ksud: replace some utils with rust libraries (#142)

2023-01-30 12:57:25 +08:00
parent bd6b0d3d12
commit 7785d2a3f8
9 changed files with 525 additions and 178 deletions
--- a/userspace/ksud/src/restorecon.rs
+++ b/userspace/ksud/src/restorecon.rs
@@ -1,16 +1,13 @@
-use anyhow::ensure;
-use anyhow::Ok;
-use anyhow::Result;
-use subprocess::Exec;
+use anyhow::{Context, Ok, Result};
+use extattr::{setxattr, Flags as XattrFlags};
+use jwalk::{Parallelism::Serial, WalkDir};

 const SYSTEM_CON: &str = "u:object_r:system_file:s0";
 const _ADB_CON: &str = "u:object_r:adb_data_file:s0";

 pub fn setcon(path: &str, con: &str) -> Result<()> {
-    // todo use libselinux directly
-    let cmd = format!("chcon {} {}", con, path);
-    let result = Exec::shell(cmd).join()?;
-    ensure!(result.success(), "chcon for: {} failed.", path);
+    setxattr(path, "security.selinux", con, XattrFlags::empty())
+        .with_context(|| format!("Failed to change SELinux context for {path}"))?;
    Ok(())
 }

@@ -19,9 +16,17 @@ pub fn setsyscon(path: &str) -> Result<()> {
 }

 pub fn restore_syscon(dir: &str) -> Result<()> {
-    // todo use libselinux directly
-    let cmd = format!("chcon -R {} {}", SYSTEM_CON, dir);
-    let result = Exec::shell(cmd).join()?;
-    ensure!(result.success(), "chcon for: {} failed.", dir);
+    for dir_entry in WalkDir::new(dir).parallelism(Serial) {
+        if let Some(path) = dir_entry.ok().map(|dir_entry| dir_entry.path()) {
+            setxattr(&path, "security.selinux", SYSTEM_CON, XattrFlags::empty()).with_context(
+                || {
+                    format!(
+                        "Failed to change SELinux context for {}",
+                        path.to_str().unwrap()
+                    )
+                },
+            )?;
+        }
+    }
    Ok(())
 }