diff options
| author | Daniel Lange <DLange@git.local> | 2020-12-07 10:26:01 +0100 |
|---|---|---|
| committer | Daniel Lange <DLange@git.local> | 2020-12-07 10:26:01 +0100 |
| commit | 65357c8c46154de4e4eca14075bfe5523bb5fc14 (patch) | |
| tree | 8f430ee5a0d5de377c4e7c94e47842a27c70d7e8 /linux/SELinuxMeter.c | |
| parent | f80394a20254938142011855f2954b3f63fe5909 (diff) | |
| download | debian_htop-65357c8c46154de4e4eca14075bfe5523bb5fc14.tar.gz debian_htop-65357c8c46154de4e4eca14075bfe5523bb5fc14.tar.bz2 debian_htop-65357c8c46154de4e4eca14075bfe5523bb5fc14.zip | |
New upstream version 3.0.3upstream/3.0.3
Diffstat (limited to 'linux/SELinuxMeter.c')
| -rw-r--r-- | linux/SELinuxMeter.c | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/linux/SELinuxMeter.c b/linux/SELinuxMeter.c new file mode 100644 index 0000000..64a3f2a --- /dev/null +++ b/linux/SELinuxMeter.c @@ -0,0 +1,94 @@ +/* +htop - SELinuxMeter.c +(C) 2020 htop dev team +Released under the GNU GPLv2, see the COPYING file +in the source distribution for its full text. +*/ + +#include "SELinuxMeter.h" + +#include "CRT.h" + +#include <stdbool.h> +#include <stdio.h> +#include <unistd.h> +#include <linux/magic.h> +#include <sys/statfs.h> +#include <sys/statvfs.h> + +#include "Macros.h" +#include "Object.h" +#include "XUtils.h" + + +static const int SELinuxMeter_attributes[] = { + METER_TEXT, +}; + +static bool enabled = false; +static bool enforcing = false; + +static bool hasSELinuxMount(void) { + struct statfs sfbuf; + int r = statfs("/sys/fs/selinux", &sfbuf); + if (r != 0) { + return false; + } + + if (sfbuf.f_type != SELINUX_MAGIC) { + return false; + } + + struct statvfs vfsbuf; + r = statvfs("/sys/fs/selinux", &vfsbuf); + if (r != 0 || (vfsbuf.f_flag & ST_RDONLY)) { + return false; + } + + return true; +} + +static bool isSelinuxEnabled(void) { + return hasSELinuxMount() && (0 == access("/etc/selinux/config", F_OK)); +} + +static bool isSelinuxEnforcing(void) { + if (!enabled) { + return false; + } + + char buf[20]; + ssize_t r = xReadfile("/sys/fs/selinux/enforce", buf, sizeof(buf)); + if (r < 0) + return false; + + int enforce = 0; + if (sscanf(buf, "%d", &enforce) != 1) { + return false; + } + + return !!enforce; +} + +static void SELinuxMeter_updateValues(ATTR_UNUSED Meter* this, char* buffer, size_t len) { + enabled = isSelinuxEnabled(); + enforcing = isSelinuxEnforcing(); + + xSnprintf(buffer, len, "%s%s", enabled ? "enabled" : "disabled", enabled ? (enforcing ? "; mode: enforcing" : "; mode: permissive") : ""); +} + +const MeterClass SELinuxMeter_class = { + .super = { + .extends = Class(Meter), + .delete = Meter_delete, + }, + .updateValues = SELinuxMeter_updateValues, + .defaultMode = TEXT_METERMODE, + .maxItems = 0, + .total = 100.0, + .attributes = SELinuxMeter_attributes, + .name = "SELinux", + .uiName = "SELinux", + .description = "SELinux state overview", + .caption = "SELinux: " +}; |