ia64/xen-unstable

view tools/security/getlabel.sh @ 7778:0b4596caf761

nloopbacks default is now 8. So vifnum of greater than 7 requires
an adjustment to nloopbacks. Warning comment updated.

Signed-off-by: Nivedita Singhvi (niv@us.ibm.com)
author kaf24@firebug.cl.cam.ac.uk
date Fri Nov 11 10:46:36 2005 +0100 (2005-11-11)
parents d6ebcfc5a30b
children 8aac8746047b
line source
1 #!/bin/sh
2 # *
3 # * getlabel
4 # *
5 # * Copyright (C) 2005 IBM Corporation
6 # *
7 # * Authors:
8 # * Stefan Berger <stefanb@us.ibm.com>
9 # *
10 # * This program is free software; you can redistribute it and/or
11 # * modify it under the terms of the GNU General Public License as
12 # * published by the Free Software Foundation, version 2 of the
13 # * License.
14 # *
15 # * 'getlabel' tries to find the labels corresponding to the ssidref
16 # *
17 # * 'getlabel -?' shows the usage of the program
18 # *
19 # * 'getlabel -sid <ssidref> [<policy name>]' lists the label corresponding
20 # * to the given ssidref.
21 # *
22 # * 'getlabel -dom <domain id> [<policy name>]' lists the label of the
23 # * domain with given id
24 # *
25 #
27 if [ -z "$runbash" ]; then
28 runbash="1"
29 export runbash
30 exec sh -c "bash $0 $*"
31 fi
34 export PATH=$PATH:.
35 source labelfuncs.sh
37 usage ()
38 {
39 echo "Use this tool to display the label of a domain or the label that is
40 corresponding to an ssidref given the name of the running policy.
42 Usage: $0 -sid <ssidref> [<policy name>] or
43 $0 -dom <domid> [<policy name>]
45 policy name : the name of the policy, i.e. 'chwall'
46 If the policy name is omitted, the grub.conf
47 entry of the running system is tried to be read
48 and the policy name determined from there.
49 ssidref : an ssidref in hex or decimal format, i.e., '0x00010002'
50 or '65538'
51 domid : id of the domain, i.e., '1'; Use numbers from the 2nd
52 column shown when invoking 'xm list'
53 "
54 }
58 if [ "$1" == "-?" ]; then
59 mode="usage"
60 elif [ "$1" == "-dom" ]; then
61 mode="domid"
62 shift
63 elif [ "$1" == "-sid" ]; then
64 mode="sid"
65 shift
66 elif [ "$1" == "" ]; then
67 usage
68 exit -1
69 fi
72 if [ "$mode" == "usage" ]; then
73 usage
74 elif [ "$mode" == "domid" ]; then
75 if [ "$2" == "" ]; then
76 findGrubConf
77 ret=$?
78 if [ $ret -eq 0 ]; then
79 echo "Could not find grub.conf"
80 exit -1;
81 fi
82 findPolicyInGrub $grubconf
83 if [ "$policy" != "" ]; then
84 echo "Assuming policy to be '$policy'.";
85 else
86 echo "Could not find policy."
87 exit -1;
88 fi
89 else
90 policy=$2
91 fi
92 findMapFile $policy
93 res=$?
94 if [ "$res" != "0" ]; then
95 getSSIDUsingSecpolTool $1
96 res=$?
97 if [ "$res" != "0" ]; then
98 translateSSIDREF $ssid $mapfile
99 else
100 echo "Could not determine the SSID of the domain."
101 fi
102 else
103 echo "Could not find map file for policy '$policy'."
104 fi
105 elif [ "$mode" == "sid" ]; then
106 if [ "$2" == "" ]; then
107 findGrubConf
108 ret=$?
109 if [ $ret -eq 0 ]; then
110 echo "Could not find grub.conf"
111 exit -1;
112 fi
113 findPolicyInGrub $grubconf
114 if [ "$policy" != "" ]; then
115 echo "Assuming policy to be '$policy'.";
116 else
117 echo "Could not find policy."
118 exit -1;
119 fi
120 else
121 policy=$2
122 fi
123 findMapFile $policy
124 res=$?
125 if [ "$res" != "0" ]; then
126 translateSSIDREF $1 $mapfile
127 else
128 echo "Could not find map file for policy '$policy'."
129 fi
131 else
132 usage
133 fi