|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/configure.ac coreutils-8.13/configure.ac
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/configure.ac 2011-09-09 10:29:52.584690353 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/configure.ac 2011-09-09 10:30:39.524564991 +0200
|
|
Ondřej Vašík |
b5f920 |
@@ -141,6 +141,13 @@ if test "$gl_gcc_warnings" = yes; then
|
|
Ondřej Vašík |
917089 |
AC_SUBST([GNULIB_TEST_WARN_CFLAGS])
|
|
Ondřej Vašík |
917089 |
fi
|
|
Ondrej Vasik |
0363d6 |
|
|
Ondrej Vasik |
0363d6 |
+dnl Give the chance to enable SELINUX
|
|
Ondrej Vasik |
0363d6 |
+AC_ARG_ENABLE(selinux, dnl
|
|
Ondrej Vasik |
0363d6 |
+[ --enable-selinux Enable use of the SELINUX libraries],
|
|
Ondrej Vasik |
0363d6 |
+[AC_DEFINE(WITH_SELINUX, 1, [Define if you want to use SELINUX])
|
|
Ondrej Vasik |
0363d6 |
+LIB_SELINUX="-lselinux"
|
|
Ondrej Vasik |
0363d6 |
+AC_SUBST(LIB_SELINUX)])
|
|
Ondrej Vasik |
0363d6 |
+
|
|
Ondrej Vasik |
0363d6 |
AC_FUNC_FORK
|
|
Ondrej Vasik |
0363d6 |
|
|
Ondřej Vašík |
917089 |
AC_ARG_ENABLE(pam, AS_HELP_STRING([--disable-pam],
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/man/chcon.x coreutils-8.13/man/chcon.x
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/man/chcon.x 2009-09-01 13:01:16.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/man/chcon.x 2011-09-09 10:30:39.524564991 +0200
|
|
Ondrej Vasik |
893c38 |
@@ -1,4 +1,4 @@
|
|
Ondrej Vasik |
893c38 |
[NAME]
|
|
Ondrej Vasik |
0363d6 |
-chcon \- change file security context
|
|
Ondrej Vasik |
0363d6 |
+chcon \- change file SELinux security context
|
|
Ondrej Vasik |
893c38 |
[DESCRIPTION]
|
|
Ondrej Vasik |
0363d6 |
.\" Add any additional description here
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/man/runcon.x coreutils-8.13/man/runcon.x
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/man/runcon.x 2009-09-01 13:01:16.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/man/runcon.x 2011-09-09 10:30:39.544686472 +0200
|
|
Ondrej Vasik |
893c38 |
@@ -1,5 +1,5 @@
|
|
Ondrej Vasik |
893c38 |
[NAME]
|
|
Ondrej Vasik |
893c38 |
-runcon \- run command with specified security context
|
|
Ondrej Vasik |
893c38 |
+runcon \- run command with specified SELinux security context
|
|
Ondrej Vasik |
893c38 |
[DESCRIPTION]
|
|
Ondrej Vasik |
893c38 |
Run COMMAND with completely-specified CONTEXT, or with current or
|
|
Ondrej Vasik |
893c38 |
transitioned security context modified by one or more of LEVEL,
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/src/chcon.c coreutils-8.13/src/chcon.c
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/src/chcon.c 2011-07-28 12:38:27.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/src/chcon.c 2011-09-09 10:30:39.562561252 +0200
|
|
Ondřej Vašík |
50a3ba |
@@ -356,7 +356,7 @@ Usage: %s [OPTION]... CONTEXT FILE...\n\
|
|
Ondřej Vašík |
50a3ba |
"),
|
|
Ondřej Vašík |
50a3ba |
program_name, program_name, program_name);
|
|
Ondřej Vašík |
50a3ba |
fputs (_("\
|
|
Ondřej Vašík |
50a3ba |
-Change the security context of each FILE to CONTEXT.\n\
|
|
Ondřej Vašík |
50a3ba |
+Change the SELinux security context of each FILE to CONTEXT.\n\
|
|
Ondřej Vašík |
50a3ba |
With --reference, change the security context of each FILE to that of RFILE.\n\
|
|
Ondřej Vašík |
50a3ba |
\n\
|
|
Ondřej Vašík |
7f6231 |
"), stdout);
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/src/copy.c coreutils-8.13/src/copy.c
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/src/copy.c 2011-07-28 12:38:27.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/src/copy.c 2011-09-09 10:30:39.564562214 +0200
|
|
Ondřej Vašík |
b5f920 |
@@ -2244,6 +2244,8 @@ copy_internal (char const *src_name, cha
|
|
Ondrej Vasik |
250517 |
{
|
|
Ondrej Vasik |
250517 |
/* Here, we are crossing a file system boundary and cp's -x option
|
|
Ondrej Vasik |
250517 |
is in effect: so don't copy the contents of this directory. */
|
|
Ondrej Vasik |
0363d6 |
+ if (x->preserve_security_context)
|
|
Ondrej Vasik |
250517 |
+ restore_default_fscreatecon_or_die ();
|
|
Ondrej Vasik |
250517 |
}
|
|
Ondrej Vasik |
0363d6 |
else
|
|
Ondrej Vasik |
250517 |
{
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/src/copy.h coreutils-8.13/src/copy.h
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/src/copy.h 2011-07-28 12:38:27.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/src/copy.h 2011-09-09 10:30:39.565563712 +0200
|
|
Ondrej Vasik |
66a4fe |
@@ -158,6 +158,9 @@ struct cp_options
|
|
Ondrej Vasik |
66a4fe |
bool preserve_mode;
|
|
Ondrej Vasik |
66a4fe |
bool preserve_timestamps;
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
+ /* If true, attempt to set specified security context */
|
|
Ondrej Vasik |
66a4fe |
+ bool set_security_context;
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
/* Enabled for mv, and for cp by the --preserve=links option.
