On Thu, Nov 2, 2023 at 11:42 AM James Carter <jwcart2@xxxxxxxxx> wrote:
>
> On Wed, Nov 1, 2023 at 12:38 PM Christian Göttsche
> <cgzones@xxxxxxxxxxxxxx> wrote:
> >
> > * mention -r <role> and -v command line options in usage string
> > * use distinct error messages on getseuser(3) and
> > get_default_context_with_[role]level(3) failure
> > * always print program name on error
> > * drop unnecessary double parenthesis
> >
> > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
>
> Acked-by: James Carter <jwcart2@xxxxxxxxx>
>
Merged.
Thanks,
Jim
> > ---
> > libselinux/utils/getdefaultcon.c | 40 ++++++++++++++++++--------------
> > 1 file changed, 23 insertions(+), 17 deletions(-)
> >
> > diff --git a/libselinux/utils/getdefaultcon.c b/libselinux/utils/getdefaultcon.c
> > index 93102e5e..50f1ea91 100644
> > --- a/libselinux/utils/getdefaultcon.c
> > +++ b/libselinux/utils/getdefaultcon.c
> > @@ -11,7 +11,7 @@
> >
> > static __attribute__ ((__noreturn__)) void usage(const char *name, const char *detail, int rc)
> > {
> > - fprintf(stderr, "usage: %s [-l level] [-s service] user [fromcon]\n", name);
> > + fprintf(stderr, "usage: %s [-r role] [-l level] [-s service] [-v] user [fromcon]\n", name);
> > if (detail)
> > fprintf(stderr, "%s: %s\n", name, detail);
> > exit(rc);
> > @@ -60,9 +60,9 @@ int main(int argc, char **argv)
> > user = argv[optind];
> >
> > /* If a context wasn't passed, use the current context. */
> > - if (((argc - optind) < 2)) {
> > + if ((argc - optind) < 2) {
> > if (getcon(&cur_context) < 0) {
> > - fprintf(stderr, "Couldn't get current context: %s\n", strerror(errno));
> > + fprintf(stderr, "%s: couldn't get current context: %s\n", argv[0], strerror(errno));
> > return 2;
> > }
> > } else
> > @@ -73,23 +73,29 @@ int main(int argc, char **argv)
> > return 3;
> > }
> >
> > - if ((ret = getseuser(user, service, &seuser, &dlevel)) == 0) {
> > - if (! level) level=dlevel;
> > - if (role != NULL && role[0])
> > - ret=get_default_context_with_rolelevel(seuser, role, level,cur_context,&usercon);
> > - else
> > - ret=get_default_context_with_level(seuser, level, cur_context,&usercon);
> > + ret = getseuser(user, service, &seuser, &dlevel);
> > + if (ret) {
> > + fprintf(stderr, "%s: failed to get seuser: %s\n", argv[0], strerror(errno));
> > + goto out;
> > }
> > - if (ret < 0)
> > - perror(argv[0]);
> > - else {
> > - if (verbose) {
> > - printf("%s: %s from %s %s %s %s -> %s\n", argv[0], user, cur_context, seuser, role, level, usercon);
> > - } else {
> > - printf("%s\n", usercon);
> > - }
> > +
> > + if (! level) level=dlevel;
> > + if (role != NULL && role[0])
> > + ret = get_default_context_with_rolelevel(seuser, role, level, cur_context, &usercon);
> > + else
> > + ret = get_default_context_with_level(seuser, level, cur_context, &usercon);
> > + if (ret) {
> > + fprintf(stderr, "%s: failed to get default context: %s\n", argv[0], strerror(errno));
> > + goto out;
> > + }
> > +
> > + if (verbose) {
> > + printf("%s: %s from %s %s %s %s -> %s\n", argv[0], user, cur_context, seuser, role, level, usercon);
> > + } else {
> > + printf("%s\n", usercon);
> > }
> >
> > +out:
> > free(role);
> > free(seuser);
> > if (level != dlevel) free(level);
> > --
> > 2.42.0
> >
