1 #include <unistd.h>
2 #include <stdlib.h>
3 #include <stdio.h>
4 #include <errno.h>
5 #include <getopt.h>
6 #include <string.h>
7 #include <selinux/selinux.h>
8 #include <sepol/sepol.h>
9 #ifdef USE_NLS
10 #include <locale.h>		/* for setlocale() */
11 #include <libintl.h>		/* for gettext() */
12 #define _(msgid) gettext (msgid)
13 #else
14 #define _(msgid) (msgid)
15 #endif
16 #ifndef PACKAGE
17 #define PACKAGE "policycoreutils"	/* the name of this package lang translation */
18 #endif
19 
usage(char * progname)20 void usage(char *progname)
21 {
22 	fprintf(stderr, _("usage:  %s [-qi]\n"), progname);
23 	exit(1);
24 }
25 
main(int argc,char ** argv)26 int main(int argc, char **argv)
27 {
28 	int ret, opt, quiet = 0, nargs, init=0, enforce=0;
29 
30 #ifdef USE_NLS
31 	setlocale(LC_ALL, "");
32 	bindtextdomain(PACKAGE, LOCALEDIR);
33 	textdomain(PACKAGE);
34 #endif
35 
36 	while ((opt = getopt(argc, argv, "bqi")) > 0) {
37 		switch (opt) {
38 		case 'b':
39 			fprintf(stderr, "%s:  Warning! The -b option is no longer supported, booleans are always preserved across reloads.  Continuing...\n",
40 				argv[0]);
41 			break;
42 		case 'q':
43 			quiet = 1;
44 			sepol_debug(0);
45 			break;
46 		case 'i':
47 			init = 1;
48 			break;
49 		default:
50 			usage(argv[0]);
51 		}
52 	}
53 
54 	nargs = argc - optind;
55 	if (nargs > 2)
56 		usage(argv[0]);
57 	if (nargs >= 1 && !quiet) {
58 			fprintf(stderr,
59 				"%s:  Warning!  Policy file argument (%s) is no longer supported, installed policy is always loaded.  Continuing...\n",
60 				argv[0], argv[optind++]);
61 	}
62 	if (nargs == 2 && ! quiet) {
63 		fprintf(stderr,
64 			"%s:  Warning!  Boolean file argument (%s) is no longer supported, installed booleans file is always used.  Continuing...\n",
65 			argv[0], argv[optind++]);
66 	}
67 	if (init) {
68 		if (is_selinux_enabled() == 1) {
69 			/* SELinux is already enabled, we should not do an initial load again */
70 			fprintf(stderr,
71 					_("%s:  Policy is already loaded and initial load requested\n"),
72 					argv[0]);
73 			exit(2);
74 		}
75 		ret = selinux_init_load_policy(&enforce);
76 		if (ret != 0 ) {
77 			if (enforce > 0) {
78 				/* SELinux in enforcing mode but load_policy failed */
79 				fprintf(stderr,
80 						_("%s:  Can't load policy and enforcing mode requested:  %s\n"),
81 						argv[0], strerror(errno));
82 				exit(3);
83 			}
84 		}
85 	}
86 	else {
87 		ret = selinux_mkload_policy(1);
88 	}
89 	if (ret < 0) {
90 		fprintf(stderr, _("%s:  Can't load policy:  %s\n"),
91 			argv[0], strerror(errno));
92 		exit(2);
93 	}
94 	exit(0);
95 }
96