--- star-1.5/star/suntar.mk.selinux 2007-02-17 15:51:23.000000000 +0100
+++ star-1.5/star/suntar.mk 2007-08-24 11:51:13.000000000 +0200
@@ -18,6 +18,7 @@
CPPOPTS += -DUSE_ACL
CPPOPTS += -DUSE_XATTR
CPPOPTS += -DUSE_FFLAGS
+CPPOPTS += -DWITH_SELINUX
CPPOPTS += -DSCHILY_PRINT
CFILES= suntar.c header.c cpiohdr.c xheader.c xattr.c \
list.c extract.c create.c append.c diff.c restore.c \
@@ -35,7 +36,7 @@
checkerr.h dumpdate.h bitstring.h
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
XMK_FILE= suntarman.mk
###########################################################################
--- star-1.5/star/extract.c.selinux 2007-06-03 17:06:52.000000000 +0200
+++ star-1.5/star/extract.c 2007-08-24 11:51:13.000000000 +0200
@@ -246,6 +246,17 @@
continue;
}
#endif
+
+#ifdef WITH_SELINUX
+ if (!to_stdout && selinux_enabled) {
+ if (setselinux(&finfo) == FALSE) {
+ errmsgno(EX_BAD,
+ "Can not setup security context for '%s'. Not created.\n",
+ finfo.f_name);
+ }
+ }
+#endif
+
if (finfo.f_flags & F_BAD_META) {
if (!void_bad(&finfo))
break;
--- star-1.5/star/cpio.mk.selinux 2007-02-17 15:51:23.000000000 +0100
+++ star-1.5/star/cpio.mk 2007-08-24 11:51:13.000000000 +0200
@@ -18,6 +18,7 @@
CPPOPTS += -DUSE_ACL
CPPOPTS += -DUSE_XATTR
CPPOPTS += -DUSE_FFLAGS
+CPPOPTS += -DWITH_SELINUX
CPPOPTS += -DSCHILY_PRINT
CFILES= cpio.c header.c cpiohdr.c xheader.c xattr.c \
list.c extract.c create.c append.c diff.c restore.c \
@@ -35,7 +36,7 @@
checkerr.h dumpdate.h bitstring.h
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
XMK_FILE= scpioman.mk
###########################################################################
--- star-1.5/star/starsubs.h.selinux 2007-07-15 19:38:52.000000000 +0200
+++ star-1.5/star/starsubs.h 2007-08-24 11:51:13.000000000 +0200
@@ -297,6 +297,11 @@
extern BOOL get_xattr __PR((register FINFO *info));
extern BOOL set_xattr __PR((register FINFO *info));
extern void free_xattr __PR((star_xattr_t **xattr));
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+extern BOOL setselinux __PR((register FINFO *info));
+extern int selinux_enabled;
+#endif
#endif
/*
--- star-1.5/star/Makefile.selinux 2007-06-16 16:46:18.000000000 +0200
+++ star-1.5/star/Makefile 2007-08-24 11:51:13.000000000 +0200
@@ -1,67 +1,19 @@
-#ident @(#)star_fat.mk 1.22 08/01/02
+#ident @(#)all.mk 1.1 05/02/16
###########################################################################
-#include $(MAKE_M_ARCH).def
SRCROOT= ..
RULESDIR= RULES
include $(SRCROOT)/$(RULESDIR)/rules.top
###########################################################################
#
-# This is star_fat.mk, it creates one "fat" binary for all functionality.
+# This is all.mk, it creates several binaries, one for each function.
#
-# If you like to create non "fat" binaries, remove Makefile
-# and copy all.mk to Makefile.
+# If you like to create one single "fat" binary, remove Makefile
+# and copy star_fat.mk to Makefile.
#
-INSDIR= bin
-TARGET= star
-#SYMLINKS= ustar tar
-SYMLINKS= ustar tar gnutar suntar scpio spax
-CPPOPTS += -D__STAR__
-CPPOPTS += -DSET_CTIME -DFIFO -DUSE_MMAP -DUSE_REMOTE -DUSE_RCMD_RSH
-#CPPOPTS += -DSET_CTIME -DFIFO -DUSE_MMAP
-#CPPOPTS += -DSET_CTIME -DUSE_MMAP
-#CPPOPTS += -DFIFO -DUSE_MMAP
-CPPOPTS += -DUSE_LARGEFILES
-CPPOPTS += -DUSE_FIND
-CPPOPTS += -DUSE_ACL
-CPPOPTS += -DUSE_XATTR
-CPPOPTS += -DUSE_FFLAGS
-CPPOPTS += -DCOPY_LINKS_DELAYED
-CPPOPTS += -DSTAR_FAT
-CPPOPTS += -DSCHILY_PRINT
-CFILES= star_fat.c header.c cpiohdr.c xheader.c xattr.c \
- list.c extract.c create.c append.c diff.c restore.c \
- remove.c star_unix.c acl_unix.c acltext.c fflags.c \
- buffer.c dirtime.c lhash.c \
- hole.c longnames.c names.c \
- movearch.c table.c props.c \
- fetchdir.c \
- unicode.c \
- subst.c volhdr.c \
- chdir.c match.c defaults.c dumpdate.c \
- fifo.c device.c checkerr.c \
- \
- findinfo.c find.c walk.c find_list.c find_misc.c
-HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \
- movearch.h table.h props.h fifo.h diff.h restore.h \
- checkerr.h dumpdate.h bitstring.h \
- \
- find.h fetchdir.h walk.h find_list.h find_misc.h
-#LIBS= -lunos
-#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
-#
-# Wenn -lfind, dann auch $(LIB_INTL)
-#
-XMK_FILE= Makefile.man starformatman.mk scpioman.mk gnutarman.mk \
- spaxman.mk suntarman.mk Makefile.dfl Makefile.doc
-star_fat.c: star.c
- $(RM) $(RM_FORCE) $@; cp star.c $@
+MK_FILES= star.mk pax.mk suntar.mk gnutar.mk cpio.mk
###########################################################################
-include $(SRCROOT)/$(RULESDIR)/rules.cmd
+include $(SRCROOT)/$(RULESDIR)/rules.mks
###########################################################################
-count: $(CFILES) $(HFILES)
- count $r1
-
--- star-1.5/star/pax.mk.selinux 2007-02-17 15:51:23.000000000 +0100
+++ star-1.5/star/pax.mk 2007-08-24 11:51:13.000000000 +0200
@@ -18,8 +18,10 @@
CPPOPTS += -DUSE_ACL
CPPOPTS += -DUSE_XATTR
CPPOPTS += -DUSE_FFLAGS
+CPPOPTS += -DWITH_SELINUX
CPPOPTS += -DPAX
CPPOPTS += -DSCHILY_PRINT
+
CFILES= pax.c header.c cpiohdr.c xheader.c xattr.c \
list.c extract.c create.c append.c diff.c restore.c \
remove.c star_unix.c acl_unix.c acltext.c fflags.c \
@@ -36,7 +38,7 @@
checkerr.h dumpdate.h bitstring.h
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
XMK_FILE= spaxman.mk
###########################################################################
--- star-1.5/star/star_fat.mk.selinux 2007-06-16 16:46:18.000000000 +0200
+++ star-1.5/star/star_fat.mk 2007-08-24 11:51:13.000000000 +0200
@@ -29,6 +29,7 @@
CPPOPTS += -DCOPY_LINKS_DELAYED
CPPOPTS += -DSTAR_FAT
CPPOPTS += -DSCHILY_PRINT
+CPPOPTS += -DWITH_SELINUX
CFILES= star_fat.c header.c cpiohdr.c xheader.c xattr.c \
list.c extract.c create.c append.c diff.c restore.c \
remove.c star_unix.c acl_unix.c acltext.c fflags.c \
@@ -49,7 +50,7 @@
find.h fetchdir.h walk.h find_list.h find_misc.h
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
#
# Wenn -lfind, dann auch $(LIB_INTL)
#
--- star-1.5/star/star.c.selinux 2007-07-16 09:43:14.000000000 +0200
+++ star-1.5/star/star.c 2007-08-24 11:51:13.000000000 +0200
@@ -45,6 +45,10 @@
#include "starsubs.h"
#include "checkerr.h"
+#ifdef WITH_SELINUX
+int selinux_enabled=0;
+#endif
+
EXPORT int main __PR((int ac, char **av));
LOCAL void star_create __PR((int ac, char *const *av));
LOCAL void checkdumptype __PR((GINFO *gp));
@@ -384,6 +388,11 @@
comerr("Panic cannot set back effective uid.\n");
}
my_uid = geteuid();
+
+#ifdef WITH_SELINUX
+ selinux_enabled=is_selinux_enabled()>0;
+#endif
+
/*
* WARNING: We now are no more able to open a new remote connection
* unless we have been called by root.
