OpenCoverage

runcon.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/coreutils/src/src/runcon.c

Source code

Switch to Preprocessed file

Line Source Count

1 /* runcon -- run command with specified security context -

3 -

4 This program is free software: you can redistribute it and/or modify -

5 it under the terms of the GNU General Public License as published by -

6 the Free Software Foundation, either version 3 of the License, or -

7 (at your option) any later version. -

8 -

9 This program is distributed in the hope that it will be useful, -

10 but WITHOUT ANY WARRANTY; without even the implied warranty of -

11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -

12 GNU General Public License for more details. -

13 -

14 You should have received a copy of the GNU General Public License -

15 along with this program. If not, see <https://www.gnu.org/licenses/>. */ -

16 -

17 /* -

18 * runcon [ context -

19 * | ( [ -c ] [ -r role ] [-t type] [ -u user ] [ -l levelrange ] ) -

20 * command [arg1 [arg2 ...] ] -

21 * -

22 * attempt to run the specified command with the specified context. -

23 * -

24 * -r role : use the current context with the specified role -

25 * -t type : use the current context with the specified type -

26 * -u user : use the current context with the specified user -

27 * -l level : use the current context with the specified level range -

28 * -c : compute process transition context before modifying -

29 * -

30 * Contexts are interpreted as follows: -

31 * -

32 * Number of MLS -

33 * components system? -

34 * -

35 * 1 - type -

36 * 2 - role:type -

37 * 3 Y role:type:range -

38 * 3 N user:role:type -

39 * 4 Y user:role:type:range -

40 * 4 N error -

41 */ -

42 -

43 #include <config.h> -

44 #include <stdio.h> -

45 #include <getopt.h> -

46 #include <selinux/selinux.h> -

47 #include <selinux/context.h> -

48 #include <sys/types.h> -

49 #include "system.h" -

50 #include "die.h" -

51 #include "error.h" -

52 #include "quote.h" -

53 -

54 /* The official name of this program (e.g., no 'g' prefix). */ -

55 #define PROGRAM_NAME "runcon" -

56 -

57 #define AUTHORS proper_name ("Russell Coker") -

58 -

59 static struct option const long_options[] = -

60 { -

61 {"role", required_argument, NULL, 'r'}, -

62 {"type", required_argument, NULL, 't'}, -

63 {"user", required_argument, NULL, 'u'}, -

64 {"range", required_argument, NULL, 'l'}, -

65 {"compute", no_argument, NULL, 'c'}, -

66 {GETOPT_HELP_OPTION_DECL}, -

67 {GETOPT_VERSION_OPTION_DECL}, -

68 {NULL, 0, NULL, 0} -

69 }; -

70 -

71 void -

72 usage (int status) -

73 { -

if (status != EXIT_SUCCESS)

status != 0	Description
TRUE	evaluated 3 times by 1 test Evaluated by: runcon
FALSE	evaluated 13 times by 1 test Evaluated by: runcon

3-13

emit_try_help ();

executed 3 times by 1 test: end of block

Executed by:

runcon

76 else -

77 { -

78 printf (_("\ -

79 Usage: %s CONTEXT COMMAND [args]\n\ -

80 or: %s [ -c ] [-u USER] [-r ROLE] [-t TYPE] [-l RANGE] COMMAND [args]\n\ -

81 "), program_name, program_name); -

82 fputs (_("\ -

83 Run a program in a different SELinux security context.\n\ -

84 With neither CONTEXT nor COMMAND, print the current security context.\n\ -

85 "), stdout); -

86 -

87 emit_mandatory_arg_note (); -

88 -

89 fputs (_("\ -

90 CONTEXT Complete security context\n\ -

91 -c, --compute compute process transition context before modifying\n\ -

92 -t, --type=TYPE type (for same role as parent)\n\ -

93 -u, --user=USER user identity\n\ -

94 -r, --role=ROLE role\n\ -

95 -l, --range=RANGE levelrange\n\ -

96 \n\ -

97 "), stdout); -

98 fputs (HELP_OPTION_DESCRIPTION, stdout); -

99 fputs (VERSION_OPTION_DESCRIPTION, stdout); -

100 emit_ancillary_info (PROGRAM_NAME); -

101

}

executed 13 times by 1 test: end of block

Executed by:

runcon

102

exit (status);

executed 16 times by 1 test: exit (status);

