4 #include <selinux/selinux.h>
5 #include <selinux/flask.h>
6 #include <selinux/av_permissions.h>
7 #include <selinux/context.h>
8 #include "selinux_utils.h"
10 int checkAccess(char *chuser
, int access
) {
12 security_context_t user_context
;
13 const char *user
=NULL
;
14 if( getprevcon(&user_context
)==0 ) {
15 context_t c
=context_new(user_context
);
16 user
=context_user_get(c
);
17 if (strcmp(chuser
, user
) == 0) {
20 struct av_decision avd
;
21 int retval
= security_compute_av(user_context
,
28 ((access
& avd
.allowed
) == access
)) {
33 freecon(user_context
);
38 int setupDefaultContext(char *orig_file
) {
39 if (is_selinux_enabled() > 0) {
40 security_context_t scontext
;
42 if (getfilecon(orig_file
,&scontext
)<0) {
46 if (setfscreatecon(scontext
) < 0)