diff options
Diffstat (limited to 'libselinux/src/reject_unknown.c')
-rw-r--r-- | libselinux/src/reject_unknown.c | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/libselinux/src/reject_unknown.c b/libselinux/src/reject_unknown.c new file mode 100644 index 00000000..5c1d3605 --- /dev/null +++ b/libselinux/src/reject_unknown.c @@ -0,0 +1,40 @@ +#include <unistd.h> +#include <sys/types.h> +#include <fcntl.h> +#include <stdlib.h> +#include <errno.h> +#include <string.h> +#include "selinux_internal.h" +#include "policy.h" +#include <stdio.h> +#include <limits.h> + +int security_reject_unknown(void) +{ + int fd, ret, reject_unknown = 0; + char path[PATH_MAX]; + char buf[20]; + + if (!selinux_mnt) { + errno = ENOENT; + return -1; + } + + snprintf(path, sizeof(path), "%s/reject_unknown", selinux_mnt); + fd = open(path, O_RDONLY | O_CLOEXEC); + if (fd < 0) + return -1; + + memset(buf, 0, sizeof(buf)); + ret = read(fd, buf, sizeof(buf) - 1); + close(fd); + if (ret < 0) + return -1; + + if (sscanf(buf, "%d", &reject_unknown) != 1) + return -1; + + return reject_unknown; +} + +hidden_def(security_reject_unknown); |