busybox

/*

  setfiles: based on policycoreutils 2.0.19

  policycoreutils was released under GPL 2.

  Port to BusyBox (c) 2007 by Yuichi Nakamura <ynakam@hitachisoft.jp>

*/

//config:config SETFILES

//config:   bool "setfiles"

//config:   default n

//config:   depends on SELINUX

//config:   help

//config:     Enable support to modify to relabel files.

//config:     Notice: If you built libselinux with -D_FILE_OFFSET_BITS=64,

//config:     (It is default in libselinux's Makefile), you _must_ enable

//config:     CONFIG_LFS.

//config:

//config:config FEATURE_SETFILES_CHECK_OPTION

//config:   bool "Enable check option"

//config:   default n

//config:   depends on SETFILES

//config:   help

//config:     Support "-c" option (check the validity of the contexts against

//config:     the specified binary policy) for setfiles. Requires libsepol.

//config:

//config:config RESTORECON

//config:   bool "restorecon"

//config:   default n

//config:   depends on SELINUX

//config:   help

//config:     Enable support to relabel files. The feature is almost

//config:     the same as setfiles, but usage is a little different.

​

//applet:IF_SETFILES(APPLET(setfiles, BB_DIR_SBIN, BB_SUID_DROP))

//                     APPLET_ODDNAME:name        main      location     suid_type     help

//applet:IF_RESTORECON(APPLET_ODDNAME(restorecon, setfiles, BB_DIR_SBIN, BB_SUID_DROP, restorecon))

​

//kbuild:lib-$(CONFIG_SETFILES) += setfiles.o

//kbuild:lib-$(CONFIG_RESTORECON) += setfiles.o

​

//usage:#define setfiles_trivial_usage

//usage:       "[-dnpqsvW] [-e DIR]... [-o FILE] [-r alt_root_path]"

//usage:    IF_FEATURE_SETFILES_CHECK_OPTION(

//usage:       " [-c policyfile] spec_file"

//usage:    )

//usage:       " pathname"

//usage:#define setfiles_full_usage "\n\n"

//usage:       "Reset file contexts under pathname according to spec_file\n"

//usage:    IF_FEATURE_SETFILES_CHECK_OPTION(

//usage:     "\n    -c FILE Check the validity of the contexts against the specified binary policy"

//usage:    )

//usage:     "\n    -d  Show which specification matched each file"

//usage:     "\n    -l  Log changes in file labels to syslog"

//TODO: log to syslog is not yet implemented, it goes to stdout only now

//usage:     "\n    -n  Don't change any file labels"

//usage:     "\n    -q  Suppress warnings"

//usage:     "\n    -r DIR  Use an alternate root path"

//usage:     "\n    -e DIR  Exclude DIR"

//usage:     "\n    -F  Force reset of context to match file_context for customizable files"

//usage:     "\n    -o FILE Save list of files with incorrect context"

//usage:     "\n    -s  Take a list of files from stdin (instead of command line)"

//usage:     "\n    -v  Show changes in file labels, if type or role are changing"

//usage:     "\n    -vv Show changes in file labels, if type, role, or user are changing"

//usage:     "\n    -W  Display warnings about entries that had no matching files"

//usage: