On Wed, Nov 1, 2023 at 12:38 PM Christian Göttsche
<cgzones@xxxxxxxxxxxxxx> wrote:
>
> * mention -r <role> and -v command line options in usage string
> * use distinct error messages on getseuser(3) and
> get_default_context_with_[role]level(3) failure
> * always print program name on error
> * drop unnecessary double parenthesis
>
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Acked-by: James Carter <jwcart2@xxxxxxxxx>
> ---
> libselinux/utils/getdefaultcon.c | 40 ++++++++++++++++++--------------
> 1 file changed, 23 insertions(+), 17 deletions(-)
>
> diff --git a/libselinux/utils/getdefaultcon.c b/libselinux/utils/getdefaultcon.c
> index 93102e5e..50f1ea91 100644
> --- a/libselinux/utils/getdefaultcon.c
> +++ b/libselinux/utils/getdefaultcon.c
> @@ -11,7 +11,7 @@
>
> static __attribute__ ((__noreturn__)) void usage(const char *name, const char *detail, int rc)
> {
> - fprintf(stderr, "usage: %s [-l level] [-s service] user [fromcon]\n", name);
> + fprintf(stderr, "usage: %s [-r role] [-l level] [-s service] [-v] user [fromcon]\n", name);
> if (detail)
> fprintf(stderr, "%s: %s\n", name, detail);
> exit(rc);
> @@ -60,9 +60,9 @@ int main(int argc, char **argv)
> user = argv[optind];
>
> /* If a context wasn't passed, use the current context. */
> - if (((argc - optind) < 2)) {
> + if ((argc - optind) < 2) {
> if (getcon(&cur_context) < 0) {
> - fprintf(stderr, "Couldn't get current context: %s\n", strerror(errno));
> + fprintf(stderr, "%s: couldn't get current context: %s\n", argv[0], strerror(errno));
> return 2;
> }
> } else
> @@ -73,23 +73,29 @@ int main(int argc, char **argv)
> return 3;
> }
>
> - if ((ret = getseuser(user, service, &seuser, &dlevel)) == 0) {
> - if (! level) level=dlevel;
> - if (role != NULL && role[0])
> - ret=get_default_context_with_rolelevel(seuser, role, level,cur_context,&usercon);
> - else
> - ret=get_default_context_with_level(seuser, level, cur_context,&usercon);
> + ret = getseuser(user, service, &seuser, &dlevel);
> + if (ret) {
> + fprintf(stderr, "%s: failed to get seuser: %s\n", argv[0], strerror(errno));
> + goto out;
> }
> - if (ret < 0)
> - perror(argv[0]);
> - else {
> - if (verbose) {
> - printf("%s: %s from %s %s %s %s -> %s\n", argv[0], user, cur_context, seuser, role, level, usercon);
> - } else {
> - printf("%s\n", usercon);
> - }
> +
> + if (! level) level=dlevel;
> + if (role != NULL && role[0])
> + ret = get_default_context_with_rolelevel(seuser, role, level, cur_context, &usercon);
> + else
> + ret = get_default_context_with_level(seuser, level, cur_context, &usercon);
> + if (ret) {
> + fprintf(stderr, "%s: failed to get default context: %s\n", argv[0], strerror(errno));
> + goto out;
> + }
> +
> + if (verbose) {
> + printf("%s: %s from %s %s %s %s -> %s\n", argv[0], user, cur_context, seuser, role, level, usercon);
> + } else {
> + printf("%s\n", usercon);
> }
>
> +out:
> free(role);
> free(seuser);
> if (level != dlevel) free(level);
> --
> 2.42.0
>
