diff options
| author | Nick Kralevich <nnk@google.com> | 2015-03-12 00:51:49 +0000 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2015-03-12 00:51:49 +0000 |
| commit | 7e9fe7d86de665bcb2615d8c24de39416c48cdec (patch) | |
| tree | 6bcf247b6d8c1e0acd142234318baff7394bff22 | |
| parent | 0a92c8c4799e86d690de860f96ad6abb86357c3b (diff) | |
| parent | cee683e290244be9a0e89e8a2996f228cafb4389 (diff) | |
| download | core-7e9fe7d86de665bcb2615d8c24de39416c48cdec.tar.gz core-7e9fe7d86de665bcb2615d8c24de39416c48cdec.tar.bz2 core-7e9fe7d86de665bcb2615d8c24de39416c48cdec.zip | |
Merge "builtins: remove setenforce command"
| -rw-r--r-- | init/builtins.cpp | 9 | ||||
| -rw-r--r-- | init/init_parser.cpp | 1 | ||||
| -rw-r--r-- | init/keywords.h | 2 | ||||
| -rw-r--r-- | init/readme.txt | 4 |
4 files changed, 0 insertions, 16 deletions
diff --git a/init/builtins.cpp b/init/builtins.cpp index 1ae6bf68b..86c9c2e07 100644 --- a/init/builtins.cpp +++ b/init/builtins.cpp @@ -571,15 +571,6 @@ int do_setcon(int nargs, char **args) { return 0; } -int do_setenforce(int nargs, char **args) { - if (is_selinux_enabled() <= 0) - return 0; - if (security_setenforce(atoi(args[1])) < 0) { - return -errno; - } - return 0; -} - int do_setkey(int nargs, char **args) { struct kbentry kbe; diff --git a/init/init_parser.cpp b/init/init_parser.cpp index 76728042a..5cd46fa63 100644 --- a/init/init_parser.cpp +++ b/init/init_parser.cpp @@ -186,7 +186,6 @@ static int lookup_keyword(const char *s) if (!strcmp(s, "eclabel")) return K_seclabel; if (!strcmp(s, "ervice")) return K_service; if (!strcmp(s, "etcon")) return K_setcon; - if (!strcmp(s, "etenforce")) return K_setenforce; if (!strcmp(s, "etenv")) return K_setenv; if (!strcmp(s, "etkey")) return K_setkey; if (!strcmp(s, "etprop")) return K_setprop; diff --git a/init/keywords.h b/init/keywords.h index 60931f168..b203d2dc9 100644 --- a/init/keywords.h +++ b/init/keywords.h @@ -23,7 +23,6 @@ int do_restorecon_recursive(int nargs, char **args); int do_rm(int nargs, char **args); int do_rmdir(int nargs, char **args); int do_setcon(int nargs, char **args); -int do_setenforce(int nargs, char **args); int do_setkey(int nargs, char **args); int do_setprop(int nargs, char **args); int do_setrlimit(int nargs, char **args); @@ -84,7 +83,6 @@ enum { KEYWORD(seclabel, OPTION, 0, 0) KEYWORD(service, SECTION, 0, 0) KEYWORD(setcon, COMMAND, 1, do_setcon) - KEYWORD(setenforce, COMMAND, 1, do_setenforce) KEYWORD(setenv, OPTION, 2, 0) KEYWORD(setkey, COMMAND, 0, do_setkey) KEYWORD(setprop, COMMAND, 2, do_setprop) diff --git a/init/readme.txt b/init/readme.txt index 8161858bf..3af79241f 100644 --- a/init/readme.txt +++ b/init/readme.txt @@ -228,10 +228,6 @@ setcon <seclabel> This is typically only used from early-init to set the init context before any other process is started. -setenforce 0|1 - Set the SELinux system-wide enforcing status. - 0 is permissive (i.e. log but do not deny), 1 is enforcing. - setkey TBD |