|
|
Ondrej Vasik |
66a4fe |
If true, attempt to preserve in the destination files any
|
|
Ondrej Vasik |
66a4fe |
logical hard links between the source files. If used with cp's
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/src/cp.c coreutils-8.13/src/cp.c
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/src/cp.c 2011-07-28 12:38:27.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/src/cp.c 2011-09-09 10:30:39.566562062 +0200
|
|
Ondřej Vašík |
98ff9f |
@@ -141,6 +141,7 @@ static struct option const long_opts[] =
|
|
Ondrej Vasik |
66a4fe |
{"target-directory", required_argument, NULL, 't'},
|
|
Ondrej Vasik |
66a4fe |
{"update", no_argument, NULL, 'u'},
|
|
Ondrej Vasik |
66a4fe |
{"verbose", no_argument, NULL, 'v'},
|
|
Ondrej Vasik |
66a4fe |
+ {"context", required_argument, NULL, 'Z'},
|
|
Ondrej Vasik |
66a4fe |
{GETOPT_HELP_OPTION_DECL},
|
|
Ondrej Vasik |
66a4fe |
{GETOPT_VERSION_OPTION_DECL},
|
|
Ondrej Vasik |
66a4fe |
{NULL, 0, NULL, 0}
|
|
Ondřej Vašík |
58ba6d |
@@ -204,6 +205,9 @@ Mandatory arguments to long options are
|
|
Ondrej Vasik |
66a4fe |
all\n\
|
|
Ondrej Vasik |
66a4fe |
"), stdout);
|
|
Ondrej Vasik |
66a4fe |
fputs (_("\
|
|
Ondrej Vasik |
66a4fe |
+ -c same as --preserve=context\n\
|
|
Ondrej Vasik |
66a4fe |
+"), stdout);
|
|
Ondrej Vasik |
66a4fe |
+ fputs (_("\
|
|
Ondrej Vasik |
66a4fe |
--no-preserve=ATTR_LIST don't preserve the specified attributes\n\
|
|
Ondrej Vasik |
66a4fe |
--parents use full source file name under DIRECTORY\n\
|
|
Ondrej Vasik |
66a4fe |
"), stdout);
|
|
Ondřej Vašík |
58ba6d |
@@ -230,6 +234,7 @@ Mandatory arguments to long options are
|
|
Ondrej Vasik |
66a4fe |
destination file is missing\n\
|
|
Ondrej Vasik |
66a4fe |
-v, --verbose explain what is being done\n\
|
|
Ondrej Vasik |
66a4fe |
-x, --one-file-system stay on this file system\n\
|
|
Ondrej Vasik |
66a4fe |
+ -Z, --context=CONTEXT set security context of copy to CONTEXT\n\
|
|
Ondrej Vasik |
66a4fe |
"), stdout);
|
|
Ondrej Vasik |
66a4fe |
fputs (HELP_OPTION_DESCRIPTION, stdout);
|
|
Ondrej Vasik |
66a4fe |
fputs (VERSION_OPTION_DESCRIPTION, stdout);
|
|
Ondřej Vašík |
58ba6d |
@@ -786,6 +791,7 @@ cp_option_init (struct cp_options *x)
|
|
Ondrej Vasik |
66a4fe |
x->preserve_timestamps = false;
|
|
Ondrej Vasik |
66a4fe |
x->preserve_security_context = false;
|
|
Ondrej Vasik |
66a4fe |
x->require_preserve_context = false;
|
|
Ondrej Vasik |
66a4fe |
+ x->set_security_context = false;
|
|
Ondrej Vasik |
66a4fe |
x->preserve_xattr = false;
|
|
Ondrej Vasik |
66a4fe |
x->reduce_diagnostics = false;
|
|
Ondrej Vasik |
66a4fe |
x->require_preserve_xattr = false;
|
|
Ondřej Vašík |
58ba6d |
@@ -933,7 +939,7 @@ main (int argc, char **argv)
|
|
Ondrej Vasik |
66a4fe |
we'll actually use backup_suffix_string. */
|
|
Ondrej Vasik |
66a4fe |
backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
- while ((c = getopt_long (argc, argv, "abdfHilLnprst:uvxPRS:T",
|
|
Ondrej Vasik |
66a4fe |
+ while ((c = getopt_long (argc, argv, "abcdfHilLnprst:uvxPRS:TZ:",
|
|
Ondrej Vasik |
66a4fe |
long_opts, NULL))
|
|
Ondrej Vasik |
66a4fe |
!= -1)
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondřej Vašík |
58ba6d |
@@ -981,6 +987,16 @@ main (int argc, char **argv)
|
|
Ondrej Vasik |
66a4fe |
copy_contents = true;
|
|
Ondrej Vasik |
66a4fe |
break;
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
+ case 'c':
|
|
Ondrej Vasik |
66a4fe |
+ if ( x.set_security_context ) {
|
|
Ondrej Vasik |
66a4fe |
+ (void) fprintf(stderr, "%s: cannot force target context and preserve it\n", argv[0]);
|
|
Ondrej Vasik |
66a4fe |
+ exit( 1 );
|
|
Ondrej Vasik |
66a4fe |
+ }
|
|
Ondrej Vasik |
66a4fe |
+ else if (selinux_enabled) {
|
|
Ondrej Vasik |
66a4fe |
+ x.preserve_security_context = true;
|
|
Ondrej Vasik |
66a4fe |
+ x.require_preserve_context = true;
|
|
Ondrej Vasik |
66a4fe |
+ }
|
|
Ondrej Vasik |
66a4fe |
+ break;
|
|
Ondrej Vasik |
66a4fe |
case 'd':
|
|
Ondrej Vasik |
66a4fe |
x.preserve_links = true;
|
|
Ondrej Vasik |
66a4fe |
x.dereference = DEREF_NEVER;
|
|
Ondřej Vašík |
58ba6d |
@@ -1090,6 +1106,27 @@ main (int argc, char **argv)
|
|
Ondrej Vasik |
66a4fe |
x.one_file_system = true;
|
|
Ondrej Vasik |
66a4fe |
break;
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
+ case 'Z':
|
|
Ondrej Vasik |
66a4fe |
+ /* politely decline if we're not on a selinux-enabled kernel. */
|
|
Ondrej Vasik |
66a4fe |
+ if( !selinux_enabled ) {
|
|
Ondrej Vasik |
66a4fe |
+ fprintf( stderr, "Warning: ignoring --context (-Z). "
|
|
Ondrej Vasik |
66a4fe |
+ "It requires a SELinux enabled kernel.\n" );
|
|
Ondrej Vasik |
66a4fe |
+ break;
|
|
Ondrej Vasik |
66a4fe |
+ }
|
|
Ondrej Vasik |
66a4fe |
+ if ( x.preserve_security_context ) {
|
|
Ondrej Vasik |
66a4fe |
+ (void) fprintf(stderr, "%s: cannot force target context to '%s' and preserve it\n", argv[0], optarg);
|
|
Ondrej Vasik |
66a4fe |
+ exit( 1 );
|
|
Ondrej Vasik |
66a4fe |
+ }
|
|
Ondrej Vasik |
66a4fe |
+ x.set_security_context = true;
|
|
Ondrej Vasik |
66a4fe |
+ /* if there's a security_context given set new path
|
|
Ondrej Vasik |
66a4fe |
+ components to that context, too */
|
|
Ondrej Vasik |
66a4fe |
+ if ( setfscreatecon(optarg) < 0 ) {
|
|
Ondrej Vasik |
66a4fe |
