tequilaOS/platform_external_selinux
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Improve selinux utils wrappers

Browse source 
Added checks to wrapper scripts for selinux utils. Before running
commands, verify enviromental variables are set and that required files
exists. Return an error code in the event of failure.

Test: Verify audit2allow, audit2why, sediff, seinfo commands still run.
Test: Verify failure if prerequisites are not satisfied.

Change-Id: I3705a90e0a81704829aa5a5feedbfe22aec5fa55
Signed-off-by: Brian Murray <Brian@Clover.com>
This commit is contained in:
Brian Murray 2017-06-23 09:01:38 -07:00
parent e1ef2190d5
commit d72d78d969
4 changed files with 38 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
prebuilts/bin/audit2allow
View file

@ -1,5 +1,17 @@
#!/bin/sh
if [ -z "${ANDROID_HOST_OUT}" ]; then
echo 'ANDROID_HOST_OUT not set. Have you run lunch?'
exit 1
elif [ -z "${ANDROID_BUILD_TOP}" ]; then
echo 'ANDROID_BUILD_TOP not set. Have you run lunch?'
exit 1
elif [ ! -f "$ANDROID_HOST_OUT/lib64/libselinux.so" ]; then
echo "Cannot find $ANDROID_HOST_OUT/lib64/libselinux.so"
echo "Need to build project"
exit 1
fi
unamestr=`uname`
if [ "$unamestr" = "Linux" -o "$unamestr" = "linux" ]; then
export LD_PRELOAD=$ANDROID_HOST_OUT/lib64/libselinux.so
@ -7,4 +19,5 @@ if [ "$unamestr" = "Linux" -o "$unamestr" = "linux" ]; then
python $ANDROID_BUILD_TOP/external/selinux/python/audit2allow/audit2allow "$@"
else
echo "audit2allow is only supported on linux"
exit 1
fi

13
prebuilts/bin/audit2why
View file

@ -1,5 +1,17 @@
#!/bin/sh
if [ -z "${ANDROID_HOST_OUT}" ]; then
echo 'ANDROID_HOST_OUT not set. Have you run lunch?'
exit 1
elif [ -z "${ANDROID_BUILD_TOP}" ]; then
echo 'ANDROID_BUILD_TOP not set. Have you run lunch?'
exit 1
elif [ ! -f "$ANDROID_HOST_OUT/lib64/libselinux.so" ]; then
echo "Cannot find $ANDROID_HOST_OUT/lib64/libselinux.so"
echo "Need to build project"
exit 1
fi
unamestr=`uname`
if [ "$unamestr" = "Linux" -o "$unamestr" = "linux" ]; then
export LD_PRELOAD=$ANDROID_HOST_OUT/lib64/libselinux.so
@ -7,4 +19,5 @@ if [ "$unamestr" = "Linux" -o "$unamestr" = "linux" ]; then
exec python $ANDROID_BUILD_TOP/external/selinux/python/audit2allow/audit2why "$@"
else
echo "audit2why is only supported on linux"
exit 1
fi

6
prebuilts/bin/sediff
View file

@ -1,9 +1,15 @@
#!/bin/sh
if [ -z "${ANDROID_BUILD_TOP}" ]; then
echo 'ANDROID_BUILD_TOP not set. Have you run lunch?'
exit 1
fi
unamestr=`uname`
if [ "$unamestr" = "Linux" -o "$unamestr" = "linux" ]; then
export PYTHONPATH=$ANDROID_BUILD_TOP/prebuilts/python/linux-x86/2.7.5/lib/python2.7/site-packages
python $ANDROID_BUILD_TOP/external/selinux/prebuilts/bin/sediff.py "$@"
else
echo "sediff is only supported on linux"
exit 1
fi

6
prebuilts/bin/seinfo
View file

@ -1,5 +1,10 @@
#!/bin/sh
if [ -z "${ANDROID_BUILD_TOP}" ]; then
echo 'ANDROID_BUILD_TOP not set. Have you run lunch?'
exit 1
fi
unamestr=`uname`
if [ "$unamestr" = "Linux" -o "$unamestr" = "linux" ]; then
export LD_LIBRARY_PATH=$ANDROID_BUILD_TOP/external/selinux/prebuilts/lib
@ -7,4 +12,5 @@ if [ "$unamestr" = "Linux" -o "$unamestr" = "linux" ]; then
exec python $ANDROID_BUILD_TOP/external/selinux/prebuilts/bin/seinfo.py "$@"
else
echo "seinfo is only supported on linux"
exit 1
fi