diff -urp coreutils-6.10-orig/configure.ac coreutils-6.10/configure.ac --- coreutils-6.10-orig/configure.ac 2008-01-25 12:32:33.000000000 +0100 +++ coreutils-6.10/configure.ac 2008-01-25 14:10:34.000000000 +0100 @@ -51,6 +51,13 @@ AC_ARG_ENABLE(pam, dnl LIB_PAM="-ldl -lpam -lpam_misc" AC_SUBST(LIB_PAM)]) +dnl Give the chance to enable SELINUX +AC_ARG_ENABLE(selinux, dnl +[ --enable-selinux Enable use of the SELINUX libraries], +[AC_DEFINE(WITH_SELINUX, 1, [Define if you want to use SELINUX]) +LIB_SELINUX="-lselinux" +AC_SUBST(LIB_SELINUX)]) + AC_FUNC_FORK optional_bin_progs= diff -urp coreutils-6.10-orig/man/cp.1 coreutils-6.10/man/cp.1 --- coreutils-6.10-orig/man/cp.1 2008-01-25 12:34:23.000000000 +0100 +++ coreutils-6.10/man/cp.1 2008-01-25 14:42:25.000000000 +0100 @@ -58,7 +58,7 @@ same as \fB\-\-preserve\fR=\fImode\fR,ow \fB\-\-preserve\fR[=\fIATTR_LIST\fR] preserve the specified attributes (default: mode,ownership,timestamps), if possible -additional attributes: context, links, all +additional attributes: security context, links, all .TP \fB\-\-no\-preserve\fR=\fIATTR_LIST\fR don't preserve the specified attributes @@ -102,6 +102,9 @@ explain what is being done .TP \fB\-x\fR, \fB\-\-one\-file\-system\fR stay on this file system +\fB\-Z\fR, \fB\-\-context\fR=\fICONTEXT\fR +(SELinux) set SELinux security context of copy to CONTEXT +.TP .TP \fB\-\-help\fR display this help and exit diff -urp coreutils-6.10-orig/man/dir.1 coreutils-6.10/man/dir.1 --- coreutils-6.10-orig/man/dir.1 2008-01-25 12:34:23.000000000 +0100 +++ coreutils-6.10/man/dir.1 2008-01-25 14:46:19.000000000 +0100 @@ -203,11 +203,24 @@ list entries by lines instead of by colu \fB\-X\fR sort alphabetically by entry extension .TP -\fB\-Z\fR, \fB\-\-context\fR -print any SELinux security context of each file -.TP \fB\-1\fR list one file per line +.PP +SELINUX options: +.TP +\fB\-\-lcontext\fR +Display SELinux security context. +Enable \fB\-l\fR. Lines will probably be too +wide for most displays. +.TP +\fB\-\-context\fR +Display SELinux security context so it fits +on most displays. Displays only mode, user, +group, security context and file name. +.TP +\fB\-\-scontext\fR +Display only SELinux security context and +file name. .TP \fB\-\-help\fR display this help and exit diff -urp coreutils-6.10-orig/man/chcon.1 coreutils-6.10/man/chcon.1 --- coreutils-6.10-orig/man/chcon.1 2008-01-25 12:34:22.000000000 +0100 +++ coreutils-6.10/man/chcon.1 2008-01-25 14:15:52.000000000 +0100 @@ -1,7 +1,7 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.35. .TH CHCON "1" "January 2008" "GNU coreutils 6.10" "User Commands" .SH NAME -chcon \- change file security context +chcon \- change file SELinux security context .SH SYNOPSIS .B chcon [\fIOPTION\fR]... \fICONTEXT FILE\fR... @@ -14,7 +14,7 @@ chcon \- change file security context .SH DESCRIPTION .\" Add any additional description here .PP -Change the security context of each FILE to CONTEXT. +Change the SELinux security context of each FILE to CONTEXT. With \fB\-\-reference\fR, change the security context of each FILE to that of RFILE. .TP \fB\-c\fR, \fB\-\-changes\fR @@ -74,6 +74,8 @@ License GPLv3+: GNU GPL version 3 or lat .br This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. +.SH "REPORTING BUGS" +Report bugs to . .SH "SEE ALSO" The full documentation for .B chcon diff -urp coreutils-6.10-orig/man/id.1 coreutils-6.10/man/id.1 --- coreutils-6.10-orig/man/id.1 2008-01-25 12:34:24.000000000 +0100 +++ coreutils-6.10/man/id.1 2008-01-25 14:40:22.000000000 +0100 @@ -14,7 +14,7 @@ Print information for USERNAME, or the c ignore, for compatibility with other versions .TP \fB\-Z\fR, \fB\-\-context\fR -print only the security context of the current user +print only the SELinux security context of the current user .TP \fB\-g\fR, \fB\-\-group\fR print only the effective group ID diff -urp coreutils-6.10-orig/man/install.1 coreutils-6.10/man/install.1 --- coreutils-6.10-orig/man/install.1 2008-01-25 12:34:23.000000000 +0100 +++ coreutils-6.10/man/install.1 2008-01-25 14:32:47.000000000 +0100 @@ -68,11 +68,11 @@ treat DEST as a normal file \fB\-v\fR, \fB\-\-verbose\fR print the name of each directory as it is created .TP -\fB\-\-preserve\-context\fR -preserve SELinux security context +\fB\-P\fR, \fB\-\-preserve_context\fR \fB\-\-preserve\-context\fR +(SELinux) preserve SELinux security context .TP \fB\-Z\fR, \fB\-\-context\fR=\fICONTEXT\fR -set SELinux security context of files and directories +(SELinux) set SELinux security context of files and directories .TP \fB\-\-help\fR display this help and exit diff -urp coreutils-6.10-orig/man/ls.1 coreutils-6.10/man/ls.1 --- coreutils-6.10-orig/man/ls.1 2008-01-25 12:34:23.000000000 +0100 +++ coreutils-6.10/man/ls.1 