Rediffed selinux patch(fuzzy), fix fuzz in 2 others

This commit is contained in:
Ondrej Vasik 2009-02-24 16:34:43 +00:00
parent c4b1fe4c8a
commit 4de88fbc58
3 changed files with 366 additions and 369 deletions

View File

@ -2735,7 +2735,7 @@ diff -urNp coreutils-6.11-orig/src/join.c coreutils-6.11/src/join.c
+ +
#include "system.h" #include "system.h"
#include "error.h" #include "error.h"
#include "hard-locale.h" #include "mbswidth.h"
@@ -324,6 +350,18 @@ @@ -324,6 +350,18 @@
#include "strftime.h" #include "strftime.h"
#include "xstrtol.h" #include "xstrtol.h"

View File

@ -404,11 +404,11 @@
@node timeout invocation @node timeout invocation
@section @command{timeout}: Run a command with a time limit @section @command{timeout}: Run a command with a time limit
--- coreutils-6.7/configure.ac.pam 2006-12-07 21:30:24.000000000 +0000 --- coreutils-7.1/configure.ac.pam
+++ coreutils-6.7/configure.ac 2007-01-09 17:18:04.000000000 +0000 +++ coreutils-7.1/configure.ac
@@ -44,6 +44,13 @@ @@ -44,6 +44,13 @@
gl_INIT [enable compile-time and run-time bounds-checking, and some warnings])
coreutils_MACROS fi
+dnl Give the chance to enable PAM +dnl Give the chance to enable PAM
+AC_ARG_ENABLE(pam, dnl +AC_ARG_ENABLE(pam, dnl