+ (void) fprintf(stderr, _("cannot set default security context %s\n"), optarg);
|
|
Ondrej Vasik |
66a4fe |
+ exit( 1 );
|
|
Ondrej Vasik |
66a4fe |
+ }
|
|
Ondrej Vasik |
66a4fe |
+ break;
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
case 'S':
|
|
Ondrej Vasik |
66a4fe |
make_backups = true;
|
|
Ondrej Vasik |
66a4fe |
backup_suffix_string = optarg;
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/src/id.c coreutils-8.13/src/id.c
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/src/id.c 2011-07-28 12:38:27.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/src/id.c 2011-09-09 10:30:39.567562153 +0200
|
|
Ondrej Vasik |
66a4fe |
@@ -107,7 +107,7 @@ int
|
|
Ondrej Vasik |
66a4fe |
main (int argc, char **argv)
|
|
Ondrej Vasik |
0363d6 |
{
|
|
Ondrej Vasik |
66a4fe |
int optc;
|
|
Ondrej Vasik |
66a4fe |
- int selinux_enabled = (is_selinux_enabled () > 0);
|
|
Ondrej Vasik |
66a4fe |
+ bool selinux_enabled = (is_selinux_enabled () > 0);
|
|
Tim Waugh |
5505e2 |
|
|
Ondrej Vasik |
66a4fe |
/* If true, output the list of all group IDs. -G */
|
|
Ondrej Vasik |
66a4fe |
bool just_group_list = false;
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/src/install.c coreutils-8.13/src/install.c
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/src/install.c 2011-07-28 12:38:27.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/src/install.c 2011-09-09 10:30:39.569562422 +0200
|
|
Ondřej Vašík |
50a3ba |
@@ -261,6 +261,7 @@ cp_option_init (struct cp_options *x)
|
|
Ondřej Vašík |
98ff9f |
x->data_copy_required = true;
|
|
Ondrej Vasik |
66a4fe |
x->require_preserve = false;
|
|
Ondrej Vasik |
66a4fe |
x->require_preserve_context = false;
|
|
Ondrej Vasik |
66a4fe |
+ x->set_security_context = false;
|
|
Ondrej Vasik |
66a4fe |
x->require_preserve_xattr = false;
|
|
Ondrej Vasik |
66a4fe |
x->recursive = false;
|
|
Ondrej Vasik |
66a4fe |
x->sparse_mode = SPARSE_AUTO;
|
|
Ondřej Vašík |
50a3ba |
@@ -622,7 +623,7 @@ Mandatory arguments to long options are
|
|
Ondřej Vašík |
50a3ba |
-v, --verbose print the name of each directory as it is created\n\
|
|
Ondřej Vašík |
50a3ba |
"), stdout);
|
|
Ondřej Vašík |
50a3ba |
fputs (_("\
|
|
Ondřej Vašík |
50a3ba |
- --preserve-context preserve SELinux security context\n\
|
|
Ondřej Vašík |
50a3ba |
+ -P, --preserve-context preserve SELinux security context\n\
|
|
Ondřej Vašík |
50a3ba |
-Z, --context=CONTEXT set SELinux security context of files and directories\
|
|
Ondřej Vašík |
50a3ba |
\n\
|
|
Ondřej Vašík |
50a3ba |
"), stdout);
|
|
Ondřej Vašík |
50a3ba |
@@ -765,7 +766,7 @@ main (int argc, char **argv)
|
|
Ondrej Vasik |
66a4fe |
we'll actually use backup_suffix_string. */
|
|
Ondrej Vasik |
66a4fe |
backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
- while ((optc = getopt_long (argc, argv, "bcCsDdg:m:o:pt:TvS:Z:", long_options,
|
|
Ondrej Vasik |
66a4fe |
+ while ((optc = getopt_long (argc, argv, "bcCsDdg:m:o:pPt:TvS:Z:", long_options,
|
|
Ondrej Vasik |
66a4fe |
NULL)) != -1)
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondrej Vasik |
66a4fe |
switch (optc)
|
|
Ondřej Vašík |
50a3ba |
@@ -835,6 +836,7 @@ main (int argc, char **argv)
|
|
Ondřej Vašík |
50a3ba |
no_target_directory = true;
|
|
Ondřej Vašík |
50a3ba |
break;
|
|
Ondřej Vašík |
50a3ba |
|
|
Ondrej Vasik |
66a4fe |
+ case 'P':
|
|
Ondrej Vasik |
66a4fe |
case PRESERVE_CONTEXT_OPTION:
|
|
Ondrej Vasik |
66a4fe |
if ( ! selinux_enabled)
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondřej Vašík |
50a3ba |
@@ -842,6 +844,10 @@ main (int argc, char **argv)
|
|
Ondrej Vasik |
66a4fe |
"this kernel is not SELinux-enabled"));
|
|
Ondrej Vasik |
66a4fe |
break;
|
|
Ondrej Vasik |
66a4fe |
}
|
|
Ondrej Vasik |
66a4fe |
+ if ( x.set_security_context ) {
|
|
Ondrej Vasik |
66a4fe |
+ (void) fprintf(stderr, "%s: cannot force target context and preserve it\n", argv[0]);
|
|
Ondrej Vasik |
66a4fe |
+ exit( 1 );
|
|
Ondrej Vasik |
66a4fe |
+ }
|
|
Ondrej Vasik |
66a4fe |
x.preserve_security_context = true;
|
|
Ondrej Vasik |
66a4fe |
use_default_selinux_context = false;
|
|
Ondrej Vasik |
66a4fe |
break;
|
|
Ondřej Vašík |
50a3ba |
@@ -853,6 +859,7 @@ main (int argc, char **argv)
|
|
Ondrej Vasik |
66a4fe |
break;
|
|
Ondrej Vasik |
66a4fe |
}
|
|
Ondrej Vasik |
66a4fe |
scontext = optarg;
|
|
Ondrej Vasik |
66a4fe |
+ x.set_security_context = true;
|
|
Ondrej Vasik |
66a4fe |
use_default_selinux_context = false;
|
|
Ondrej Vasik |
66a4fe |
break;
|
|
Ondrej Vasik |
66a4fe |
case_GETOPT_HELP_CHAR;
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/src/ls.c coreutils-8.13/src/ls.c
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/src/ls.c 2011-07-28 12:38:27.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/src/ls.c 2011-09-09 10:30:39.575562845 +0200
|
|
Ondřej Vašík |
b5f920 |
@@ -166,7 +166,8 @@ enum filetype
|
|
Ondrej Vasik |
66a4fe |
symbolic_link,
|
|
Ondrej Vasik |
66a4fe |
sock,
|
|
Ondrej Vasik |
66a4fe |
whiteout,
|
|
Ondrej Vasik |
66a4fe |
- arg_directory
|
|
Ondrej Vasik |
66a4fe |
+ arg_directory,
|
|
Ondrej Vasik |
66a4fe |
+ command_line
|
|
Ondrej Vasik |
66a4fe |
};
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
/* Display letters and indicators for each filetype.
