1/* vi: set sw=4 ts=4: */ 2/* 3 * Copyright 1989 - 1991, Julianne Frances Haugh <jockgrrl@austin.rr.com> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. Neither the name of Julianne F. Haugh nor the names of its contributors 15 * may be used to endorse or promote products derived from this software 16 * without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 */ 30 31#include "libbb.h" 32#if ENABLE_SELINUX 33#include <selinux/selinux.h> /* for setexeccon */ 34#endif 35 36#if ENABLE_SELINUX 37static security_context_t current_sid; 38 39void 40renew_current_security_context(void) 41{ 42 if (current_sid) 43 freecon(current_sid); /* Release old context */ 44 getcon(¤t_sid); /* update */ 45} 46void 47set_current_security_context(security_context_t sid) 48{ 49 if (current_sid) 50 freecon(current_sid); /* Release old context */ 51 current_sid = sid; 52} 53 54#endif 55 56/* Run SHELL, or DEFAULT_SHELL if SHELL is empty. 57 If COMMAND is nonzero, pass it to the shell with the -c option. 58 If ADDITIONAL_ARGS is nonzero, pass it to the shell as more 59 arguments. */ 60 61void run_shell(const char *shell, int loginshell, const char *command, const char **additional_args) 62{ 63 const char **args; 64 int argno = 1; 65 int additional_args_cnt = 0; 66 67 for (args = additional_args; args && *args; args++) 68 additional_args_cnt++; 69 70 args = xmalloc(sizeof(char*) * (4 + additional_args_cnt)); 71 72 args[0] = bb_get_last_path_component(xstrdup(shell)); 73 74 if (loginshell) 75 args[0] = xasprintf("-%s", args[0]); 76 77 if (command) { 78 args[argno++] = "-c"; 79 args[argno++] = command; 80 } 81 if (additional_args) { 82 for (; *additional_args; ++additional_args) 83 args[argno++] = *additional_args; 84 } 85 args[argno] = NULL; 86#if ENABLE_SELINUX 87 if (current_sid && !setexeccon(current_sid)) { 88 freecon(current_sid); 89 execve(shell, (char **) args, environ); 90 } else 91#endif 92 execv(shell, (char **) args); 93 bb_perror_msg_and_die("cannot run %s", shell); 94} 95