbuf, size_t msgbufsize)
196cd6a6acSopenharmony_ci{
206cd6a6acSopenharmony_ci	return snprintf(msgbuf, msgbufsize, "%s", (char *)auditdata);
216cd6a6acSopenharmony_ci}
226cd6a6acSopenharmony_ci
236cd6a6acSopenharmony_ciint main(int argc, char **argv)
246cd6a6acSopenharmony_ci{
256cd6a6acSopenharmony_ci	int opt, rc;
266cd6a6acSopenharmony_ci	char *audit_msg = NULL;
276cd6a6acSopenharmony_ci
286cd6a6acSopenharmony_ci	while ((opt = getopt(argc, argv, "a:")) != -1) {
296cd6a6acSopenharmony_ci		switch (opt) {
306cd6a6acSopenharmony_ci		case 'a':
316cd6a6acSopenharmony_ci			audit_msg = optarg;
326cd6a6acSopenharmony_ci			break;
336cd6a6acSopenharmony_ci		default:
346cd6a6acSopenharmony_ci			usage(argv[0]);
356cd6a6acSopenharmony_ci		}
366cd6a6acSopenharmony_ci	}
376cd6a6acSopenharmony_ci
386cd6a6acSopenharmony_ci	if ((argc - optind) != 4)
396cd6a6acSopenharmony_ci		usage(argv[0]);
406cd6a6acSopenharmony_ci
416cd6a6acSopenharmony_ci	if (audit_msg)
426cd6a6acSopenharmony_ci		selinux_set_callback(SELINUX_CB_AUDIT,
436cd6a6acSopenharmony_ci				     (union selinux_callback)cb_auditinfo);
446cd6a6acSopenharmony_ci
456cd6a6acSopenharmony_ci	rc = selinux_check_access(argv[optind], argv[optind + 1],
466cd6a6acSopenharmony_ci				  argv[optind + 2], argv[optind + 3],
476cd6a6acSopenharmony_ci				  audit_msg);
486cd6a6acSopenharmony_ci	if (rc < 0)
496cd6a6acSopenharmony_ci		perror("selinux_check_access");
506cd6a6acSopenharmony_ci
516cd6a6acSopenharmony_ci	return rc;
526cd6a6acSopenharmony_ci}
53