|
|
Ondřej Vašík |
7f6231 |
@@ -282,6 +283,7 @@
|
|
Ondřej Vašík |
7f6231 |
bool command_line_arg);
|
|
Ondrej Vasik |
66a4fe |
static void sort_files (void);
|
|
Ondrej Vasik |
66a4fe |
static void parse_ls_color (void);
|
|
Ondrej Vasik |
66a4fe |
+static void print_scontext_format (const struct fileinfo *f);
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
/* Initial size of hash table.
|
|
Ondrej Vasik |
66a4fe |
Most hierarchies are likely to be shallower than this. */
|
|
Ondřej Vašík |
b5f920 |
@@ -352,7 +354,7 @@ static struct pending *pending_dirs;
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
static struct timespec current_time;
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
-static bool print_scontext;
|
|
Ondrej Vasik |
66a4fe |
+static int print_scontext = 0;
|
|
Ondrej Vasik |
66a4fe |
static char UNKNOWN_SECURITY_CONTEXT[] = "?";
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
/* Whether any of the files has an ACL. This affects the width of the
|
|
Ondřej Vašík |
b5f920 |
@@ -392,7 +394,9 @@ enum format
|
|
Ondrej Vasik |
66a4fe |
one_per_line, /* -1 */
|
|
Ondrej Vasik |
66a4fe |
many_per_line, /* -C */
|
|
Ondrej Vasik |
66a4fe |
horizontal, /* -x */
|
|
Ondrej Vasik |
66a4fe |
- with_commas /* -m */
|
|
Ondrej Vasik |
66a4fe |
+ with_commas, /* -m */
|
|
Ondrej Vasik |
66a4fe |
+ security_format, /* -Z */
|
|
Ondrej Vasik |
66a4fe |
+ invalid_format
|
|
Ondrej Vasik |
66a4fe |
};
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
static enum format format;
|
|
Ondřej Vašík |
b5f920 |
@@ -794,6 +798,9 @@ enum
|
|
Ondrej Vasik |
66a4fe |
SHOW_CONTROL_CHARS_OPTION,
|
|
Ondrej Vasik |
66a4fe |
SI_OPTION,
|
|
Ondrej Vasik |
66a4fe |
SORT_OPTION,
|
|
Ondrej Vasik |
66a4fe |
+ CONTEXT_OPTION,
|
|
Ondrej Vasik |
66a4fe |
+ LCONTEXT_OPTION,
|
|
Ondrej Vasik |
66a4fe |
+ SCONTEXT_OPTION,
|
|
Ondrej Vasik |
66a4fe |
TIME_OPTION,
|
|
Ondrej Vasik |
66a4fe |
TIME_STYLE_OPTION
|
|
Ondrej Vasik |
66a4fe |
};
|
|
Ondřej Vašík |
b5f920 |
@@ -839,7 +846,9 @@ static struct option const long_options[
|
|
Ondrej Vasik |
66a4fe |
{"time-style", required_argument, NULL, TIME_STYLE_OPTION},
|
|
Ondrej Vasik |
66a4fe |
{"color", optional_argument, NULL, COLOR_OPTION},
|
|
Ondrej Vasik |
66a4fe |
{"block-size", required_argument, NULL, BLOCK_SIZE_OPTION},
|
|
Ondrej Vasik |
66a4fe |
- {"context", no_argument, 0, 'Z'},
|
|
Ondrej Vasik |
66a4fe |
+ {"context", no_argument, 0, CONTEXT_OPTION},
|
|
Ondrej Vasik |
66a4fe |
+ {"lcontext", no_argument, 0, LCONTEXT_OPTION},
|
|
Ondrej Vasik |
66a4fe |
+ {"scontext", no_argument, 0, SCONTEXT_OPTION},
|
|
Ondrej Vasik |
66a4fe |
{"author", no_argument, NULL, AUTHOR_OPTION},
|
|
Ondrej Vasik |
0363d6 |
{GETOPT_HELP_OPTION_DECL},
|
|
Ondrej Vasik |
0363d6 |
{GETOPT_VERSION_OPTION_DECL},
|
|
Ondřej Vašík |
b5f920 |
@@ -849,12 +858,12 @@ static struct option const long_options[
|
|
Ondrej Vasik |
66a4fe |
static char const *const format_args[] =
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondrej Vasik |
66a4fe |
"verbose", "long", "commas", "horizontal", "across",
|
|
Ondrej Vasik |
66a4fe |
- "vertical", "single-column", NULL
|
|
Ondrej Vasik |
66a4fe |
+ "vertical", "single-column", "context", NULL
|
|
Ondrej Vasik |
66a4fe |
};
|
|
Ondrej Vasik |
66a4fe |
static enum format const format_types[] =
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondrej Vasik |
66a4fe |
long_format, long_format, with_commas, horizontal, horizontal,
|
|
Ondrej Vasik |
66a4fe |
- many_per_line, one_per_line
|
|
Ondrej Vasik |
66a4fe |
+ many_per_line, one_per_line, security_format
|
|
Ondrej Vasik |
66a4fe |
};
|
|
Ondrej Vasik |
66a4fe |
ARGMATCH_VERIFY (format_args, format_types);
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondřej Vašík |
b5f920 |
@@ -1296,7 +1305,8 @@ main (int argc, char **argv)
|
|
Ondrej Vasik |
66a4fe |
/* Avoid following symbolic links when possible. */
|
|
Ondrej Vasik |
66a4fe |
if (is_colored (C_ORPHAN)
|
|
Ondrej Vasik |
66a4fe |
|| (is_colored (C_EXEC) && color_symlink_as_referent)
|
|
Ondrej Vasik |
66a4fe |
- || (is_colored (C_MISSING) && format == long_format))
|
|
Ondrej Vasik |
66a4fe |
+ || (is_colored (C_MISSING) && (format == long_format
|
|
Ondrej Vasik |
66a4fe |
+ || format == security_format)))
|
|
Ondrej Vasik |
66a4fe |
check_symlink_color = true;
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
/* If the standard output is a controlling terminal, watch out
|
|
Ondřej Vašík |
b5f920 |
@@ -1343,7 +1353,7 @@ main (int argc, char **argv)
|
|
Ondrej Vasik |
66a4fe |
if (dereference == DEREF_UNDEFINED)
|
|
Ondrej Vasik |
66a4fe |
dereference = ((immediate_dirs
|
|
Ondrej Vasik |
66a4fe |
|| indicator_style == classify
|
|
Ondrej Vasik |
66a4fe |
- || format == long_format)
|
|
Ondrej Vasik |
66a4fe |
+ || format == long_format || format == security_format)