Executed by:

runcon

103 } -

104 -

105 int -

106 main (int argc, char **argv) -

107 { -

108 char *role = NULL; -

109 char *range = NULL; -

110 char *user = NULL; -

111 char *type = NULL; -

112 char *context = NULL; -

113 char *cur_context = NULL; -

114 char *file_context = NULL; -

115 char *new_context = NULL; -

116 bool compute_trans = false; -

117 -

118 context_t con; -

119 -

120 initialize_main (&argc, &argv); -

121 set_program_name (argv[0]); -

122 setlocale (LC_ALL, ""); -

123 bindtextdomain (PACKAGE, LOCALEDIR); -

124 textdomain (PACKAGE); -

125 -

126 atexit (close_stdout); -

127 -

128 while (1) -

129 { -

130 int option_index = 0; -

131 int c = getopt_long (argc, argv, "+r:t:u:l:c", long_options, -

132 &option_index); -

133

if (c == -1)

c == -1	Description
TRUE	evaluated 1 time by 1 test Evaluated by: runcon
FALSE	evaluated 30 times by 1 test Evaluated by: runcon

1-30

134

break;

executed 1 time by 1 test: break;

Executed by:

runcon

135 switch (c) -

136 { -

137

case 'r':

executed 2 times by 1 test: case 'r':

Executed by:

runcon

138

if (role)

role	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: runcon

0-2

139

die (EXIT_FAILURE, 0, _("multiple roles"));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, 0, dcgettext (((void *)0), \"multiple roles\", 5)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , 0, dcgettext (((void *)0), "multiple roles" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , 0, dcgettext (((void *)0), "multiple roles" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))));

140 role = optarg; -

141

break;

executed 2 times by 1 test: break;

Executed by:

runcon

142

case 't':

executed 2 times by 1 test: case 't':

Executed by:

runcon

143

if (type)

type	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: runcon

0-2

144

die (EXIT_FAILURE, 0, _("multiple types"));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, 0, dcgettext (((void *)0), \"multiple types\", 5)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , 0, dcgettext (((void *)0), "multiple types" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , 0, dcgettext (((void *)0), "multiple types" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))));

145 type = optarg; -

146

break;

executed 2 times by 1 test: break;

Executed by:

runcon

147

case 'u':

executed 2 times by 1 test: case 'u':

Executed by:

runcon

148

if (user)

user	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: runcon

0-2

149

die (EXIT_FAILURE, 0, _("multiple users"));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, 0, dcgettext (((void *)0), \"multiple users\", 5)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , 0, dcgettext (((void *)0), "multiple users" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , 0, dcgettext (((void *)0), "multiple users" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))));

150 user = optarg; -

151

break;

executed 2 times by 1 test: break;

Executed by:

runcon

152

case 'l':

executed 2 times by 1 test: case 'l':

Executed by:

runcon

153

if (range)

range	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: runcon

0-2

154

die (EXIT_FAILURE, 0, _("multiple levelranges"));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, 0, dcgettext (((void *)0), \"multiple levelranges\", 5)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , 0, dcgettext (((void *)0), "multiple levelranges" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , 0, dcgettext (((void *)0), "multiple levelranges" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))));

155 range = optarg; -

156

break;

executed 2 times by 1 test: break;

Executed by:

runcon

157

case 'c':

executed 2 times by 1 test: case 'c':

Executed by:

runcon

158 compute_trans = true; -

159

break;

executed 2 times by 1 test: break;

Executed by:

runcon

160 -

161

case_GETOPT_HELP_CHAR;

never executed: break;

executed 13 times by 1 test: case GETOPT_HELP_CHAR:

Executed by:

runcon

0-13

162

case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);

executed 4 times by 1 test: exit ( 0 );

Executed by:

runcon

never executed: break;

executed 4 times by 1 test: case GETOPT_VERSION_CHAR:

Executed by:

runcon

0-4

163

default:

executed 3 times by 1 test: default:

Executed by:

runcon

164 usage (EXIT_FAILURE); -

165

break;

never executed: break;

166 } -

167 } -

168 -

169

if (argc - optind == 0)

argc - optind == 0	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: runcon

0-1

170 { -

171

if (getcon (&cur_context) < 0)

getcon (&cur_context) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

172

die (EXIT_FAILURE, errno, _("failed to get current context"));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to get current context\", 5)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_location ()) , dcget...((void *)0), "failed to get current context" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to get current context" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))));

173 fputs (cur_context, stdout); -

174 fputc ('\n', stdout); -

175

return EXIT_SUCCESS;

never executed: return 0 ;

