Introduce a helper binary to print the number of policy reloads on the
running system.
Print only a single number to ease the usage by scripts.
Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
libselinux/utils/getpolicyload.c | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
create mode 100644 libselinux/utils/getpolicyload.c
diff --git a/libselinux/utils/getpolicyload.c b/libselinux/utils/getpolicyload.c
new file mode 100644
index 00000000..53217ff5
--- /dev/null
+++ b/libselinux/utils/getpolicyload.c
@@ -0,0 +1,29 @@
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <selinux/avc.h>
+
+
+int main() {
+ int rc;
+
+ /*
+ * Do not use netlink as fallback, since selinux_status_policyload(3)
+ * works only after a first message has been received.
+ */
+ rc = selinux_status_open(/*fallback=*/0);
+ if (rc < 0) {
+ fprintf(stderr, "getpolicyload: failed to open SELinux status map: %m\n");
+ return EXIT_FAILURE;
+ }
+
+ rc = selinux_status_policyload();
+ if (rc < 0)
+ fprintf(stderr, "getpolicyload: failed to read policyload from SELinux status page: %m\n");
+ else
+ printf("%d\n", rc);
+
+ selinux_status_close();
+
+ return (rc < 0) ? EXIT_FAILURE : EXIT_SUCCESS;
+}
--
2.40.1