|
|
Ondrej Vasik |
66a4fe |
? DEREF_NEVER
|
|
Ondrej Vasik |
66a4fe |
: DEREF_COMMAND_LINE_SYMLINK_TO_DIR);
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondřej Vašík |
b5f920 |
@@ -1363,7 +1373,7 @@ main (int argc, char **argv)
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
format_needs_stat = sort_type == sort_time || sort_type == sort_size
|
|
Ondrej Vasik |
66a4fe |
|| format == long_format
|
|
Ondrej Vasik |
66a4fe |
- || print_scontext
|
|
Ondrej Vasik |
66a4fe |
+ || format == security_format || print_scontext
|
|
Ondrej Vasik |
66a4fe |
|| print_block_size;
|
|
Ondrej Vasik |
66a4fe |
format_needs_type = (! format_needs_stat
|
|
Ondrej Vasik |
66a4fe |
&& (recursive
|
|
Ondřej Vašík |
b5f920 |
@@ -1394,7 +1404,7 @@ main (int argc, char **argv)
|
|
Ondrej Vasik |
66a4fe |
}
|
|
Ondrej Vasik |
66a4fe |
else
|
|
Ondrej Vasik |
66a4fe |
do
|
|
Ondrej Vasik |
66a4fe |
- gobble_file (argv[i++], unknown, NOT_AN_INODE_NUMBER, true, "");
|
|
Ondrej Vasik |
66a4fe |
+ gobble_file (argv[i++], command_line, NOT_AN_INODE_NUMBER, true, "");
|
|
Ondrej Vasik |
66a4fe |
while (i < argc);
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
if (cwd_n_used)
|
|
Ondřej Vašík |
b5f920 |
@@ -1565,7 +1575,7 @@ decode_switches (int argc, char **argv)
|
|
Ondrej Vasik |
66a4fe |
ignore_mode = IGNORE_DEFAULT;
|
|
Ondrej Vasik |
66a4fe |
ignore_patterns = NULL;
|
|
Ondrej Vasik |
66a4fe |
hide_patterns = NULL;
|
|
Ondrej Vasik |
66a4fe |
- print_scontext = false;
|
|
Ondrej Vasik |
66a4fe |
+ print_scontext = 0;
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
/* FIXME: put this in a function. */
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondřej Vašík |
b5f920 |
@@ -1947,13 +1957,27 @@ decode_switches (int argc, char **argv)
|
|
Ondrej Vasik |
66a4fe |
break;
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
case 'Z':
|
|
Ondrej Vasik |
66a4fe |
- print_scontext = true;
|
|
Ondrej Vasik |
66a4fe |
+ print_scontext = 1;
|
|
Ondrej Vasik |
66a4fe |
+ format = security_format;
|
|
Ondrej Vasik |
66a4fe |
break;
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
case_GETOPT_HELP_CHAR;
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
+ case CONTEXT_OPTION: /* default security context format */
|
|
Ondrej Vasik |
66a4fe |
+ print_scontext = 1;
|
|
Ondrej Vasik |
66a4fe |
+ format = security_format;
|
|
Ondrej Vasik |
66a4fe |
+ break;
|
|
Ondrej Vasik |
66a4fe |
+ case LCONTEXT_OPTION: /* long format plus security context */
|
|
Ondrej Vasik |
66a4fe |
+ print_scontext = 1;
|
|
Ondrej Vasik |
66a4fe |
+ format = long_format;
|
|
Ondrej Vasik |
66a4fe |
+ break;
|
|
Ondrej Vasik |
66a4fe |
+ case SCONTEXT_OPTION: /* short form of new security format */
|
|
Ondrej Vasik |
66a4fe |
+ print_scontext = 0;
|
|
Ondrej Vasik |
66a4fe |
+ format = security_format;
|
|
Ondrej Vasik |
66a4fe |
+ break;
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
default:
|
|
Ondrej Vasik |
66a4fe |
usage (LS_FAILURE);
|
|
Ondrej Vasik |
66a4fe |
}
|
|
Ondřej Vašík |
b5f920 |
@@ -2757,6 +2783,7 @@ gobble_file (char const *name, enum file
|
|
Ondrej Vasik |
66a4fe |
memset (f, '\0', sizeof *f);
|
|
Ondrej Vasik |
66a4fe |
f->stat.st_ino = inode;
|
|
Ondrej Vasik |
66a4fe |
f->filetype = type;
|
|
Ondrej Vasik |
66a4fe |
+ f->scontext = NULL;
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
if (command_line_arg
|
|
Ondrej Vasik |
66a4fe |
|| format_needs_stat
|
|
Ondřej Vašík |
b5f920 |
@@ -2869,7 +2896,7 @@ gobble_file (char const *name, enum file
|
|
Ondrej Vasik |
c77f9b |
&& print_with_color && is_colored (C_CAP))
|
|
Ondřej Vašík |
bb1a46 |
f->has_capability = has_capability_cache (absolute_name, f);
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
- if (format == long_format || print_scontext)
|
|
Ondrej Vasik |
66a4fe |
+ if (format == long_format || format == security_format || print_scontext)
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondrej Vasik |
66a4fe |
bool have_selinux = false;
|
|
Ondrej Vasik |
66a4fe |
bool have_acl = false;
|
|
Ondřej Vašík |
b5f920 |
@@ -2892,7 +2919,7 @@ gobble_file (char const *name, enum file
|
|
Ondrej Vasik |
66a4fe |
err = 0;
|
|
Ondrej Vasik |
66a4fe |
}
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
- if (err == 0 && format == long_format)
|
|
Ondrej Vasik |
66a4fe |
+ if (err == 0 && (format == long_format || format == security_format))
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondřej Vašík |
bb1a46 |
int n = file_has_acl_cache (absolute_name, f);
|
|
Ondrej Vasik |
66a4fe |
err = (n < 0);
|
|
Ondřej Vašík |
b5f920 |
@@ -2911,7 +2938,8 @@ gobble_file (char const *name, enum file
|
|
Ondrej Vasik |
66a4fe |
}
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
if (S_ISLNK (f->stat.st_mode)
|
|
Ondrej Vasik |
66a4fe |
- && (format == long_format || check_symlink_color))
|