2008-01-25 14:39:10.000000000 +0100 @@ -203,11 +203,24 @@ list entries by lines instead of by colu \fB\-X\fR sort alphabetically by entry extension .TP -\fB\-Z\fR, \fB\-\-context\fR -print any SELinux security context of each file -.TP \fB\-1\fR list one file per line +.PP +SELinux options: +.TP +\fB\-\-lcontext\fR +Display SELinux security context. +Enable \fB\-l\fR. Lines will probably be too +wide for most displays. +.TP +\fB\-Z\fR, \fB\-\-context\fR +Display SELinux security context so it fits +on most displays. Displays only mode, user, +group, security context and file name. +.TP +\fB\-\-scontext\fR +Display only SELinux security context and +file name. .TP \fB\-\-help\fR display this help and exit diff -urp coreutils-6.10-orig/man/mkdir.1 coreutils-6.10/man/mkdir.1 --- coreutils-6.10-orig/man/mkdir.1 2008-01-25 12:34:23.000000000 +0100 +++ coreutils-6.10/man/mkdir.1 2008-01-25 14:36:44.000000000 +0100 @@ -21,9 +21,9 @@ no error if existing, make parent direct \fB\-v\fR, \fB\-\-verbose\fR print a message for each created directory .TP -\fB\-Z\fR, \fB\-\-context\fR=\fICTX\fR -set the SELinux security context of each created -directory to CTX +\fB\-Z\fR, \fB\-\-context\fR=\fICONTEXT\fR +(SELinux) set the SELinux security context of each +created directory to CONTEXT .TP \fB\-\-help\fR display this help and exit diff -urp coreutils-6.10-orig/man/mkfifo.1 coreutils-6.10/man/mkfifo.1 --- coreutils-6.10-orig/man/mkfifo.1 2008-01-25 12:34:23.000000000 +0100 +++ coreutils-6.10/man/mkfifo.1 2008-01-25 14:43:27.000000000 +0100 @@ -10,8 +10,8 @@ mkfifo \- make FIFOs (named pipes) .PP Create named pipes (FIFOs) with the given NAMEs. .TP -\fB\-Z\fR, \fB\-\-context\fR=\fICTX\fR -set the SELinux security context of each NAME to CTX +\fB\-Z\fR, \fB\-\-context\fR=\fICONTEXT\fR +set the SELinux security context of each NAME to CONTEXT(quoted string) .PP Mandatory arguments to long options are mandatory for short options too. .TP diff -urp coreutils-6.10-orig/man/mknod.1 coreutils-6.10/man/mknod.1 --- coreutils-6.10-orig/man/mknod.1 2008-01-25 12:34:23.000000000 +0100 +++ coreutils-6.10/man/mknod.1 2008-01-25 14:39:49.000000000 +0100 @@ -10,8 +10,8 @@ mknod \- make block or character special .PP Create the special file NAME of the given TYPE. .TP -\fB\-Z\fR, \fB\-\-context\fR=\fICTX\fR -set the SELinux security context of NAME to CTX +\fB\-Z\fR, \fB\-\-context\fR=\fICONTEXT\fR +set the SELinux security context of NAME to CONTEXT .PP Mandatory arguments to long options are mandatory for short options too. .TP diff -urp coreutils-6.10-orig/man/stat.1 coreutils-6.10/man/stat.1 --- coreutils-6.10-orig/man/stat.1 2008-01-25 12:34:23.000000000 +0100 +++ coreutils-6.10/man/stat.1 2008-01-25 14:11:23.000000000 +0100 @@ -28,6 +28,9 @@ If you want a newline, include \en in FO \fB\-t\fR, \fB\-\-terse\fR print the information in terse form .TP +\fB\-Z\fR, \fB\-\-context\fR +print security context information for SELinux if available. +.TP \fB\-\-help\fR display this help and exit .TP diff -urp coreutils-6.10-orig/man/vdir.1 coreutils-6.10/man/vdir.1 --- coreutils-6.10-orig/man/vdir.1 2008-01-25 12:34:23.000000000 +0100 +++ coreutils-6.10/man/vdir.1 2008-01-25 14:35:10.000000000 +0100 @@ -208,6 +208,20 @@ print any SELinux security context of ea .TP \fB\-1\fR list one file per line +.PP +SELINUX options: +.TP +\fB\-\-lcontext\fR +Display SELinux security context. Enable \fB\-l\fR. +Lines will probably be too wide for most displays. +.TP +\fB\-\-context\fR +Display SELinux security context so it fits +on most displays. Displays only mode, user, +group, SELinux security context and file name. +.TP +\fB\-\-scontext\fR +Display only SELinux security context and file name. .TP \fB\-\-help\fR display this help and exit diff -urp coreutils-6.10-orig/src/copy.c coreutils-6.10/src/copy.c --- coreutils-6.10-orig/src/copy.c 2008-01-05 23:59:11.000000000 +0100 +++ coreutils-6.10/src/copy.c 2008-01-25 17:23:17.000000000 +0100 @@ -371,9 +371,10 @@ copy_reg (char const *src_name, char con security_context_t con = NULL; if (getfscreatecon (&con) < 0) { - error (0, errno, _("failed to get file system create context")); + //do not show error when we not require security context (-a option) if (x->require_preserve_context) { + error (0, errno, _("failed to get file system create context")); return_val = false; goto close_src_and_dst_desc; } @@ -383,11 +384,12 @@ copy_reg (char const *src_name, char con { if (fsetfilecon (dest_desc, con) < 0) { - error (0, errno, - _("failed to set the security context of %s to %s"), - quote_n (0, dst_name), quote_n (1, con)); + //do not show error when we not require security context (-a option) if (x->require_preserve_context) { + error (0, errno, + _("failed to set the