1#include <stdio.h> 2#include <stdlib.h> 3#include <string.h> 4#include <unistd.h> 5#include <selinux/selinux.h> 6 7static __attribute__ ((__noreturn__)) void usage(const char *progname) 8{ 9 fprintf(stderr, "usage: %s [-a auditdata] scon tcon class perm\n" 10 "\nWhere:\n\t" 11 "-a Optional information added to audit message.\n", 12 progname); 13 exit(1); 14} 15 16static int cb_auditinfo(void *auditdata, 17 __attribute__((unused))security_class_t class, 18 char *msgbuf, size_t msgbufsize) 19{ 20 return snprintf(msgbuf, msgbufsize, "%s", (char *)auditdata); 21} 22 23int main(int argc, char **argv) 24{ 25 int opt, rc; 26 char *audit_msg = NULL; 27 28 while ((opt = getopt(argc, argv, "a:")) != -1) { 29 switch (opt) { 30 case 'a': 31 audit_msg = optarg; 32 break; 33 default: 34 usage(argv[0]); 35 } 36 } 37 38 if ((argc - optind) != 4) 39 usage(argv[0]); 40 41 if (audit_msg) 42 selinux_set_callback(SELINUX_CB_AUDIT, 43 (union selinux_callback)cb_auditinfo); 44 45 rc = selinux_check_access(argv[optind], argv[optind + 1], 46 argv[optind + 2], argv[optind + 3], 47 audit_msg); 48 if (rc < 0) 49 perror("selinux_check_access"); 50 51 return rc; 52} 53