176 } -

177 -

178

if (!(user || role || type || range || compute_trans))

user	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: runcon

role	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: runcon

type	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: runcon

range	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: runcon

compute_trans	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: runcon

0-1

179 { -

180

if (optind >= argc)

optind >= argc	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: runcon

0-1

181 { -

182 error (0, 0, _("you must specify -c, -t, -u, -l, -r, or context")); -

183 usage (EXIT_FAILURE); -

184

}

never executed: end of block

185 context = argv[optind++]; -

186

}

executed 1 time by 1 test: end of block

Executed by:

runcon

187 -

188

if (optind >= argc)

optind >= argc	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: runcon

0-1

189 { -

190 error (0, 0, _("no command specified")); -

191 usage (EXIT_FAILURE); -

192

}

never executed: end of block

193 -

194

if (is_selinux_enabled () != 1)

is_selinux_enabled () != 1	Description
TRUE	evaluated 1 time by 1 test Evaluated by: runcon
FALSE	never evaluated

0-1

195

die (EXIT_FAILURE, 0, _("%s may be used only on a SELinux kernel"),

executed 1 time by 1 test:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, 0, dcgettext (((void *)0), \"%s may be used only on a SELinux kernel\", 5), program_name), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , 0, dcgettext (((void *)0), ...d only on a SELinux kernel" , 5) , program_name), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , 0, dcgettext (((void *)0), "%s may be used only on a SELinux kernel" , 5) , program_name), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

Executed by:

runcon

196

program_name);

executed 1 time by 1 test:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, 0, dcgettext (((void *)0), \"%s may be used only on a SELinux kernel\", 5), program_name), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , 0, dcgettext (((void *)0), ...d only on a SELinux kernel" , 5) , program_name), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , 0, dcgettext (((void *)0), "%s may be used only on a SELinux kernel" , 5) , program_name), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

Executed by:

runcon

197 -

198

if (context)

context	Description
TRUE	never evaluated
FALSE	never evaluated

199 { -

200 con = context_new (context); -

201

if (!con)

!con	Description
TRUE	never evaluated
FALSE	never evaluated

202

die (EXIT_FAILURE, errno, _("failed to create security context: %s"),

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to create security context: %s\", 5), quote (context)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__e..." , 5) , quote (context)), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to create security context: %s" , 5) , quote (context)), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

203

quote (context));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to create security context: %s\", 5), quote (context)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__e..." , 5) , quote (context)), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to create security context: %s" , 5) , quote (context)), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

204

}

never executed: end of block

205 else -

206 { -

207

if (getcon (&cur_context) < 0)

getcon (&cur_context) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

208

die (EXIT_FAILURE, errno, _("failed to get current context"));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to get current context\", 5)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_location ()) , dcget...((void *)0), "failed to get current context" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to get current context" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))));

209 -

210 /* We will generate context based on process transition */ -

211

if (compute_trans)

compute_trans	Description
TRUE	never evaluated
FALSE	never evaluated

212 { -

213 /* Get context of file to be executed */ -

214

if (getfilecon (argv[optind], &file_context) == -1)

rpl_getfilecon...context) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

215

die (EXIT_FAILURE, errno,

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to get security context of %s\", 5), quotearg_style (shell_escape_always_quoting_style, argv[optind])), assume (false))..._builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to get security context of %s" , 5) , quotearg_style (shell_escape_always_quoting_style, argv[optind])), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

216

_("failed to get security context of %s"),

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to get security context of %s\", 5), quotearg_style (shell_escape_always_quoting_style, argv[optind])), assume (false))..._builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to get security context of %s" , 5) , quotearg_style (shell_escape_always_quoting_style, argv[optind])), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

217

quoteaf (argv[optind]));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to get security context of %s\", 5), quotearg_style (shell_escape_always_quoting_style, argv[optind])), assume (false))..._builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to get security context of %s" , 5) , quotearg_style (shell_escape_always_quoting_style, argv[optind])), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

218 /* compute result of process transition */ -

219

if (security_compute_create (cur_context, file_context,

security_compu..._context) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

220

string_to_security_class ("process"),

security_compu..._context) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

221

&new_context) != 0)

security_compu..._context) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

222

die (EXIT_FAILURE, errno, _("failed to compute a new context"));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to compute a new context\", 5)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_location ()) , dcg...id *)0), "failed to compute a new context" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to compute a new context" , 5) ), (( 0 ) ? (void) 0 : __builtin_unreachable ()))));

223 /* free contexts */ -

224 freecon (file_context); -

225 freecon (cur_context); -

226 -

227 /* set cur_context equal to new_context */ -

228 cur_context = new_context; -

229

}

never executed: end of block

230 -

231 con = context_new (cur_context); -

232

if (!con)