security context of %s to %s"), + quote_n (0, dst_name), quote_n (1, con)); return_val = false; freecon (con); goto close_src_and_dst_desc; @@ -1630,11 +1632,12 @@ copy_internal (char const *src_name, cha { if (setfscreatecon (con) < 0) { - error (0, errno, - _("failed to set default file creation context to %s"), - quote (con)); + //do not show error when we not require security context (-a option) if (x->require_preserve_context) { + error (0, errno, + _("failed to set default file creation context to %s"), + quote (con)); freecon (con); return false; } @@ -1644,12 +1647,14 @@ copy_internal (char const *src_name, cha else { if (errno != ENOTSUP && errno != ENODATA) - { - error (0, errno, - _("failed to get security context of %s"), - quote (src_name)); - if (x->require_preserve_context) - return false; + { + //do not show error when we not require security context (-a option) + if (x->require_preserve_context) { + error (0, errno, + _("failed to get security context of %s"), + quote (src_name)); + return false; + } } } } @@ -1735,6 +1740,8 @@ copy_internal (char const *src_name, cha { /* Here, we are crossing a file system boundary and cp's -x option is in effect: so don't copy the contents of this directory. */ + if (x->preserve_security_context) + restore_default_fscreatecon_or_die (); } else { diff -urp coreutils-6.10-orig/src/copy.h coreutils-6.10/src/copy.h --- coreutils-6.10-orig/src/copy.h 2008-01-05 23:58:25.000000000 +0100 +++ coreutils-6.10/src/copy.h 2008-01-25 16:29:21.000000000 +0100 @@ -141,6 +141,9 @@ struct cp_options bool preserve_mode; bool preserve_timestamps; + /* If true, attempt to set specified security context */ + bool set_security_context; + /* Enabled for mv, and for cp by the --preserve=links option. If true, attempt to preserve in the destination files any logical hard links between the source files. If used with cp's diff -urp coreutils-6.10-orig/src/cp.c coreutils-6.10/src/cp.c --- coreutils-6.10-orig/src/cp.c 2008-01-11 12:19:53.000000000 +0100 +++ coreutils-6.10/src/cp.c 2008-01-25 16:26:22.000000000 +0100 @@ -147,6 +147,7 @@ static struct option const long_opts[] = {"target-directory", required_argument, NULL, 't'}, {"update", no_argument, NULL, 'u'}, {"verbose", no_argument, NULL, 'v'}, + {"context", required_argument, NULL, 'Z'}, {GETOPT_HELP_OPTION_DECL}, {GETOPT_VERSION_OPTION_DECL}, {NULL, 0, NULL, 0} @@ -200,6 +201,9 @@ Mandatory arguments to long options are additional attributes: context, links, all\n\ "), stdout); fputs (_("\ + -c same as --preserve=context\n\ +"), stdout); + fputs (_("\ --no-preserve=ATTR_LIST don't preserve the specified attributes\n\ --parents use full source file name under DIRECTORY\n\ "), stdout); @@ -225,6 +229,7 @@ Mandatory arguments to long options are destination file is missing\n\ -v, --verbose explain what is being done\n\ -x, --one-file-system stay on this file system\n\ + -Z, --context=CONTEXT set security context of copy to CONTEXT\n\ "), stdout); fputs (HELP_OPTION_DESCRIPTION, stdout); fputs (VERSION_OPTION_DESCRIPTION, stdout); @@ -774,6 +779,7 @@ cp_option_init (struct cp_options *x) x->preserve_timestamps = false; x->preserve_security_context = false; x->require_preserve_context = false; + x->set_security_context = false; x->require_preserve = false; x->recursive = false; @@ -867,8 +873,10 @@ decode_preserve_arg (char const *arg, st x->preserve_timestamps = on_off; x->preserve_ownership = on_off; x->preserve_links = on_off; - if (selinux_enabled) + if (selinux_enabled) { x->preserve_security_context = on_off; + x->require_preserve_context = on_off; + } break; default: @@ -909,7 +917,7 @@ main (int argc, char **argv) we'll actually use backup_suffix_string. */ backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX"); - while ((c = getopt_long (argc, argv, "abdfHilLprst:uvxPRS:T", + while ((c = getopt_long (argc, argv, "abcdfHilLprst:uvxPRS:TZ", long_opts, NULL)) != -1) { @@ -920,13 +928,15 @@ main (int argc, char **argv) sparse_type_string, sparse_type); break; - case 'a': /* Like -dpPR. */ + case 'a': /* Like -dpPRc. */ x.dereference = DEREF_NEVER; x.preserve_links = true; x.preserve_ownership = true; x.preserve_mode = true; x.preserve_timestamps = true; - x.require_preserve = true; + x.require_preserve = true; + if (selinux_enabled) + x.preserve_security_context = true; x.recursive = true; break; @@ -940,6 +950,16 @@ main (int argc, char **argv) copy_contents = true; break; + case 'c': + if ( x.set_security_context ) { + (void) fprintf(stderr, "%s: cannot force target context and preserve it\n", argv[0]); + exit( 1 ); + } + else if (selinux_enabled) { + x.preserve_security_context = true; + x.require_preserve_context = true; + } + break; case 'd': x.preserve_links = true; x.dereference = DEREF_NEVER; @@ -1052,6 +1072,27 @@ main (int argc, char **argv) x.one_file_system = true; break; + + case 'Z': + /* politely decline if we're not on a selinux-enabled kernel. */ + if( !selinux_enabled ) { + fprintf( stderr, "Warning: ignoring --context (-Z). " + "It requires a SELinux enabled kernel.