[PATCH] libselinux/utils: update getdefaultcon

Christian Göttsche <cgzones@xxxxxxxxxxxxxx> · Wed, 1 Nov 2023 17:37:54 +0100

* mention -r <role> and -v command line options in usage string
* use distinct error messages on getseuser(3) and
  get_default_context_with_[role]level(3) failure
* always print program name on error
* drop unnecessary double parenthesis

Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
 libselinux/utils/getdefaultcon.c | 40 ++++++++++++++++++--------------
 1 file changed, 23 insertions(+), 17 deletions(-)

diff --git a/libselinux/utils/getdefaultcon.c b/libselinux/utils/getdefaultcon.c
index 93102e5e..50f1ea91 100644
--- a/libselinux/utils/getdefaultcon.c
+++ b/libselinux/utils/getdefaultcon.c
@@ -11,7 +11,7 @@
 
 static __attribute__ ((__noreturn__)) void usage(const char *name, const char *detail, int rc)
 {
-	fprintf(stderr, "usage:  %s [-l level] [-s service] user [fromcon]\n", name);
+	fprintf(stderr, "usage:  %s [-r role] [-l level] [-s service] [-v] user [fromcon]\n", name);
 	if (detail)
 		fprintf(stderr, "%s:  %s\n", name, detail);
 	exit(rc);
@@ -60,9 +60,9 @@ int main(int argc, char **argv)
 	user = argv[optind];
 
 	/* If a context wasn't passed, use the current context. */
-	if (((argc - optind) < 2)) {
+	if ((argc - optind) < 2) {
 		if (getcon(&cur_context) < 0) {
-			fprintf(stderr, "Couldn't get current context:  %s\n", strerror(errno));
+			fprintf(stderr, "%s:  couldn't get current context:  %s\n", argv[0], strerror(errno));
 			return 2;
 		}
 	} else
@@ -73,23 +73,29 @@ int main(int argc, char **argv)
 		return 3;
 	}
 
-	if ((ret = getseuser(user, service, &seuser, &dlevel)) == 0) {
-		if (! level) level=dlevel;
-		if (role != NULL && role[0]) 
-			ret=get_default_context_with_rolelevel(seuser, role, level,cur_context,&usercon);
-		else
-			ret=get_default_context_with_level(seuser, level, cur_context,&usercon);
+	ret = getseuser(user, service, &seuser, &dlevel);
+	if (ret) {
+		fprintf(stderr, "%s:  failed to get seuser:  %s\n", argv[0], strerror(errno));
+		goto out;
 	}
-	if (ret < 0)
-		perror(argv[0]);
-	else {
-		if (verbose) {
-			printf("%s: %s from %s %s %s %s -> %s\n", argv[0], user, cur_context, seuser, role, level, usercon);
-		} else {
-			printf("%s\n", usercon);
-		}
+
+	if (! level) level=dlevel;
+	if (role != NULL && role[0])
+		ret = get_default_context_with_rolelevel(seuser, role, level, cur_context, &usercon);
+	else
+		ret = get_default_context_with_level(seuser, level, cur_context, &usercon);
+	if (ret) {
+		fprintf(stderr, "%s:  failed to get default context:  %s\n", argv[0], strerror(errno));
+		goto out;
+	}
+
+	if (verbose) {
+		printf("%s: %s from %s %s %s %s -> %s\n", argv[0], user, cur_context, seuser, role, level, usercon);
+	} else {
+		printf("%s\n", usercon);
 	}
 
+out:
 	free(role);
 	free(seuser);
 	if (level != dlevel) free(level);
-- 
2.42.0







