Extend toolbox with SE Android support.

	touch \

	lsof

ifeq ($(HAVE_SELINUX),true)

TOOLS += \

	getenforce \

	setenforce \

	chcon \

	restorecon \

	runcon \

	getsebool \

	setsebool \

	load_policy

endif

ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT)))

TOOLS += r

endif

LOCAL_SHARED_LIBRARIES := libcutils libc libusbhost

ifeq ($(HAVE_SELINUX),true)

LOCAL_CFLAGS += -DHAVE_SELINUX

LOCAL_SHARED_LIBRARIES += libselinux

LOCAL_C_INCLUDES += external/libselinux/include

endif

LOCAL_MODULE:= toolbox

# Including this will define $(intermediates).

#include <unistd.h>

#include <stdio.h>

#include <stdlib.h>

#include <errno.h>

#include <selinux/selinux.h>

int chcon_main(int argc, char **argv)

{

    int rc, i;

    if (argc < 3) {

        fprintf(stderr, "usage:  %s context path...\n", argv[0]);

        exit(1);

    }

    for (i = 2; i < argc; i++) {

        rc = setfilecon(argv[i], argv[1]);

        if (rc < 0) {

            fprintf(stderr, "%s:  Could not label %s with %s:  %s\n",

                    argv[0], argv[i], argv[1], strerror(errno));

            exit(2);

        }

    }

    exit(0);

}

#include <unistd.h>

#include <stdio.h>

#include <stdlib.h>

#include <errno.h>

#include <selinux/selinux.h>

int getenforce_main(int argc, char **argv)

{

    int rc;

    rc = is_selinux_enabled();

    if (rc <= 0) {

        printf("Disabled\n");

        return 0;

    }

    rc = security_getenforce();

    if (rc < 0) {

        fprintf(stderr, "Could not get enforcing status:  %s\n",

                strerror(errno));

        return 2;

    }

    if (rc)

        printf("Enforcing\n");

    else

        printf("Permissive\n");

    return 0;

}

#include <unistd.h>

#include <stdlib.h>

#include <stdio.h>

#include <getopt.h>

#include <errno.h>

#include <string.h>

#include <selinux/selinux.h>

static void usage(const char *progname)

{

    fprintf(stderr, "usage:  %s -a or %s boolean...\n", progname, progname);

    exit(1);

}

int getsebool_main(int argc, char **argv)

{

    int i, get_all = 0, rc = 0, active, pending, len = 0, opt;

    char **names;

    while ((opt = getopt(argc, argv, "a")) > 0) {

        switch (opt) {

        case 'a':

            if (argc > 2)

                usage(argv[0]);

            if (is_selinux_enabled() <= 0) {

                fprintf(stderr, "%s:  SELinux is disabled\n",

                        argv[0]);

                return 1;

            }

            errno = 0;

            rc = security_get_boolean_names(&names, &len);

            if (rc) {

                fprintf(stderr,

                        "%s:  Unable to get boolean names:  %s\n",

                        argv[0], strerror(errno));

                return 1;

            }

            if (!len) {

                printf("No booleans\n");

                return 0;

            }

            get_all = 1;

            break;

        default:

            usage(argv[0]);

        }

    }

    if (is_selinux_enabled() <= 0) {

        fprintf(stderr, "%s:  SELinux is disabled\n", argv[0]);

        return 1;

    }

    if (!len) {

        if (argc < 2)

            usage(argv[0]);

        len = argc - 1;

        names = malloc(sizeof(char *) * len);

        if (!names) {

            fprintf(stderr, "%s:  out of memory\n", argv[0]);

            return 2;

        }

        for (i = 0; i < len; i++) {

            names[i] = strdup(argv[i + 1]);

            if (!names[i]) {

                fprintf(stderr, "%s:  out of memory\n",

                        argv[0]);

                return 2;

            }

        }

    }

    for (i = 0; i < len; i++) {

        active = security_get_boolean_active(names[i]);

        if (active < 0) {

            if (get_all && errno == EACCES)

                continue;

            fprintf(stderr, "Error getting active value for %s\n",

                    names[i]);

            rc = -1;

            goto out;

        }

        pending = security_get_boolean_pending(names[i]);

        if (pending < 0) {

            fprintf(stderr, "Error getting pending value for %s\n",

                    names[i]);

            rc = -1;

            goto out;

        }

        if (pending != active) {

            printf("%s --> %s pending: %s\n", names[i],

                   (active ? "on" : "off"),

                   (pending ? "on" : "off"));

        } else {

            printf("%s --> %s\n", names[i],

                   (active ? "on" : "off"));

        }

    }

out:

    for (i = 0; i < len; i++)

        free(names[i]);

    free(names);

    return rc;

}

#include <pwd.h>

#include <grp.h>

#ifdef HAVE_SELINUX

#include <selinux/selinux.h>

#endif

static void print_uid(uid_t uid)

{

    struct passwd *pw = getpwuid(uid);

{

    gid_t list[64];

    int n, max;

#ifdef HAVE_SELINUX

    char *secctx;

#endif

    max = getgroups(64, list);

    if (max < 0) max = 0;

            print_gid(list[n]);

        }

    }

#ifdef HAVE_SELINUX

    if (getcon(&secctx) == 0) {

        printf(" context=%s", secctx);

        free(secctx);

    }

#endif

    printf("\n");

    return 0;

}