\n" ); + break; + } + if ( x.preserve_security_context ) { + (void) fprintf(stderr, "%s: cannot force target context to '%s' and preserve it\n", argv[0], optarg); + exit( 1 ); + } + x.set_security_context = true; + /* if there's a security_context given set new path + components to that context, too */ + if ( setfscreatecon(optarg) < 0 ) { + (void) fprintf(stderr, _("cannot set default security context %s\n"), optarg); + exit( 1 ); + } + break; + case 'S': make_backups = true; backup_suffix_string = optarg; diff -urp coreutils-6.10-orig/src/id.c coreutils-6.10/src/id.c --- coreutils-6.10-orig/src/id.c 2008-01-05 23:59:11.000000000 +0100 +++ coreutils-6.10/src/id.c 2008-01-25 17:13:53.000000000 +0100 @@ -110,7 +110,7 @@ int main (int argc, char **argv) { int optc; - int selinux_enabled = (is_selinux_enabled () > 0); + bool selinux_enabled = (is_selinux_enabled () > 0); /* If true, output the list of all group IDs. -G */ bool just_group_list = false; diff -urp coreutils-6.10-orig/src/install.c coreutils-6.10/src/install.c --- coreutils-6.10-orig/src/install.c 2008-01-05 23:59:11.000000000 +0100 +++ coreutils-6.10/src/install.c 2008-01-25 17:32:42.000000000 +0100 @@ -146,11 +146,11 @@ static struct option const long_options[ {"no-target-directory", no_argument, NULL, 'T'}, {"owner", required_argument, NULL, 'o'}, {"preserve-timestamps", no_argument, NULL, 'p'}, - {"preserve-context", no_argument, NULL, PRESERVE_CONTEXT_OPTION}, + {"preserve-context", no_argument, NULL, 'P'}, /* Continue silent support for --preserve_context until Jan 2008. FIXME-obs After that, FIXME-obs: warn in, say, late 2008, and disable altogether a year or two later. */ - {"preserve_context", no_argument, NULL, PRESERVE_CONTEXT_OPTION}, + {"preserve_context", no_argument, NULL, 'P'}, {"strip", no_argument, NULL, 's'}, {"suffix", required_argument, NULL, 'S'}, {"target-directory", required_argument, NULL, 't'}, @@ -178,6 +178,7 @@ cp_option_init (struct cp_options *x) x->preserve_timestamps = false; x->require_preserve = false; x->require_preserve_context = false; + x->set_security_context = false; x->recursive = false; x->sparse_mode = SPARSE_AUTO; x->symbolic_link = false; @@ -199,7 +199,6 @@ cp_option_init (struct cp_options *x) x->src_info = NULL; } -#ifdef ENABLE_WHEN_MATCHPATHCON_IS_MORE_EFFICIENT /* Modify file context to match the specified policy. If an error occurs the file will remain with the default directory context. */ @@ -266,13 +265,6 @@ setdefaultfilecon (char const *file) freecon (scontext); return; } -#else -static void -setdefaultfilecon (char const *file) -{ - (void) file; -} -#endif /* FILE is the last operand of this command. Return true if FILE is a directory. But report an error there is a problem accessing FILE, @@ -346,7 +338,7 @@ main (int argc, char **argv) we'll actually use backup_suffix_string. */ backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX"); - while ((optc = getopt_long (argc, argv, "bcsDdg:m:o:pt:TvS:Z:", long_options, + while ((optc = getopt_long (argc, argv, "bcsDdg:m:o:pPt:TvS:Z:", long_options, NULL)) != -1) { switch (optc) @@ -408,6 +409,7 @@ main (int argc, char **argv) no_target_directory = true; break; + case 'P': case PRESERVE_CONTEXT_OPTION: if ( ! selinux_enabled) { @@ -415,6 +417,10 @@ main (int argc, char **argv) "this kernel is not SELinux-enabled.")); break; } + if ( x.set_security_context ) { + (void) fprintf(stderr, "%s: cannot force target context and preserve it\n", argv[0]); + exit( 1 ); + } x.preserve_security_context = true; use_default_selinux_context = false; break; @@ -432,6 +432,7 @@ main (int argc, char **argv) break; } scontext = optarg; + x.set_security_context = true; use_default_selinux_context = false; break; case_GETOPT_HELP_CHAR; @@ -825,8 +831,8 @@ Mandatory arguments to long options are -v, --verbose print the name of each directory as it is created\n\ "), stdout); fputs (_("\ - --preserve-context preserve SELinux security context\n\ - -Z, --context=CONTEXT set SELinux security context of files and directories\n\ + -P, --preserve-context (SELinux) preserve security context\n\ + -Z, --context=CONTEXT (SELinux) set security context of files and directories\n\ "), stdout); fputs (HELP_OPTION_DESCRIPTION, stdout); diff -urp coreutils-6.10-orig/src/ls.c coreutils-6.10/src/ls.c --- coreutils-6.10-orig/src/ls.c 2008-01-11 11:34:22.000000000 +0100 +++ coreutils-6.10/src/ls.c 2008-01-25 15:34:49.000000000 +0100 @@ -134,7 +134,8 @@ enum filetype symbolic_link, sock, whiteout, - arg_directory + arg_directory, + command_line }; /* Display letters and indicators for each filetype. @@ -177,8 +178,9 @@ struct fileinfo exists, otherwise false. */ bool linkok; - /* For long listings, true if the file has an access control list, - or an SELinux security context. */ + /* For long listings, true if the file has an access control list. + Unlike with upstream not true for SELinux scontext(#430779) as + this removes possibility to detect ACL via ls */ bool have_acl; }; @@ -241,6 +242,7 @@ static void queue_directory (char const static void sort_files (void); static void parse_ls_color (void); void usage (int status); +static void print_scontext_format (const struct fileinfo *f); /* The name this program was run with. */ char *program_name; @@ -314,7 +316,7 @@ static struct pending *pending_dirs; static time_t current_time = TYPE_MINIMUM (time_t); static int current_time_ns = -1; -static bool print_scontext; +static int print_scontext = 0; static char UNKNOWN_SECURITY_CONTEXT[] = "?"; /* Whether any of the files has an ACL. This affects the width of the @@ -354,7 +356,9 @@ enum format one_per_line, /* -1 */ many_per_line, /* -C */ horizontal, /* -x */ - with_commas /* -m */ + with_commas, /* -m */ + security_format, /* -Z */ + invalid_format }; static enum format format; @@ -731,6 +735,9 @@ enum SHOW_CONTROL_CHARS_OPTION, SI_OPTION, SORT_OPTION, + CONTEXT_OPTION, + LCONTEXT_OPTION, + SCONTEXT_OPTION, TIME_OPTION, TIME_STYLE_OPTION }; @@ -776,7 +783,9 @@ static struct option const long_options[ {"time-style", required_argument, NULL, TIME_STYLE_OPTION}, {"color", optional_argument, NULL, COLOR_OPTION}, {"block-size", required_argument, NULL, BLOCK_SIZE_OPTION}, - {"context", no_argument, 0, 'Z'}, + {"context", no_argument, 0, CONTEXT_OPTION}, + {"lcontext", no_argument, 0, LCONTEXT_OPTION}, + {"scontext", no_argument, 0, SCONTEXT_OPTION}, {"author", no_argument, NULL, AUTHOR_OPTION}, {GETOPT_HELP_OPTION_DECL}, {GETOPT_VERSION_OPTION_DECL}, @@ -786,12 +795,12 @@ static struct option const long_options[ static char const *const format_args[] = { "verbose", "long", "commas", "horizontal", "across", - "vertical", "single-column", NULL + "vertical", "single-column", "context", NULL }; static enum format const format_types[] = { long_format, long_format, with_commas, horizontal, horizontal, - many_per_line, one_per_line + many_per_line, one_per_line, security_format }; ARGMATCH_VERIFY (format_args, format_types); @@ -1236,7 +1245,7 @@ main (int argc, char **argv) format_needs_stat = sort_type == sort_time || sort_type == sort_size || format == long_format - || print_scontext + || format == security_format || print_scontext || print_block_size; format_needs_type = (! format_needs_stat && (recursive @@ -1267,7 +1276,7 @@ main (int argc, char **argv) } else do - gobble_file (argv[i++], unknown, NOT_AN_INODE_NUMBER, true, ""); + gobble_file (argv[i++], command_line, NOT_AN_INODE_NUMBER, true, ""); while (i < argc); if (cwd_n_used) @@ -1429,7 +1438,7 @@ decode_switches (int argc, char **argv) ignore_mode = IGNORE_DEFAULT; ignore_patterns = NULL; hide_patterns = NULL; - print_scontext = false; + print_scontext = 0; /* FIXME: put this in a function. */ { @@ -1811,13 +1820,27 @@ decode_switches (int argc, char **argv) break; case 'Z': - print_scontext = true; + print_scontext = 1; + format = security_format; break; case_GETOPT_HELP_CHAR; case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS); + case CONTEXT_OPTION: /* default security context format */ + print_scontext = 1; + format = security_format; + break; + case LCONTEXT_OPTION: /* long format plus security context */ + print_scontext = 1; + format = long_format; + break; + case SCONTEXT_OPTION: /* short form of new security format */ + print_scontext = 0; + format = security_format; + break; + default: usage (LS_FAILURE); } @@ -2517,8 +2540,10 @@ clear_files (void) struct fileinfo *f = sorted_file[i]; free (f->name); free (f->linkname); - if (f->scontext != UNKNOWN_SECURITY_CONTEXT) - freecon (f->scontext); + if (f->scontext != UNKNOWN_SECURITY_CONTEXT) { + freecon (f->scontext); + f->scontext = NULL; + } } cwd_n_used = 0; @@ -2560,6 +2585,7 @@ gobble_file (char const *name, enum file memset (f, '\0', sizeof *f); f->stat.st_ino = inode; f->filetype = type; + f->scontext = NULL; if (command_line_arg || format_needs_stat @@ -2609,7 +2635,7 @@ gobble_file (char const *name, enum file { case DEREF_ALWAYS: err = stat (absolute_name, &f->stat); - do_deref = true; + do_deref = true; break; case DEREF_COMMAND_LINE_ARGUMENTS: @@ -2618,7 +2644,7 @@ gobble_file (char const *name, enum file { bool need_lstat; err = stat (absolute_name, &f->stat); - do_deref = true; + do_deref = true; if (dereference == DEREF_COMMAND_LINE_ARGUMENTS) break; @@ -2637,7 +2663,7 @@ gobble_file (char const *name, enum file default: /* DEREF_NEVER */ err = lstat (absolute_name, &f->stat); - do_deref = false; + do_deref = false; break; } @@ -2659,7 +2685,7 @@ gobble_file (char const *name, enum file f->stat_ok = true; - if (format == long_format || print_scontext) + if (format == long_format || format == security_format) { bool have_acl = false; int attr_len = (do_deref @@ -2667,9 +2694,7 @@ gobble_file (char const *name, enum file : lgetfilecon (absolute_name, &f->scontext)); err = (attr_len < 0); - if (err == 0) - have_acl = ! STREQ ("unlabeled", f->scontext); - else + if (err != 0) { f->scontext = UNKNOWN_SECURITY_CONTEXT; @@ -2681,7 +2706,7 @@ gobble_file (char const *name, enum file err = 0; } - if (err == 0 && ! have_acl && format == long_format) + if (err == 0 && format == long_format) { int n = file_has_acl (absolute_name, &f->stat); err = (n < 0); @@ -3255,6 +3281,13 @@ print_current_files (void) print_long_format (sorted_file[i]); DIRED_PUTCHAR ('\n'); } + break; + case security_format: + for (i = 0; i < cwd_n_used; i++) + { + print_scontext_format (sorted_file[i]); + DIRED_PUTCHAR ('\n'); + } break; } } @@ -3481,7 +3514,7 @@ print_long_format (const struct fileinfo The latter is wrong when inode_number_width is zero. */ p += strlen (p); } - + if (print_block_size) { char hbuf[LONGEST_HUMAN_READABLE + 1]; @@ -3510,9 +3543,15 @@ print_long_format (const struct fileinfo The latter is wrong when nlink_width is zero. */ p += strlen (p); + if (print_scontext) + { + sprintf (p, "%-32s ", f->scontext ? f->scontext : ""); + p += strlen (p); + } + DIRED_INDENT (); - if (print_owner | print_group | print_author | print_scontext) + if (print_owner | print_group | print_author) { DIRED_FPUTS (buf, stdout, p - buf); @@ -3525,9 +3564,6 @@ print_long_format (const struct fileinfo if (print_author) format_user (f->stat.st_author, author_width, f->stat_ok); - if (print_scontext) - format_user_or_group (f->scontext, 0, scontext_width); - p = buf; } @@ -3864,9 +3900,6 @@ print_file_name_and_frills (const struct human_readable (ST_NBLOCKS (f->stat), buf, human_output_opts, ST_NBLOCKSIZE, output_block_size)); - if (print_scontext) - printf ("%*s ", format == with_commas ? 0 : scontext_width, f->scontext); - print_name_with_quoting (f->name, FILE_OR_LINK_MODE (f), f->linkok, f->stat_ok, f->filetype, NULL); @@ -4030,9 +4063,6 @@ length_of_file_name_and_frills (const st output_block_size)) : block_size_width); - if (print_scontext) - len += 1 + (format == with_commas ? strlen (f->scontext) : scontext_width); - quote_name (NULL, f->name, filename_quoting_options, &name_width); len += name_width; @@ -4461,9 +4491,16 @@ Mandatory arguments to long options are -w, --width=COLS assume screen width instead of current value\n\ -x list entries by lines instead of by columns\n\ -X sort alphabetically by entry extension\n\ - -Z, --context print any SELinux security context of each file\n\ -1 list one file per line\n\ "), stdout); + fputs(_("\nSELINUX options:\n\n\ + --lcontext Display security context. Enable -l. Lines\n\ + will probably be too wide for most displays.\n\ + -Z, --context Display security context so it fits on most\n\ + displays. Displays only mode, user, group,\n\ + security context and file name.\n\ + --scontext Display only security context and file name.\n\ +"), stdout); fputs (HELP_OPTION_DESCRIPTION, stdout); fputs (VERSION_OPTION_DESCRIPTION, stdout); fputs (_("\n\ @@ -4487,3 +4524,67 @@ Exit status is 0 if OK, 1 if minor probl } exit (status); } + +static void +print_scontext_format (const struct fileinfo *f) +{ + char modebuf[12]; + + /* 7 fields that may require LONGEST_HUMAN_READABLE bytes, + 1 10-byte mode string, + 9 spaces, one following each of these fields, and + 1 trailing NUL byte. */ + + char init_bigbuf[7 * LONGEST_HUMAN_READABLE + 10 + 9 + 1]; + char *buf = init_bigbuf; + size_t bufsize = sizeof (init_bigbuf); + size_t s; + char *p; + const char *fmt; + char *user_name; + char *group_name; + int rv; + char *scontext; + + p = buf; + + if ( print_scontext ) { /* zero means terse listing */ + filemodestring (&f->stat, modebuf); + modebuf[10] = (f->have_acl ? '+' : ' '); + modebuf[11] = '\0'; + + /* print mode */ + + (void) sprintf (p, "%s ", modebuf); + p += strlen (p); + + /* print standard user and group */ + + DIRED_FPUTS (buf, stdout, p - buf); + format_user (f->stat.st_uid, owner_width, f->stat_ok); + format_group (f->stat.st_gid, group_width, f->stat_ok); + p = buf; + } + + (void) sprintf (p, "%-32s ", f->scontext ?: ""); + p += strlen (p); + + DIRED_INDENT (); + DIRED_FPUTS (buf, stdout, p - buf); + print_name_with_quoting (f->name, f->stat.st_mode, f->linkok, + f->stat_ok, f->filetype, &dired_obstack); + + if (f->filetype == symbolic_link) { + if (f->linkname) { + DIRED_FPUTS_LITERAL (" -> ", stdout); + print_name_with_quoting (f->linkname, f->linkmode, f->linkok - 1, + f->stat_ok, f->filetype, NULL); + if (indicator_style != none) + print_type_indicator (f->stat_ok, f->linkmode, f->filetype); + } + } + else { + if (indicator_style != none) + print_type_indicator (f->stat_ok, f->stat.st_mode, f->filetype); + } +} diff -urp coreutils-6.10-orig/src/mkdir.c coreutils-6.10/src/mkdir.c --- coreutils-6.10-orig/src/mkdir.c 2008-01-05 23:58:25.000000000 +0100 +++ coreutils-6.10/src/mkdir.c 2008-01-25 16:35:14.000000000 +0100 @@ -41,6 +41,7 @@ char *program_name; static struct option const longopts[] = { {GETOPT_SELINUX_CONTEXT_OPTION_DECL}, + {"context", required_argument, NULL, 'Z'}, {"mode", required_argument, NULL, 'm'}, {"parents", no_argument, NULL, 'p'}, {"verbose", no_argument, NULL, 'v'}, @@ -69,8 +70,8 @@ Mandatory arguments to long options are -m, --mode=MODE set file mode (as in chmod), not a=rwx - umask\n\ -p, --parents no error if existing, make parent directories as needed\n\ -v, --verbose print a message for each created directory\n\ - -Z, --context=CTX set the SELinux security context of each created\n\ - directory to CTX\n\ + -Z, --context=CONTEXT set the SELinux security context of each created\n\ + createddirectory to CONTEXT\n\ "), stdout); fputs (HELP_OPTION_DESCRIPTION, stdout); fputs (VERSION_OPTION_DESCRIPTION, stdout); @@ -173,6 +174,12 @@ main (int argc, char **argv) options.created_directory_format = _("created directory %s"); break; case 'Z': + /* politely decline if we're not on a selinux-enabled kernel. */ + if( !(is_selinux_enabled()>0)) { + fprintf( stderr, "Sorry, --context (-Z) can be used only on " + "a selinux-enabled kernel.\n" ); + exit( 1 ); + } scontext = optarg; break; case_GETOPT_HELP_CHAR; diff -urp coreutils-6.10-orig/src/mkfifo.c coreutils-6.10/src/mkfifo.c --- coreutils-6.10-orig/src/mkfifo.c 2008-01-05 23:58:25.000000000 +0100 +++ coreutils-6.10/src/mkfifo.c 2008-01-25 16:58:15.000000000 +0100 @@ -58,7 +58,8 @@ Create named pipes (FIFOs) with the give \n\ "), stdout); fputs (_("\ - -Z, --context=CTX set the SELinux security context of each NAME to CTX\n\ + -Z, --context=CONTEXT set the SELinux security context \n\ + of each NAME to CONTEXT(quoted string)\n\ "), stdout); fputs (_("\ Mandatory arguments to long options are mandatory for short options too.\n\ @@ -98,6 +99,12 @@ main (int argc, char **argv) specified_mode = optarg; break; case 'Z': + if (!(0 < is_selinux_enabled())) + { + fprintf( stderr, "Sorry, --context (-Z) can be used only on " + "a selinux-enabled kernel.\n" ); + exit (1); + } scontext = optarg; break; case_GETOPT_HELP_CHAR; diff -urp coreutils-6.10-orig/src/mknod.c coreutils-6.10/src/mknod.c --- coreutils-6.10-orig/src/mknod.c 2008-01-05 23:58:25.000000000 +0100 +++ coreutils-6.10/src/mknod.c 2008-01-25 17:01:11.000000000 +0100 @@ -38,7 +38,7 @@ char *program_name; static struct option const longopts[] = { - {GETOPT_SELINUX_CONTEXT_OPTION_DECL}, + {GETOPT_SELINUX_CONTEXT_OPTION_DECL}, {"mode", required_argument, NULL, 'm'}, {GETOPT_HELP_OPTION_DECL}, {GETOPT_VERSION_OPTION_DECL}, @@ -60,7 +60,8 @@ Create the special file NAME of the give \n\ "), stdout); fputs(_("\ - -Z, --context=CTX set the SELinux security context of NAME to CTX\n\ + -Z, --context=CONTEXT set the SELinux security context \n\ + of NAME to CONTEXT(quoted string)\n\ "), stdout); fputs (_("\ Mandatory arguments to long options are mandatory for short options too.\n\ @@ -114,6 +115,12 @@ main (int argc, char **argv) specified_mode = optarg; break; case 'Z': + /* politely decline if we're not on a selinux-enabled kernel. */ + if( !(is_selinux_enabled()>0)) { + fprintf( stderr, "Sorry, --context (-Z) can be used only on " + "a selinux-enabled kernel.\n" ); + exit( 1 ); + } scontext = optarg; break; case_GETOPT_HELP_CHAR; diff -urp coreutils-6.10-orig/src/mv.c coreutils-6.10/src/mv.c --- coreutils-6.10-orig/src/mv.c 2008-01-05 23:59:11.000000000 +0100 +++ coreutils-6.10/src/mv.c 2008-01-25 17:11:50.000000000 +0100 @@ -137,6 +137,7 @@ cp_option_init (struct cp_options *x) x->preserve_mode = true; x->preserve_timestamps = true; x->preserve_security_context = selinux_enabled; + x->set_security_context = false; x->require_preserve = false; /* FIXME: maybe make this an option */ x->require_preserve_context = false; x->recursive = true; diff -urp coreutils-6.10-orig/src/stat.c coreutils-6.10/src/stat.c --- coreutils-6.10-orig/src/stat.c 2008-01-05 23:59:11.000000000 +0100 +++ coreutils-6.10/src/stat.c 2008-01-25 16:50:24.000000000 +0100 @@ -831,7 +831,7 @@ print_it (char const *format, char const /* Stat the file system and print what we find. */ static bool -do_statfs (char const *filename, bool terse, char const *format) +do_statfs (char const *filename, bool terse, bool secure, char const *format) { STRUCT_STATVFS statfsbuf; @@ -843,15 +843,31 @@ do_statfs (char const *filename, bool te } if (format == NULL) + { + if (terse) { - format = (terse - ? "%n %i %l %t %s %S %b %f %a %c %d\n" - : " File: \"%n\"\n" - " ID: %-8i Namelen: %-7l Type: %T\n" - "Block size: %-10s Fundamental block size: %S\n" - "Blocks: Total: %-10b Free: %-10f Available: %a\n" - "Inodes: Total: %-10c Free: %d\n"); + if (secure) + format = "%n %i %l %t %s %S %b %f %a %c %d %C\n"; + else + format = "%n %i %l %t %s %S %b %f %a %c %d\n"; } + else + { + if (secure) + format = " File: \"%n\"\n" + " ID: %-8i Namelen: %-7l Type: %T\n" + "Block size: %-10s Fundamental block size: %S\n" + "Blocks: Total: %-10b Free: %-10f Available: %a\n" + "Inodes: Total: %-10c Free: %d\n" + " S_Context: %C\n"; + else + format = " File: \"%n\"\n" + " ID: %-8i Namelen: %-7l Type: %T\n" + "Block size: %-10s Fundamental block size: %S\n" + "Blocks: Total: %-10b Free: %-10f Available: %a\n" + "Inodes: Total: %-10c Free: %d\n"; + } + } print_it (format, filename, print_statfs, &statfsbuf); return true; @@ -859,7 +875,7 @@ do_statfs (char const *filename, bool te /* stat the file and print what we find */ static bool -do_stat (char const *filename, bool terse, char const *format) +do_stat (char const *filename, bool terse, bool secure, char const *format) { struct stat statbuf; @@ -872,9 +888,12 @@ do_stat (char const *filename, bool ters if (format == NULL) { if (terse) - { - format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o\n"; - } + { + if (secure) + format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o %C\n"; + else + format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o\n"; + } else { /* Temporary hack to match original output until conditional @@ -891,12 +910,22 @@ do_stat (char const *filename, bool ters } else { - format = - " File: %N\n" - " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n" - "Device: %Dh/%dd\tInode: %-10i Links: %h\n" - "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n" - "Access: %x\n" "Modify: %y\n" "Change: %z\n"; + if (secure) + format = + " File: %N\n" + " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n" + "Device: %Dh/%dd\tInode: %-10i Links: %-5h" + " Device type: %t,%T\n" + "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n" + " S_Context: %C\n" + "Access: %x\n" "Modify: %y\n" "Change: %z\n"; + else + format = + " File: %N\n" + " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n" + "Device: %Dh/%dd\tInode: %-10i Links: %h\n" + "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n" + "Access: %x\n" "Modify: %y\n" "Change: %z\n"; } } } @@ -917,6 +946,7 @@ usage (int status) Display file or file system status.\n\ \n\ -L, --dereference follow links\n\ + -Z, --context print the SELinux security context \n\ -f, --file-system display file system status instead of file status\n\ "), stdout); fputs (_("\ @@ -1001,6 +1031,7 @@ main (int argc, char *argv[]) int i; bool fs = false; bool terse = false; + bool secure = false; char *format = NULL; bool ok = true; @@ -1040,9 +1071,13 @@ main (int argc, char *argv[]) terse = true; break; - case 'Z': /* FIXME: remove in 2010, warn in mid 2008 */ - /* Ignored, for compatibility with distributions - that implemented this before upstream. */ + case 'Z': + if((is_selinux_enabled()>0)) + secure = 1; + else { + error (0, 0, _("Kernel is not SELinux enabled")); + usage (EXIT_FAILURE); + } break; case_GETOPT_HELP_CHAR; @@ -1062,8 +1097,8 @@ main (int argc, char *argv[]) for (i = optind; i < argc; i++) ok &= (fs - ? do_statfs (argv[i], terse, format) - : do_stat (argv[i], terse, format)); + ? do_statfs (argv[i], terse, secure, format) + : do_stat (argv[i], terse, secure, format)); exit (ok ? EXIT_SUCCESS : EXIT_FAILURE); } diff -urp coreutils-6.10-orig/tests/misc/selinux coreutils-6.10/tests/misc/selinux --- coreutils-6.10-orig/tests/misc/selinux 2008-01-11 11:34:22.000000000 +0100 +++ coreutils-6.10/tests/misc/selinux 2008-01-25 18:17:59.000000000 +0100 @@ -32,12 +32,10 @@ chcon $ctx f d p 2>/dev/null || { # inspect that context with both ls -Z and stat. for i in d f p; do - c=`ls -dogZ $i|cut -d' ' -f3`; test x$c = x$ctx || fail=1 + c=`ls -dogZ $i|cut -d' ' -f5`; test x$c = x$ctx || fail=1 c=`stat --printf %C $i`; test x$c = x$ctx || fail=1 done -# ensure that ls -l output includes the "+". -c=`ls -l f|cut -c11`; test "$c" = + || fail=1 # Copy each to a new directory and ensure that context is preserved. cp -r --preserve=all d f p s1 || fail=1