View File

@ -1,7 +1,7 @@
diff -urp coreutils-7.0.orig/configure.ac coreutils-7.0/configure.ac diff -urNp coreutils-7.1-orig/configure.ac coreutils-7.1/configure.ac
--- coreutils-7.0.orig/configure.ac 2009-01-28 17:18:16.790672000 +0100 --- coreutils-7.1-orig/configure.ac 2009-02-24 13:47:15.000000000 +0100
+++ coreutils-7.0/configure.ac 2009-01-28 17:18:52.757913913 +0100 +++ coreutils-7.1/configure.ac 2009-02-24 13:47:15.000000000 +0100
@@ -51,6 +51,13 @@ AC_ARG_ENABLE(pam, dnl @@ -84,6 +84,13 @@ AC_ARG_ENABLE(pam, dnl
LIB_PAM="-ldl -lpam -lpam_misc" LIB_PAM="-ldl -lpam -lpam_misc"
AC_SUBST(LIB_PAM)]) AC_SUBST(LIB_PAM)])
@ -15,18 +15,18 @@ diff -urp coreutils-7.0.orig/configure.ac coreutils-7.0/configure.ac
AC_FUNC_FORK AC_FUNC_FORK
optional_bin_progs= optional_bin_progs=
diff -urp coreutils-7.0.orig/man/chcon.x coreutils-7.0/man/chcon.x diff -urNp coreutils-7.1-orig/man/chcon.x coreutils-7.1/man/chcon.x
--- coreutils-7.0.orig/man/chcon.x 2008-03-07 17:05:53.000000000 +0100 --- coreutils-7.1-orig/man/chcon.x 2008-09-18 09:06:57.000000000 +0200
+++ coreutils-7.0/man/chcon.x 2009-01-28 17:18:52.759913926 +0100 +++ coreutils-7.1/man/chcon.x 2009-02-24 13:47:15.000000000 +0100
@@ -1,4 +1,4 @@ @@ -1,4 +1,4 @@
[NAME] [NAME]
-chcon \- change file security context -chcon \- change file security context
+chcon \- change file SELinux security context +chcon \- change file SELinux security context
[DESCRIPTION] [DESCRIPTION]
.\" Add any additional description here .\" Add any additional description here
diff -urp coreutils-7.0.orig/man/runcon.x coreutils-7.0/man/runcon.x diff -urNp coreutils-7.1-orig/man/runcon.x coreutils-7.1/man/runcon.x
--- coreutils-7.0.orig/man/runcon.x 2008-03-07 17:05:53.000000000 +0100 --- coreutils-7.1-orig/man/runcon.x 2008-09-18 09:06:57.000000000 +0200
+++ coreutils-7.0/man/runcon.x 2009-01-28 17:18:52.760913933 +0100 +++ coreutils-7.1/man/runcon.x 2009-02-24 13:47:15.000000000 +0100
@@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
[NAME] [NAME]
-runcon \- run command with specified security context -runcon \- run command with specified security context
@ -34,22 +34,10 @@ diff -urp coreutils-7.0.orig/man/runcon.x coreutils-7.0/man/runcon.x
[DESCRIPTION] [DESCRIPTION]
Run COMMAND with completely-specified CONTEXT, or with current or Run COMMAND with completely-specified CONTEXT, or with current or
transitioned security context modified by one or more of LEVEL, transitioned security context modified by one or more of LEVEL,
diff -urp coreutils-7.0.orig/src/chcon.c coreutils-7.0/src/chcon.c diff -urNp coreutils-7.1-orig/src/copy.c coreutils-7.1/src/copy.c
--- coreutils-7.0.orig/src/chcon.c 2008-08-24 22:30:10.000000000 +0200 --- coreutils-7.1-orig/src/copy.c 2009-02-18 15:32:52.000000000 +0100
+++ coreutils-7.0/src/chcon.c 2009-01-28 17:18:52.761913940 +0100 +++ coreutils-7.1/src/copy.c 2009-02-24 13:47:15.000000000 +0100
@@ -366,7 +366,7 @@ Usage: %s [OPTION]... CONTEXT FILE...\n\ @@ -1830,6 +1830,8 @@ copy_internal (char const *src_name, cha
"),
program_name, program_name, program_name);
fputs (_("\
-Change the security context of each FILE to CONTEXT.\n\
+Change the SELinux security context of each FILE to CONTEXT.\n\
With --reference, change the security context of each FILE to that of RFILE.\n\
\n\
-c, --changes like verbose but report only when a change is made\n\
diff -urp coreutils-7.0.orig/src/copy.c coreutils-7.0/src/copy.c
--- coreutils-7.0.orig/src/copy.c 2009-01-28 17:18:16.748671000 +0100
+++ coreutils-7.0/src/copy.c 2009-01-28 17:18:52.762913947 +0100
@@ -1819,6 +1824,8 @@ copy_internal (char const *src_name, cha
{ {
/* Here, we are crossing a file system boundary and cp's -x option /* Here, we are crossing a file system boundary and cp's -x option
is in effect: so don't copy the contents of this directory. */ is in effect: so don't copy the contents of this directory. */
@ -58,10 +46,10 @@ diff -urp coreutils-7.0.orig/src/copy.c coreutils-7.0/src/copy.c
} }
else else
{ {
diff -urp coreutils-7.0.orig/src/copy.h coreutils-7.0/src/copy.h diff -urNp coreutils-7.1-orig/src/copy.h coreutils-7.1/src/copy.h
--- coreutils-7.0.orig/src/copy.h 2009-01-28 17:18:16.748671000 +0100 --- coreutils-7.1-orig/src/copy.h 2009-02-18 15:32:52.000000000 +0100