--- star-1.5/star/star.mk.selinux 2007-02-17 15:51:23.000000000 +0100
+++ star-1.5/star/star.mk 2007-08-24 11:51:13.000000000 +0200
@@ -19,6 +19,7 @@
CPPOPTS += -DUSE_XATTR
CPPOPTS += -DUSE_FFLAGS
CPPOPTS += -DCOPY_LINKS_DELAYED
+CPPOPTS += -DWITH_SELINUX
CPPOPTS += -DSCHILY_PRINT
CFILES= star.c header.c cpiohdr.c xheader.c xattr.c \
list.c extract.c create.c append.c diff.c restore.c \
@@ -36,7 +37,7 @@
checkerr.h dumpdate.h bitstring.h
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
XMK_FILE= Makefile.man starformatman.mk
###########################################################################
--- star-1.5/star/xattr.c.selinux 2006-09-13 18:24:20.000000000 +0200
+++ star-1.5/star/xattr.c 2007-08-24 11:53:56.000000000 +0200
@@ -184,6 +184,28 @@
#endif /* USE_XATTR */
}
+#ifdef WITH_SELINUX
+EXPORT BOOL
+setselinux(info)
+ register FINFO *info;
+{
+#if defined(USE_XATTR) && defined(HAVE_SETXATTR) && defined(WITH_SELINUX)
+ if (info->f_xattr) {
+ star_xattr_t *xap;
+ for (xap = info->f_xattr; xap->name != NULL; xap++) {
+ if (strcmp(xap->name, "security.selinux") == 0) {
+ if (setfscreatecon(xap->value)) {
+ return FALSE;
+ }
+ }
+ }
+ }
+#endif /* USE_XATTR && WITH_SELINUX */
+ return TRUE;
+}
+#endif
+
+
/* ARGSUSED */
EXPORT BOOL
set_xattr(info)
@@ -197,6 +219,10 @@
return (TRUE);
for (xap = info->f_xattr; xap->name != NULL; xap++) {
+#ifdef WITH_SELINUX
+ if (selinux_enabled && (strcmp(xap->name, "security.selinux") == 0))
+ continue;
+#endif
if (lsetxattr(info->f_name, xap->name, xap->value,
xap->value_len, 0) != 0) {
if (!errhidden(E_SETXATTR, info->f_name)) {
--- star-1.5/star/gnutar.mk.selinux 2007-02-17 15:51:23.000000000 +0100
+++ star-1.5/star/gnutar.mk 2007-08-24 11:51:13.000000000 +0200
@@ -18,6 +18,7 @@
CPPOPTS += -DUSE_ACL
CPPOPTS += -DUSE_XATTR
CPPOPTS += -DUSE_FFLAGS
+CPPOPTS += -DWITH_SELINUX
CPPOPTS += -DSCHILY_PRINT
CFILES= gnutar.c header.c cpiohdr.c xheader.c xattr.c \
list.c extract.c create.c append.c diff.c restore.c \
@@ -35,7 +36,7 @@
checkerr.h dumpdate.h bitstring.h
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
XMK_FILE= gnutarman.mk
###########################################################################
--- star-1.5/conf/rules.cnf.in.selinux 2007-05-19 14:52:46.000000000 +0200
+++ star-1.5/conf/rules.cnf.in 2007-08-24 11:51:13.000000000 +0200
@@ -20,3 +20,4 @@
LIB_SECDB = @lib_secdb@
LIB_PTHREAD = @lib_pthread@
LIB_RT = @lib_rt@
+LIB_SELINUX = @lib_selinux@
--- star-1.5/conf/configure.in.selinux 2007-07-10 05:58:54.000000000 +0200
+++ star-1.5/conf/configure.in 2007-08-24 11:51:13.000000000 +0200
@@ -403,6 +403,8 @@
LIBS="$ac_save_LIBS"
fi
+
+
AC_CHECKING(for RBAC support)
AC_CHECK_LIB(secdb, getuserattr, lib_secdb="-lsecdb")
ac_save_LIBS="$LIBS"
@@ -441,6 +443,18 @@
else
echo no
fi
+
+AC_CHECK_HEADERS(selinux/selinux.h)
+if test "$ac_cv_header_selinux_selinux_h" = yes; then
+ AC_CHECKING(for SELinux support)
+ AC_CHECK_LIB(selinux, is_selinux_enabled, lib_selinux="-lselinux -lattr")
+ ac_save_LIBS="$LIBS"
+ LIBS="$LIBS $lib_selinux"
+ AC_CHECK_FUNCS(is_selinux_enabled)
+fi
+
+
+
AC_MSG_CHECKING(for /dev/null)
if test -r /dev/null; then
echo yes
@@ -523,5 +537,6 @@
AC_SUBST(lib_secdb)
AC_SUBST(lib_pthread)
AC_SUBST(lib_rt)
+AC_SUBST(lib_selinux)
AC_OUTPUT(rules.cnf)