|
Ondrej Vasik |
66a4fe |
+ && (format == long_format || format == security_format
|
|
Ondrej Vasik |
66a4fe |
+ || check_symlink_color))
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondrej Vasik |
66a4fe |
struct stat linkstats;
|
|
Ondřej Vašík |
315471 |
|
|
Ondřej Vašík |
b5f920 |
@@ -2931,6 +2959,7 @@ gobble_file (char const *name, enum file
|
|
Ondrej Vasik |
66a4fe |
command line are automatically traced if not being
|
|
Ondrej Vasik |
66a4fe |
listed as files. */
|
|
Ondrej Vasik |
66a4fe |
if (!command_line_arg || format == long_format
|
|
Ondrej Vasik |
66a4fe |
+ || format == security_format
|
|
Ondrej Vasik |
66a4fe |
|| !S_ISDIR (linkstats.st_mode))
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondrej Vasik |
66a4fe |
/* Get the linked-to file's mode for the filetype indicator
|
|
Ondřej Vašík |
b5f920 |
@@ -2970,7 +2999,7 @@ gobble_file (char const *name, enum file
|
|
Ondrej Vasik |
66a4fe |
block_size_width = len;
|
|
Ondrej Vasik |
66a4fe |
}
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
- if (format == long_format)
|
|
Ondrej Vasik |
66a4fe |
+ if (format == long_format || format == security_format)
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondrej Vasik |
66a4fe |
if (print_owner)
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondřej Vašík |
b5f920 |
@@ -3471,6 +3500,13 @@ print_current_files (void)
|
|
Ondrej Vasik |
66a4fe |
print_long_format (sorted_file[i]);
|
|
Ondrej Vasik |
66a4fe |
DIRED_PUTCHAR ('\n');
|
|
Ondrej Vasik |
66a4fe |
}
|
|
Ondrej Vasik |
66a4fe |
+ break;
|
|
Ondrej Vasik |
66a4fe |
+ case security_format:
|
|
Ondrej Vasik |
66a4fe |
+ for (i = 0; i < cwd_n_used; i++)
|
|
Ondrej Vasik |
66a4fe |
+ {
|
|
Ondrej Vasik |
66a4fe |
+ print_scontext_format (sorted_file[i]);
|
|
Ondrej Vasik |
66a4fe |
+ DIRED_PUTCHAR ('\n');
|
|
Ondrej Vasik |
66a4fe |
+ }
|
|
Ondrej Vasik |
66a4fe |
break;
|
|
Ondrej Vasik |
66a4fe |
}
|
|
Ondrej Vasik |
66a4fe |
}
|
|
Ondřej Vašík |
b5f920 |
@@ -3633,6 +3669,67 @@ format_inode (char *buf, size_t buflen,
|
|
Ondrej Vasik |
66a4fe |
: (char *) "?");
|
|
Ondrej Vasik |
66a4fe |
}
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
+/* Print info about f in scontext format */
|
|
Ondrej Vasik |
f8d3fd |
+static void
|
|
Ondrej Vasik |
66a4fe |
+print_scontext_format (const struct fileinfo *f)
|
|
Ondrej Vasik |
f8d3fd |
+{
|
|
Ondrej Vasik |
66a4fe |
+ char modebuf[12];
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
+ /* 7 fields that may require LONGEST_HUMAN_READABLE bytes,
|
|
Ondrej Vasik |
66a4fe |
+ 1 10-byte mode string,
|
|
Ondrej Vasik |
66a4fe |
+ 9 spaces, one following each of these fields, and
|
|
Ondrej Vasik |
66a4fe |
+ 1 trailing NUL byte. */
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
+ char init_bigbuf[7 * LONGEST_HUMAN_READABLE + 10 + 9 + 1];
|
|
Ondrej Vasik |
66a4fe |
+ char *buf = init_bigbuf;
|
|
Ondrej Vasik |
66a4fe |
+ char *p;
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
+ p = buf;
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
+ if ( print_scontext ) { /* zero means terse listing */
|
|
Ondrej Vasik |
66a4fe |
+ filemodestring (&f->stat, modebuf);
|
|
Ondrej Vasik |
66a4fe |
+ if (! any_has_acl)
|
|
Ondrej Vasik |
66a4fe |
+ modebuf[10] = '\0';
|
|
Ondrej Vasik |
66a4fe |
+ else if (f->acl_type == ACL_T_SELINUX_ONLY)
|
|
Ondrej Vasik |
66a4fe |
+ modebuf[10] = '.';
|
|
Ondrej Vasik |
66a4fe |
+ else if (f->acl_type == ACL_T_YES)
|
|
Ondrej Vasik |
66a4fe |
+ modebuf[10] = '+';
|
|
Ondrej Vasik |
66a4fe |
+ modebuf[11] = '\0';
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
+ /* print mode */
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
+ (void) sprintf (p, "%s ", modebuf);
|
|
Ondrej Vasik |
66a4fe |
+ p += strlen (p);
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
+ /* print standard user and group */
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
+ DIRED_FPUTS (buf, stdout, p - buf);
|
|
Ondrej Vasik |
66a4fe |
+ format_user (f->stat.st_uid, owner_width, f->stat_ok);
|
|
Ondrej Vasik |
66a4fe |
+ format_group (f->stat.st_gid, group_width, f->stat_ok);
|
|
Ondrej Vasik |
66a4fe |
+ p = buf;
|
|
Ondrej Vasik |
66a4fe |
+ }
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
+ (void) sprintf (p, "%-32s ", f->scontext ?: "");
|
|
Ondrej Vasik |
66a4fe |
+ p += strlen (p);
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
+ DIRED_INDENT ();
|
|
Ondrej Vasik |
66a4fe |
+ DIRED_FPUTS (buf, stdout, p - buf);
|
|
Ondrej Vasik |
c77f9b |
+ size_t w = print_name_with_quoting (f, false, &dired_obstack, p - buf);
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
+ if (f->filetype == symbolic_link) {
|
|
Ondrej Vasik |
66a4fe |
+ if (f->linkname) {
|
|
Ondrej Vasik |
66a4fe |
+ DIRED_FPUTS_LITERAL (" -> ", stdout);
|
|
Ondrej Vasik |
c77f9b |
