diff mbox series

[4/5] dispol: introduce -b option to run commands in batch

Message ID 20191008064500.8651-6-yamato@redhat.com (mailing list archive)
State Changes Requested
Headers show
Series dispol: add batch execution mode | expand

Commit Message

Masatake YAMATO Oct. 8, 2019, 6:44 a.m. UTC 
dispol command requires interaction. It not suitable for using
in a script. This change introduces -b that is for running
dispol in non-interactively.

An example:

    $ ./dispol -b 1 /sys/fs/selinux/policy
    allow deltacloudd_log_t tmp_t : filesystem { associate };
    allow kern_unconfined sysctl_type : lnk_file { ioctl read ...
    ...

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
---
 checkpolicy/test/dispol.c | 49 ++++++++++++++++++++++++++++++---------
 1 file changed, 38 insertions(+), 11 deletions(-)
diff mbox series

Patch

diff --git a/checkpolicy/test/dispol.c b/checkpolicy/test/dispol.c
index 26bbba7a..0eaa830a 100644
--- a/checkpolicy/test/dispol.c
+++ b/checkpolicy/test/dispol.c
@@ -39,7 +39,7 @@  static policydb_t policydb;
 static __attribute__((__noreturn__)) void usage(const char *progname,
 						int status)
 {
-	printf("usage:  %s [-h] binary_pol_file\n\n", progname);
+	printf("usage:  %s [-h] [-b cmds] binary_pol_file\n\n", progname);
 	exit(status);
 }
 
@@ -395,14 +395,21 @@  int main(int argc, char **argv)
 	int state;
 	struct policy_file pf;
 	char *pf_name;
+	char *cmds = NULL;
 
 	if (argc <= 1)
 		usage(argv[0], 1);
 	else if (strcmp(argv[1], "-h") == 0)
 		usage(argv[0], 0);
-	else if (argc != 2)
+	else if (strcmp(argv[1], "-b") == 0) {
+		if (argc != 4)
+			usage(argv[0], 1);
+		cmds = argv[2];
+		pf_name = argv[3];
+	} else if (argc == 2)
+		pf_name = argv[1];
+	else
 		usage(argv[0], 1);
-	pf_name = argv[1];
 
 	fd = open(pf_name, O_RDONLY);
 	if (fd < 0) {
@@ -424,7 +431,8 @@  int main(int argc, char **argv)
 	}
 
 	/* read the binary policy */
-	fprintf(out_fp, "Reading policy...\n");
+	if (!cmds)
+		fprintf(out_fp, "Reading policy...\n");
 	policy_file_init(&pf);
 	pf.type = PF_USE_MEMORY;
 	pf.data = map;
@@ -433,7 +441,7 @@  int main(int argc, char **argv)
 		fprintf(stderr, "%s:  Out of memory!\n", argv[0]);
 		exit(1);
 	}
-	ret = policydb_read(&policydb, &pf, 1);
+	ret = policydb_read(&policydb, &pf, cmds == NULL);
 	if (ret) {
 		fprintf(stderr,
 			"%s:  error(s) encountered while parsing configuration\n",
@@ -441,16 +449,30 @@  int main(int argc, char **argv)
 		exit(1);
 	}
 
-	fprintf(stdout, "binary policy file loaded\n\n");
+	if (!cmds)
+		fprintf(stdout, "binary policy file loaded\n\n");
 	close(fd);
 
-	menu();
+	if (!cmds)
+		menu();
 	for (;;) {
-		printf("\nCommand (\'m\' for menu):  ");
-		if (fgets(ans, sizeof(ans), stdin) == NULL) {
-			fprintf(stderr, "fgets failed at line %d: %s\n", __LINE__,
+		if (cmds) {
+			ans[0] = *cmds++;
+			if (ans[0] == '\0')
+				ans[0] = 'q';
+			else if (strchr("7fm", ans[0])) {
+				fprintf(stderr,
+					"Unacceptable command in batch mode: %c\n",
+					ans[0]);
+				exit(1);
+			}
+		} else {
+			printf("\nCommand (\'m\' for menu):  ");
+			if (fgets(ans, sizeof(ans), stdin) == NULL) {
+				fprintf(stderr, "fgets failed at line %d: %s\n", __LINE__,
 					strerror(errno));
-			continue;
+				continue;
+			}
 		}
 		switch (ans[0]) {
 
@@ -551,6 +573,11 @@  int main(int argc, char **argv)
 			menu();
 			break;
 		default:
+			if (cmds) {
+				fprintf(stderr,
+					"Invalid command: %c\n", ans[0]);
+				exit(1);
+			}
 			printf("\nInvalid choice\n");
 			menu();
 			break;