selinux fixes by KaiGai Kohei <kaigai@kaigai.gr.jp>

diff --git a/selinux/getenforce.c b/selinux/getenforce.c
index e240e4dcaa1933e2a19e74aa2dc1f8564cf84f5e..865fed9f28ff852554f5ed816ed24e6093893342 100644 (file)
--- a/selinux/getenforce.c
+++ b/selinux/getenforce.c
@@ -8,6 +8,7 @@
 
 #include "busybox.h"
 
+int getenforce_main(int argc, char **argv);
 int getenforce_main(int argc, char **argv)
 {
        int rc;

diff --git a/selinux/getsebool.c b/selinux/getsebool.c
index d593937bad16fced7e3c068e547875d24b3a7a87..0479598fb894a4548204996af4b7853c506b7db8 100644 (file)
--- a/selinux/getsebool.c
+++ b/selinux/getsebool.c
@@ -8,6 +8,7 @@
 
 #include "busybox.h"
 
+int getsebool_main(int argc, char **argv);
 int getsebool_main(int argc, char **argv)
 {
        int i, rc = 0, active, pending, len = 0;

diff --git a/selinux/matchpathcon.c b/selinux/matchpathcon.c
index 4fa95b0efd4ee821704171ccc2f96b62a67e1d4f..c9ebbd7959a462c0220607415ee39d3a29efca99 100644 (file)
--- a/selinux/matchpathcon.c
+++ b/selinux/matchpathcon.c
@@ -29,6 +29,7 @@ static int print_matchpathcon(char *path, int noprint)
 #define OPT_PREFIX      (1<<3)  /* -p */
 #define OPT_VERIFY      (1<<4)  /* -V */
 
+int matchpathcon_main(int argc, char **argv);
 int matchpathcon_main(int argc, char **argv)
 {
        int error = 0;
@@ -41,7 +42,7 @@ int matchpathcon_main(int argc, char **argv)
        argv += optind;
 
        if (opts & OPT_NOT_TRANS) {
-               set_matchpathcon_flags(NOTRANS);
+               set_matchpathcon_flags(MATCHPATHCON_NOTRANS);
        }
        if (opts & OPT_FCONTEXT) {
                if (matchpathcon_init(fcontext))
@@ -57,7 +58,7 @@ int matchpathcon_main(int argc, char **argv)
                int rc;
 
                if (!(opts & OPT_VERIFY)) {
-                       error += print_matchpathcon(path, opt & OPT_NOT_PRINT);
+                       error += print_matchpathcon(path, opts & OPT_NOT_PRINT);
                        continue;
                }
 

diff --git a/selinux/selinuxenabled.c b/selinux/selinuxenabled.c
index b342280982bb50673d6cca0e071a41dde2f3c43f..400995af0f5ed10bf4f90bfcf2300d5ea3f8749d 100644 (file)
--- a/selinux/selinuxenabled.c
+++ b/selinux/selinuxenabled.c
@@ -7,6 +7,7 @@
  */
 #include "busybox.h"
 
+int selinuxenabled_main(int argc, char **argv);
 int selinuxenabled_main(int argc, char **argv)
 {
        return !is_selinux_enabled();

diff --git a/selinux/setenforce.c b/selinux/setenforce.c
index 670e3008630812ac88e33f36c3fe0609a5476d13..9204fcc39a0d90358a6e1c7d32eb45fb073d7f2a 100644 (file)
--- a/selinux/setenforce.c
+++ b/selinux/setenforce.c
@@ -8,12 +8,9 @@
 
 #include "busybox.h"
 
-static const smallint setenforce_mode[] = {
-       0,
-       1,
-       0,
-       1,
-};
+/* These strings are arranged so that odd ones
+ * result in security_setenforce(1) being done,
+ * the rest will do security_setenforce(0) */
 static const char *const setenforce_cmd[] = {
        "0",
        "1",
@@ -22,6 +19,7 @@ static const char *const setenforce_cmd[] = {
        NULL,
 };
 
+int setenforce_main(int argc, char **argv);
 int setenforce_main(int argc, char **argv)
 {
        int i, rc;
@@ -34,7 +32,7 @@ int setenforce_main(int argc, char **argv)
        for (i = 0; setenforce_cmd[i]; i++) {
                if (strcasecmp(argv[1], setenforce_cmd[i]) != 0)
                        continue;
-               rc = security_setenforce(setenforce_mode[i]);
+               rc = security_setenforce(i & 1);
                if (rc < 0)
                        bb_perror_msg_and_die("setenforce() failed");
                return 0;