+ print_name_with_quoting (f, true, NULL, (p - buf) + w + 4);
|
|
Ondrej Vasik |
66a4fe |
+ if (indicator_style != none)
|
|
Ondrej Vasik |
66a4fe |
+ print_type_indicator (f->stat_ok, f->linkmode, f->filetype);
|
|
Ondrej Vasik |
66a4fe |
+ }
|
|
Ondrej Vasik |
66a4fe |
+ }
|
|
Ondrej Vasik |
66a4fe |
+ else {
|
|
Ondrej Vasik |
66a4fe |
+ if (indicator_style != none)
|
|
Ondrej Vasik |
66a4fe |
+ print_type_indicator (f->stat_ok, f->stat.st_mode, f->filetype);
|
|
Ondrej Vasik |
66a4fe |
+ }
|
|
Ondrej Vasik |
f8d3fd |
+}
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
/* Print information about F in long format. */
|
|
Ondrej Vasik |
66a4fe |
static void
|
|
Ondrej Vasik |
66a4fe |
print_long_format (const struct fileinfo *f)
|
|
Ondřej Vašík |
b5f920 |
@@ -3724,9 +3821,15 @@ print_long_format (const struct fileinfo
|
|
Ondrej Vasik |
66a4fe |
The latter is wrong when nlink_width is zero. */
|
|
Ondrej Vasik |
66a4fe |
p += strlen (p);
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
+ if (print_scontext)
|
|
Ondrej Vasik |
f8d3fd |
+ {
|
|
Ondrej Vasik |
66a4fe |
+ sprintf (p, "%-32s ", f->scontext ? f->scontext : "");
|
|
Ondrej Vasik |
66a4fe |
+ p += strlen (p);
|
|
Ondrej Vasik |
f8d3fd |
+ }
|
|
Ondrej Vasik |
f8d3fd |
+
|
|
Ondrej Vasik |
66a4fe |
DIRED_INDENT ();
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
- if (print_owner || print_group || print_author || print_scontext)
|
|
Ondrej Vasik |
66a4fe |
+ if (print_owner || print_group || print_author)
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondrej Vasik |
66a4fe |
DIRED_FPUTS (buf, stdout, p - buf);
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondřej Vašík |
b5f920 |
@@ -3739,9 +3842,6 @@ print_long_format (const struct fileinfo
|
|
Ondrej Vasik |
66a4fe |
if (print_author)
|
|
Ondrej Vasik |
66a4fe |
format_user (f->stat.st_author, author_width, f->stat_ok);
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
- if (print_scontext)
|
|
Ondrej Vasik |
66a4fe |
- format_user_or_group (f->scontext, 0, scontext_width);
|
|
Ondrej Vasik |
66a4fe |
-
|
|
Ondrej Vasik |
66a4fe |
p = buf;
|
|
Ondrej Vasik |
66a4fe |
}
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondřej Vašík |
b5f920 |
@@ -4086,9 +4186,6 @@ print_file_name_and_frills (const struct
|
|
Ondrej Vasik |
66a4fe |
: human_readable (ST_NBLOCKS (f->stat), buf, human_output_opts,
|
|
Ondrej Vasik |
66a4fe |
ST_NBLOCKSIZE, output_block_size));
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
- if (print_scontext)
|
|
Ondrej Vasik |
66a4fe |
- printf ("%*s ", format == with_commas ? 0 : scontext_width, f->scontext);
|
|
Ondrej Vasik |
66a4fe |
-
|
|
Ondrej Vasik |
c77f9b |
size_t width = print_name_with_quoting (f, false, NULL, start_col);
|
|
Ondrej Vasik |
c77f9b |
|
|
Ondrej Vasik |
c77f9b |
if (indicator_style != none)
|
|
Ondřej Vašík |
b5f920 |
@@ -4292,9 +4389,6 @@ length_of_file_name_and_frills (const st
|
|
Ondrej Vasik |
66a4fe |
output_block_size))
|
|
Ondrej Vasik |
66a4fe |
: block_size_width);
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
- if (print_scontext)
|
|
Ondrej Vasik |
66a4fe |
- len += 1 + (format == with_commas ? strlen (f->scontext) : scontext_width);
|
|
Ondrej Vasik |
66a4fe |
-
|
|
Ondrej Vasik |
66a4fe |
quote_name (NULL, f->name, filename_quoting_options, &name_width);
|
|
Ondrej Vasik |
66a4fe |
len += name_width;
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondřej Vašík |
b5f920 |
@@ -4733,9 +4827,16 @@ Mandatory arguments to long options are
|
|
Ondrej Vasik |
66a4fe |
-w, --width=COLS assume screen width instead of current value\n\
|
|
Ondrej Vasik |
66a4fe |
-x list entries by lines instead of by columns\n\
|
|
Ondrej Vasik |
66a4fe |
-X sort alphabetically by entry extension\n\
|
|
Ondrej Vasik |
66a4fe |
- -Z, --context print any SELinux security context of each file\n\
|
|
Ondrej Vasik |
66a4fe |
-1 list one file per line\n\
|
|
Ondrej Vasik |
66a4fe |
"), stdout);
|
|
Ondrej Vasik |
66a4fe |
+ fputs(_("\nSELinux options:\n\n\
|
|
Ondrej Vasik |
66a4fe |
+ --lcontext Display security context. Enable -l. Lines\n\
|
|
Ondrej Vasik |
66a4fe |
+ will probably be too wide for most displays.\n\
|
|
Ondrej Vasik |
66a4fe |
+ -Z, --context Display security context so it fits on most\n\
|
|
Ondrej Vasik |
66a4fe |
+ displays. Displays only mode, user, group,\n\
|
|
Ondrej Vasik |
66a4fe |
+ security context and file name.\n\
|
|
Ondrej Vasik |
66a4fe |
+ --scontext Display only security context and file name.\n\
|
|
Ondrej Vasik |
66a4fe |
+"), stdout);
|
|
Ondrej Vasik |
66a4fe |
fputs (HELP_OPTION_DESCRIPTION, stdout);
|
|
Ondrej Vasik |
66a4fe |
fputs (VERSION_OPTION_DESCRIPTION, stdout);
|
|
Ondrej Vasik |
66a4fe |
emit_size_note ();
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/src/mkdir.c coreutils-8.13/src/mkdir.c
