mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2024-12-08 23:03:46 +00:00
105 lines
2.1 KiB
Diff
105 lines
2.1 KiB
Diff
|
--- init.c.orig 2005-04-18 15:12:41.000000000 -0500
|
||
|
+++ init.c 2005-04-18 15:35:35.000000000 -0500
|
||
|
@@ -42,6 +42,10 @@
|
||
|
#include <stdarg.h>
|
||
|
#include <sys/syslog.h>
|
||
|
#include <sys/time.h>
|
||
|
+#include <sys/mman.h>
|
||
|
+#include <sys/mount.h>
|
||
|
+
|
||
|
+int no_selinux = 0;
|
||
|
|
||
|
#ifdef __i386__
|
||
|
# if (__GLIBC__ >= 2)
|
||
|
@@ -2591,6 +2595,65 @@
|
||
|
return 1;
|
||
|
}
|
||
|
|
||
|
+int security_load_policy(void *data, size_t len)
|
||
|
+{
|
||
|
+ int fd, ret;
|
||
|
+
|
||
|
+ fd = open("/selinux/load", O_RDWR);
|
||
|
+ if (fd < 0)
|
||
|
+ return -1;
|
||
|
+ ret = write(fd, data, len);
|
||
|
+ close(fd);
|
||
|
+ if (ret < 0)
|
||
|
+ return -1;
|
||
|
+ return 0;
|
||
|
+}
|
||
|
+
|
||
|
+int load_policy(void)
|
||
|
+{
|
||
|
+ int ret;
|
||
|
+ int fd;
|
||
|
+ void *map;
|
||
|
+ struct stat sb;
|
||
|
+
|
||
|
+ ret = mount("none", "/selinux", "selinuxfs", 0, 0);
|
||
|
+ if (ret < 0) {
|
||
|
+ initlog(L_VB, "SELinux: failed to mount /selinux (errno=%d)\n",
|
||
|
+ errno);
|
||
|
+ return ret;
|
||
|
+ }
|
||
|
+
|
||
|
+ fd = open("/etc/policy.bin", O_RDONLY);
|
||
|
+ if (fd < 0) {
|
||
|
+ initlog(L_VB, "SELinux: couldn't find /etc/policy.bin (errno=%d)\n",
|
||
|
+ errno);
|
||
|
+ return -1;
|
||
|
+ }
|
||
|
+
|
||
|
+ ret = fstat(fd, &sb);
|
||
|
+ if (ret < 0) {
|
||
|
+ initlog(L_VB, "Can't stat /etc/policy.bin (errno=%d)\n",
|
||
|
+ errno);
|
||
|
+ close(fd);
|
||
|
+ return ret;
|
||
|
+ }
|
||
|
+ map = mmap(NULL, sb.st_size, PROT_READ, MAP_SHARED, fd, 0);
|
||
|
+ if (map == MAP_FAILED) {
|
||
|
+ initlog(L_VB, "Can't map /etc/policy.bin (errno=%d\n",
|
||
|
+ errno);
|
||
|
+ close(fd);
|
||
|
+ return -1;
|
||
|
+ }
|
||
|
+
|
||
|
+ ret = security_load_policy(map, sb.st_size);
|
||
|
+ if (ret < 0) {
|
||
|
+ initlog(L_VB, "security_load_policy failed\n");
|
||
|
+ }
|
||
|
+
|
||
|
+ close(fd);
|
||
|
+ return ret;
|
||
|
+}
|
||
|
+
|
||
|
/*
|
||
|
* Main entry for init and telinit.
|
||
|
*/
|
||
|
@@ -2651,6 +2714,8 @@
|
||
|
putenv("AUTOBOOT=YES");
|
||
|
else if (!strcmp(argv[f], "-b") || !strcmp(argv[f],"emergency"))
|
||
|
emerg_shell = 1;
|
||
|
+ else if (!strcmp(argv[f], "-p") || !strcmp(argv[f],"noselinux"))
|
||
|
+ no_selinux = 1;
|
||
|
else if (!strcmp(argv[f], "-z")) {
|
||
|
/* Ignore -z xxx */
|
||
|
if (argv[f + 1]) f++;
|
||
|
@@ -2662,6 +2727,15 @@
|
||
|
maxproclen += strlen(argv[f]) + 1;
|
||
|
}
|
||
|
|
||
|
+ if (!no_selinux) {
|
||
|
+ if (load_policy() != 0) {
|
||
|
+ printf("Failed to load SELinux policy.\n");
|
||
|
+ exit(1);
|
||
|
+ }
|
||
|
+ printf("SELinux policy loaded.\n");
|
||
|
+ } else
|
||
|
+ printf("Disabling SELinux by your command\n");
|
||
|
+
|
||
|
/* Start booting. */
|
||
|
argv0 = argv[0];
|
||
|
argv[1] = NULL;
|