| Message ID | 20230706134819.41903-1-cgzones@googlemail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Delegated to: | Petr Lautrbach |
| Headers | show |
| Series | libselinux/utils: introduce getpolicyload | expand |
On Thu, Jul 6, 2023 at 9:58 AM Christian Göttsche <cgzones@googlemail.com> wrote: > > Introduce a helper binary to print the number of policy reloads on the > running system. > Print only a single number to ease the usage by scripts. > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > --- > libselinux/utils/getpolicyload.c | 29 +++++++++++++++++++++++++++++ > 1 file changed, 29 insertions(+) > create mode 100644 libselinux/utils/getpolicyload.c > > diff --git a/libselinux/utils/getpolicyload.c b/libselinux/utils/getpolicyload.c > new file mode 100644 > index 00000000..53217ff5 > --- /dev/null > +++ b/libselinux/utils/getpolicyload.c > @@ -0,0 +1,29 @@ > +#include <stdio.h> > +#include <stdlib.h> > + > +#include <selinux/avc.h> > + > + > +int main() { Should be: int main(int argc __attribute__ ((unused)), char* argv[] __attribute__ ((unused))) { > + int rc; > + > + /* Extra whitespace after the "*" > + * Do not use netlink as fallback, since selinux_status_policyload(3) > + * works only after a first message has been received. > + */ > + rc = selinux_status_open(/*fallback=*/0); > + if (rc < 0) { > + fprintf(stderr, "getpolicyload: failed to open SELinux status map: %m\n"); You should just use argv[0] here. > + return EXIT_FAILURE; > + } > + > + rc = selinux_status_policyload(); > + if (rc < 0) > + fprintf(stderr, "getpolicyload: failed to read policyload from SELinux status page: %m\n"); You should just use argv[0] here as well. Thanks, Jim > + else > + printf("%d\n", rc); > + > + selinux_status_close(); > + > + return (rc < 0) ? EXIT_FAILURE : EXIT_SUCCESS; > +} > -- > 2.40.1 >
diff --git a/libselinux/utils/getpolicyload.c b/libselinux/utils/getpolicyload.c new file mode 100644 index 00000000..53217ff5 --- /dev/null +++ b/libselinux/utils/getpolicyload.c @@ -0,0 +1,29 @@ +#include <stdio.h> +#include <stdlib.h> + +#include <selinux/avc.h> + + +int main() { + int rc; + + /* + * Do not use netlink as fallback, since selinux_status_policyload(3) + * works only after a first message has been received. + */ + rc = selinux_status_open(/*fallback=*/0); + if (rc < 0) { + fprintf(stderr, "getpolicyload: failed to open SELinux status map: %m\n"); + return EXIT_FAILURE; + } + + rc = selinux_status_policyload(); + if (rc < 0) + fprintf(stderr, "getpolicyload: failed to read policyload from SELinux status page: %m\n"); + else + printf("%d\n", rc); + + selinux_status_close(); + + return (rc < 0) ? EXIT_FAILURE : EXIT_SUCCESS; +}
Introduce a helper binary to print the number of policy reloads on the running system. Print only a single number to ease the usage by scripts. Signed-off-by: Christian Göttsche <cgzones@googlemail.com> --- libselinux/utils/getpolicyload.c | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 libselinux/utils/getpolicyload.c