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/src/mkdir.c 2011-07-28 12:38:27.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/src/mkdir.c 2011-09-09 10:30:39.576564256 +0200
|
|
Ondrej Vasik |
66a4fe |
@@ -38,6 +38,7 @@
|
|
Ondrej Vasik |
66a4fe |
static struct option const longopts[] =
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondrej Vasik |
66a4fe |
{GETOPT_SELINUX_CONTEXT_OPTION_DECL},
|
|
Ondrej Vasik |
66a4fe |
+ {"context", required_argument, NULL, 'Z'},
|
|
Ondrej Vasik |
66a4fe |
{"mode", required_argument, NULL, 'm'},
|
|
Ondrej Vasik |
66a4fe |
{"parents", no_argument, NULL, 'p'},
|
|
Ondrej Vasik |
66a4fe |
{"verbose", no_argument, NULL, 'v'},
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/src/mknod.c coreutils-8.13/src/mknod.c
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/src/mknod.c 2011-07-28 12:38:27.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/src/mknod.c 2011-09-09 10:30:39.577563177 +0200
|
|
Ondrej Vasik |
66a4fe |
@@ -35,7 +35,7 @@
|
|
Ondrej Vasik |
66a4fe |
|
|
Ondrej Vasik |
66a4fe |
static struct option const longopts[] =
|
|
Ondrej Vasik |
66a4fe |
{
|
|
Ondrej Vasik |
66a4fe |
- {GETOPT_SELINUX_CONTEXT_OPTION_DECL},
|
|
Ondrej Vasik |
66a4fe |
+ {GETOPT_SELINUX_CONTEXT_OPTION_DECL},
|
|
Ondrej Vasik |
66a4fe |
{"mode", required_argument, NULL, 'm'},
|
|
Ondrej Vasik |
66a4fe |
{GETOPT_HELP_OPTION_DECL},
|
|
Ondrej Vasik |
66a4fe |
{GETOPT_VERSION_OPTION_DECL},
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/src/mv.c coreutils-8.13/src/mv.c
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/src/mv.c 2011-07-28 12:38:27.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/src/mv.c 2011-09-09 10:30:39.578562234 +0200
|
|
Ondrej Vasik |
66a4fe |
@@ -118,6 +118,7 @@ cp_option_init (struct cp_options *x)
|
|
Ondrej Vasik |
66a4fe |
x->preserve_mode = true;
|
|
Ondrej Vasik |
66a4fe |
x->preserve_timestamps = true;
|
|
Ondrej Vasik |
66a4fe |
x->preserve_security_context = selinux_enabled;
|
|
Ondrej Vasik |
66a4fe |
+ x->set_security_context = false;
|
|
Ondrej Vasik |
66a4fe |
x->reduce_diagnostics = false;
|
|
Ondřej Vašík |
98ff9f |
x->data_copy_required = true;
|
|
Ondrej Vasik |
66a4fe |
x->require_preserve = false; /* FIXME: maybe make this an option */
|
|
Ondřej Vašík |
b5f920 |
diff -urNp coreutils-8.13-orig/src/runcon.c coreutils-8.13/src/runcon.c
|
|
Ondřej Vašík |
b5f920 |
--- coreutils-8.13-orig/src/runcon.c 2011-07-28 12:38:27.000000000 +0200
|
|
Ondřej Vašík |
b5f920 |
+++ coreutils-8.13/src/runcon.c 2011-09-09 10:30:39.579564283 +0200
|
|
Kamil Dudka |
b26491 |
@@ -86,7 +86,7 @@ Usage: %s CONTEXT COMMAND [args]\n\
|
|
Ondrej Vasik |
893c38 |
or: %s [ -c ] [-u USER] [-r ROLE] [-t TYPE] [-l RANGE] COMMAND [args]\n\
|
|
Ondrej Vasik |
893c38 |
"), program_name, program_name);
|
|
Ondrej Vasik |
893c38 |
fputs (_("\
|
|
Ondrej Vasik |
893c38 |
-Run a program in a different security context.\n\
|
|
Ondrej Vasik |
893c38 |
+Run a program in a different SELinux security context.\n\
|
|
Ondrej Vasik |
893c38 |
With neither CONTEXT nor COMMAND, print the current security context.\n\
|
|
Ondrej Vasik |
893c38 |
\n\
|
|
Ondrej Vasik |
893c38 |
CONTEXT Complete security context\n\
|
|
Ondřej Vašík |
315471 |
diff -urNp coreutils-8.17-orig/tests/init.cfg coreutils-8.17/tests/init.cfg
|
|
Ondřej Vašík |
315471 |
--- coreutils-8.17-orig/tests/init.cfg
|
|
Ondřej Vašík |
315471 |
+++ coreutils-8.17/tests/init.cfg
|
|
Ondřej Vašík |
b5f920 |
@@ -253,8 +253,8 @@ require_selinux_()
|
|
Ondrej Vasik |
20666c |
|
|
Ondřej Vašík |
50a3ba |
# Independent of whether SELinux is enabled system-wide,
|
|
Ondřej Vašík |
50a3ba |
# the current file system may lack SELinux support.
|
|
Ondřej Vašík |
315471 |
- case $(ls -Zd .) in
|
|
Ondrej Vasik |
20666c |
- '? .'|'unlabeled .')
|
|
Ondřej Vašík |
315471 |
+ case $(ls -Zd . | cut -f4 -d" ") in
|
|
Ondrej Vasik |
20666c |
+ '?'|'unlabeled')
|
|
Ondřej Vašík |
b5f920 |
skip_ "this system (or maybe just" \
|
|
Ondrej Vasik |
20666c |
"the current file system) lacks SELinux support"
|
|
Ondrej Vasik |
20666c |
;;
|
|
Ondřej Vašík |
315471 |
diff -urNp coreutils-8.17-orig/tests/misc/selinux coreutils-8.17/tests/misc/selinux
|
|
Ondřej Vašík |
315471 |
--- coreutils-8.17-orig/tests/misc/selinux
|
|
Ondřej Vašík |
315471 |
+++ coreutils-8.17/tests/misc/selinux
|
|
Ondřej Vašík |
58ba6d |
@@ -37,7 +37,7 @@ chcon $ctx f d p ||
|
|
Ondrej Vasik |
0363d6 |
|
|
Ondrej Vasik |
0363d6 |
# inspect that context with both ls -Z and stat.
|
|
Ondrej Vasik |
0363d6 |
for i in d f p; do
|
|
Ondřej Vašík |
315471 |
- c=$(ls -dogZ $i|cut -d' ' -f3); test x$c = x$ctx || fail=1
|
|
Ondřej Vašík |
315471 |
+ c=$(ls -dogZ $i|cut -d' ' -f4); test x$c = x$ctx || fail=1
|
|
Ondřej Vašík |
315471 |
c=$(stat --printf %C $i); test x$c = x$ctx || fail=1
|
|
Ondrej Vasik |
0363d6 |
done
|
|
Kamil Dudka |
b26491 |
|