[PATCH 022/155] policycoreutils: setsebool should inform users they

Daniel J Walsh <dwalsh@xxxxxxxxxx> · Wed, 03 Aug 2011 16:53:31 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk45tUoACgkQrlYvE4MpobOLYgCgliAmqhGn3AlASv0OwXUDhWCg
yIQAoI/EgJ6S9IAze/9iVmKjOfgUgiP+
=xVOB
-----END PGP SIGNATURE-----
>From faf0c79ce10895b2a66c305578e4c919cd5c2eb8 Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@xxxxxxxxxx>
Date: Thu, 7 Jul 2011 15:03:51 +0200
Subject: [PATCH 022/155] policycoreutils: setsebool should inform users they
 need to be root

Add a different error message when setsebool is unable to run because
the user is not root.  This just helps people who try to change booleans
based on setroubleshoot output and don't know what went wrong.

Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---
 policycoreutils/setsebool/setsebool.c |   18 ++++++++++++++----
 1 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/policycoreutils/setsebool/setsebool.c b/policycoreutils/setsebool/setsebool.c
index dc037dd..d6c041b 100644
--- a/policycoreutils/setsebool/setsebool.c
+++ b/policycoreutils/setsebool/setsebool.c
@@ -82,8 +82,13 @@ static int selinux_set_boolean_list(size_t boolcnt,
 		if (errno == ENOENT)
 			fprintf(stderr, "Could not change active booleans: "
 				"Invalid boolean\n");
-		else if (errno)
-			perror("Could not change active booleans");
+		else if (errno) {
+			if (getuid() == 0) {
+				perror("Could not change active booleans");
+			} else {
+				perror("Could not change active booleans. Please try as root");
+			}
+		}
 
 		return -1;
 	}
@@ -115,8 +120,13 @@ static int semanage_set_boolean_list(size_t boolcnt,
 		goto err;
 
 	} else if (managed == 0) {
-		fprintf(stderr,
-			"Cannot set persistent booleans without managed policy.\n");
+		if (getuid() == 0) {
+			fprintf(stderr,
+				"Cannot set persistent booleans without managed policy.\n");
+		} else {
+			fprintf(stderr,
+				"Cannot set persistent booleans, please try as root.\n");
+		}
 		goto err;
 	}
 
-- 
1.7.6

Attachment:
0022-policycoreutils-setsebool-should-inform-users-they-n.patch.sig

Description: PGP signature