!con	Description
TRUE	never evaluated
FALSE	never evaluated

233

die (EXIT_FAILURE, errno, _("failed to create security context: %s"),

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to create security context: %s\", 5), quote (cur_context)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (... quote (cur_context)), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to create security context: %s" , 5) , quote (cur_context)), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

234

quote (cur_context));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to create security context: %s\", 5), quote (cur_context)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (... quote (cur_context)), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to create security context: %s" , 5) , quote (cur_context)), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

235

if (user && context_user_set (con, user))

user	Description
TRUE	never evaluated
FALSE	never evaluated

context_user_set (con, user)	Description
TRUE	never evaluated
FALSE	never evaluated

236

die (EXIT_FAILURE, errno, _("failed to set new user: %s"),

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to set new user: %s\", 5), quote (user)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_location ... set new user: %s" , 5) , quote (user)), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to set new user: %s" , 5) , quote (user)), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

237

quote (user));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to set new user: %s\", 5), quote (user)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_location ... set new user: %s" , 5) , quote (user)), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to set new user: %s" , 5) , quote (user)), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

238

if (type && context_type_set (con, type))

type	Description
TRUE	never evaluated
FALSE	never evaluated

context_type_set (con, type)	Description
TRUE	never evaluated
FALSE	never evaluated

239

die (EXIT_FAILURE, errno, _("failed to set new type: %s"),

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to set new type: %s\", 5), quote (type)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_location ... set new type: %s" , 5) , quote (type)), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to set new type: %s" , 5) , quote (type)), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

240

quote (type));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to set new type: %s\", 5), quote (type)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_location ... set new type: %s" , 5) , quote (type)), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to set new type: %s" , 5) , quote (type)), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

241

if (range && context_range_set (con, range))

range	Description
TRUE	never evaluated
FALSE	never evaluated

context_range_set (con, range)	Description
TRUE	never evaluated
FALSE	never evaluated

242

die (EXIT_FAILURE, errno, _("failed to set new range: %s"),

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to set new range: %s\", 5), quote (range)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_locatio... new range: %s" , 5) , quote (range)), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to set new range: %s" , 5) , quote (range)), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

243

quote (range));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to set new range: %s\", 5), quote (range)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_locatio... new range: %s" , 5) , quote (range)), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to set new range: %s" , 5) , quote (range)), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

244

if (role && context_role_set (con, role))

role	Description
TRUE	never evaluated
FALSE	never evaluated

context_role_set (con, role)	Description
TRUE	never evaluated
FALSE	never evaluated

245

die (EXIT_FAILURE, errno, _("failed to set new role: %s"),

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to set new role: %s\", 5), quote (role)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_location ... set new role: %s" , 5) , quote (role)), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to set new role: %s" , 5) , quote (role)), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

246

quote (role));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"failed to set new role: %s\", 5), quote (role)), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_location ... set new role: %s" , 5) , quote (role)), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "failed to set new role: %s" , 5) , quote (role)), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

247

}

never executed: end of block

248 -

249

if (security_check_context (context_str (con)) < 0)

security_check...str (con)) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

250

die (EXIT_FAILURE, errno, _("invalid context: %s"),

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"invalid context: %s\", 5), quote (context_str (con))), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_loc..., 5) , quote (context_str (con))), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "invalid context: %s" , 5) , quote (context_str (con))), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

251

quote (context_str (con)));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"invalid context: %s\", 5), quote (context_str (con))), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 , (*__errno_loc..., 5) , quote (context_str (con))), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "invalid context: %s" , 5) , quote (context_str (con))), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

252 -

253

if (setexeccon (context_str (con)) != 0)

setexeccon (co...tr (con)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

254

die (EXIT_FAILURE, errno, _("unable to set security context %s"),

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"unable to set security context %s\", 5), quote (context_str (con))), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 ,...context_str (con))), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "unable to set security context %s" , 5) , quote (context_str (con))), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

255

quote (context_str (con)));

never executed:

((!!sizeof (struct { _Static_assert ( 1 , "verify_expr (" "1" ", " "(error (1, (*__errno_location ()), dcgettext (((void *)0), \"unable to set security context %s\", 5), quote (context_str (con))), assume (false))" ")"); int _gl_dummy; })) ? ((error ( 1 ,...context_str (con))), (( 0 ) ? (void) 0 : __builtin_unreachable ()))) : ((error ( 1 , (*__errno_location ()) , dcgettext (((void *)0), "unable to set security context %s" , 5) , quote (context_str (con))), (( 0 ) ? (void) 0 : __builtin_unreachable ())))) ;

256

if (cur_context != NULL)