Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
libselinux/utils/getconlist.c | 25 +++++++++++++++++++++----
1 file changed, 21 insertions(+), 4 deletions(-)
diff --git a/libselinux/utils/getconlist.c b/libselinux/utils/getconlist.c
index 29c16640..8841c96f 100644
--- a/libselinux/utils/getconlist.c
+++ b/libselinux/utils/getconlist.c
@@ -11,7 +11,7 @@
static __attribute__ ((__noreturn__)) void usage(const char *name, const char *detail, int rc)
{
- fprintf(stderr, "usage: %s [-l level] user [context]\n", name);
+ fprintf(stderr, "usage: %s [-l level] user [context] [-v]\n", name);
if (detail)
fprintf(stderr, "%s: %s\n", name, detail);
exit(rc);
@@ -21,9 +21,9 @@ int main(int argc, char **argv)
{
char **list, *cur_context = NULL;
char *user = NULL, *level = NULL;
- int ret, i, opt;
+ int ret, i, opt, verbose = 0;
- while ((opt = getopt(argc, argv, "l:")) > 0) {
+ while ((opt = getopt(argc, argv, "l:v")) > 0) {
switch (opt) {
case 'l':
level = strdup(optarg);
@@ -33,6 +33,9 @@ int main(int argc, char **argv)
return 3;
}
break;
+ case 'v':
+ verbose = 1;
+ break;
default:
usage(argv[0], "invalid option", 1);
}
@@ -58,8 +61,16 @@ int main(int argc, char **argv)
free(level);
return 2;
}
- } else
+ } else {
cur_context = argv[optind + 1];
+ if (verbose) {
+ if (security_check_context(cur_context) != 0) {
+ fprintf(stderr, "Given context '%s' is invalid.\n", cur_context);
+ free(level);
+ return 3;
+ }
+ }
+ }
/* Get the list and print it */
if (level)
@@ -72,6 +83,12 @@ int main(int argc, char **argv)
for (i = 0; list[i]; i++)
puts(list[i]);
freeconary(list);
+
+ if (ret == 0 && verbose)
+ fprintf(stderr, "No valid contexts found.\n");
+ } else {
+ if (verbose)
+ fprintf(stderr, "get_ordered_context_list%s failed.\n", level ? "_with_level" : "");
}
free(level);
--
2.25.1
