ia64/xen-unstable

view tools/security/getlabel.sh @ 8740:3d7ea7972b39

find changesets by author, revision, files, or words in the commit message
Update patches for linux 2.6.15.

Signed-off-by: Christian Limpach <Christian.Limpach@cl.cam.ac.uk>
author cl349@firebug.cl.cam.ac.uk
date Thu Feb 02 17:16:00 2006 +0000 (2006-02-02)
parents 8aac8746047b
children
line source
1 #!/bin/sh
2 # *
3 # * getlabel
4 # *
5 # * Copyright (C) 2005 IBM Corporation
6 # *
7 # * Authors:
8 # * Stefan Berger <stefanb@us.ibm.com>
9 # *
10 # * This program is free software; you can redistribute it and/or
11 # * modify it under the terms of the GNU General Public License as
12 # * published by the Free Software Foundation, version 2 of the
13 # * License.
14 # *
15 # * 'getlabel' tries to find the labels corresponding to the ssidref
16 # *
17 # * 'getlabel -?' shows the usage of the program
18 # *
19 # * 'getlabel -sid <ssidref> [<policy name>]' lists the label corresponding
20 # * to the given ssidref.
21 # *
22 # * 'getlabel -dom <domain id> [<policy name>]' lists the label of the
23 # * domain with given id
24 # *
25 #
26
27 if [ -z "$runbash" ]; then
28 runbash="1"
29 export runbash
30 exec sh -c "bash $0 $*"
31 fi
32
33
34 export PATH=$PATH:.
35 dir=`dirname $0`
36 source $dir/labelfuncs.sh
37
38 usage ()
39 {
40 prg=`basename $0`
41 echo "Use this tool to display the label of a domain or the label that is
42 corresponding to an ssidref given the name of the running policy.
43
44 Usage: $prg -sid <ssidref> [<policy name> [<policy dir>]] or
45 $prg -dom <domid> [<policy name> [<policy dir>]]
46
47 policy name : the name of the policy, i.e. 'chwall'
48 If the policy name is omitted, the grub.conf
49 entry of the running system is tried to be read
50 and the policy name determined from there.
51 policy dir : the directory where the <policy name> policy is located
52 The default location is '/etc/xen/acm-security/policies'
53 ssidref : an ssidref in hex or decimal format, i.e., '0x00010002'
54 or '65538'
55 domid : id of the domain, i.e., '1'; Use numbers from the 2nd
56 column shown when invoking 'xm list'
57 "
58 }
59
60
61
62 if [ "$1" == "-h" ]; then
63 usage
64 exit 0
65 elif [ "$1" == "-dom" ]; then
66 mode="domid"
67 shift
68 elif [ "$1" == "-sid" ]; then
69 mode="sid"
70 shift
71 else
72 usage
73 exit -1
74 fi
75
76 setPolicyVars $2 $3
77 findMapFile $policy $policydir
78 ret=$?
79 if [ $ret -eq 0 ]; then
80 echo "Could not find map file for policy '$policy'."
81 exit -1
82 fi
83
84 if [ "$mode" == "domid" ]; then
85 getSSIDUsingSecpolTool $1
86 ret=$?
87 if [ $ret -eq 0 ]; then
88 echo "Could not determine the SSID of the domain."
89 exit -1
90 fi
91 translateSSIDREF $ssid $mapfile
92 else # mode == sid
93 translateSSIDREF $1 $mapfile
94 fi