1#include <unistd.h> 2#include <sys/types.h> 3#include <fcntl.h> 4#include <stdio.h> 5#include <stdlib.h> 6#include <errno.h> 7#include <string.h> 8#include <ctype.h> 9#include <selinux/selinux.h> 10 11static __attribute__ ((__noreturn__)) void usage(const char *name, const char *detail, int rc) 12{ 13 fprintf(stderr, "usage: %s command [ fromcon ]\n", name); 14 if (detail) 15 fprintf(stderr, "%s: %s\n", name, detail); 16 exit(rc); 17} 18 19static char * get_selinux_proc_context(const char *command, const char * execcon) { 20 char * fcon = NULL, *newcon = NULL; 21 22 int ret = getfilecon(command, &fcon); 23 if (ret < 0) goto err; 24 ret = security_compute_create(execcon, fcon, string_to_security_class("process"), &newcon); 25 if (ret < 0) goto err; 26 27err: 28 freecon(fcon); 29 return newcon; 30} 31 32int main(int argc, char **argv) 33{ 34 int ret = -1; 35 char * proccon = NULL, *con = NULL; 36 if (argc < 2 || argc > 3) 37 usage(argv[0], "Invalid number of arguments", -1); 38 39 if (argc == 2) { 40 if (getcon(&con) < 0) { 41 perror(argv[0]); 42 return -1; 43 } 44 } else { 45 con = strdup(argv[2]); 46 if (security_check_context(con)) { 47 fprintf(stderr, "%s: invalid from context '%s'\n", argv[0], con); 48 return -1; 49 } 50 } 51 52 proccon = get_selinux_proc_context(argv[1], con); 53 if (proccon) { 54 printf("%s\n", proccon); 55 ret = 0; 56 } else { 57 perror(argv[0]); 58 } 59 60 free(proccon); 61 free(con); 62 return ret; 63} 64