+++ coreutils-7.0/src/copy.h 2009-01-28 17:18:52.763913953 +0100 +++ coreutils-7.1/src/copy.h 2009-02-24 13:47:15.000000000 +0100
@@ -141,6 +141,9 @@ struct cp_options @@ -140,6 +140,9 @@ struct cp_options
bool preserve_mode; bool preserve_mode;
bool preserve_timestamps; bool preserve_timestamps;
@ -71,10 +59,10 @@ diff -urp coreutils-7.0.orig/src/copy.h coreutils-7.0/src/copy.h
/* Enabled for mv, and for cp by the --preserve=links option. /* Enabled for mv, and for cp by the --preserve=links option.
If true, attempt to preserve in the destination files any If true, attempt to preserve in the destination files any
logical hard links between the source files. If used with cp's logical hard links between the source files. If used with cp's
diff -urp coreutils-7.0.orig/src/cp.c coreutils-7.0/src/cp.c diff -urNp coreutils-7.1-orig/src/cp.c coreutils-7.1/src/cp.c
--- coreutils-7.0.orig/src/cp.c 2009-01-28 17:18:16.750671000 +0100 --- coreutils-7.1-orig/src/cp.c 2009-02-18 15:32:52.000000000 +0100
+++ coreutils-7.0/src/cp.c 2009-01-28 17:20:29.109561384 +0100 +++ coreutils-7.1/src/cp.c 2009-02-24 13:47:15.000000000 +0100
@@ -148,6 +148,7 @@ static struct option const long_opts[] = @@ -133,6 +133,7 @@ static struct option const long_opts[] =
{"target-directory", required_argument, NULL, 't'}, {"target-directory", required_argument, NULL, 't'},
{"update", no_argument, NULL, 'u'}, {"update", no_argument, NULL, 'u'},
{"verbose", no_argument, NULL, 'v'}, {"verbose", no_argument, NULL, 'v'},
@ -82,7 +70,7 @@ diff -urp coreutils-7.0.orig/src/cp.c coreutils-7.0/src/cp.c
{GETOPT_HELP_OPTION_DECL}, {GETOPT_HELP_OPTION_DECL},
{GETOPT_VERSION_OPTION_DECL}, {GETOPT_VERSION_OPTION_DECL},
{NULL, 0, NULL, 0} {NULL, 0, NULL, 0}
@@ -206,6 +207,9 @@ Mandatory arguments to long options are @@ -191,6 +192,9 @@ Mandatory arguments to long options are
all\n\ all\n\
"), stdout); "), stdout);
fputs (_("\ fputs (_("\
@ -92,7 +80,7 @@ diff -urp coreutils-7.0.orig/src/cp.c coreutils-7.0/src/cp.c
--no-preserve=ATTR_LIST don't preserve the specified attributes\n\ --no-preserve=ATTR_LIST don't preserve the specified attributes\n\
--parents use full source file name under DIRECTORY\n\ --parents use full source file name under DIRECTORY\n\
"), stdout); "), stdout);
@@ -231,6 +235,7 @@ Mandatory arguments to long options are @@ -216,6 +220,7 @@ Mandatory arguments to long options are
destination file is missing\n\ destination file is missing\n\
-v, --verbose explain what is being done\n\ -v, --verbose explain what is being done\n\
-x, --one-file-system stay on this file system\n\ -x, --one-file-system stay on this file system\n\
@ -100,15 +88,15 @@ diff -urp coreutils-7.0.orig/src/cp.c coreutils-7.0/src/cp.c
"), stdout); "), stdout);
fputs (HELP_OPTION_DESCRIPTION, stdout); fputs (HELP_OPTION_DESCRIPTION, stdout);
fputs (VERSION_OPTION_DESCRIPTION, stdout); fputs (VERSION_OPTION_DESCRIPTION, stdout);
@@ -780,6 +785,7 @@ cp_option_init (struct cp_options *x) @@ -765,6 +770,7 @@ cp_option_init (struct cp_options *x)
x->preserve_timestamps = false; x->preserve_timestamps = false;
x->preserve_security_context = false; x->preserve_security_context = false;
x->require_preserve_context = false; x->require_preserve_context = false;
+ x->set_security_context = false; + x->set_security_context = false;
x->preserve_xattr = false; x->preserve_xattr = false;
x->reduce_diagnostics = false;
x->require_preserve_xattr = false; x->require_preserve_xattr = false;
@@ -911,7 +917,7 @@ main (int argc, char **argv)
@@ -925,7 +931,7 @@ main (int argc, char **argv)
we'll actually use backup_suffix_string. */ we'll actually use backup_suffix_string. */
backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX"); backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
@ -117,7 +105,7 @@ diff -urp coreutils-7.0.orig/src/cp.c coreutils-7.0/src/cp.c
long_opts, NULL)) long_opts, NULL))
!= -1) != -1)
{ {
@@ -956,6 +964,16 @@ main (int argc, char **argv) @@ -945,6 +951,16 @@ main (int argc, char **argv)
copy_contents = true; copy_contents = true;
break; break;
@ -134,7 +122,7 @@ diff -urp coreutils-7.0.orig/src/cp.c coreutils-7.0/src/cp.c
case 'd': case 'd':
x.preserve_links = true; x.preserve_links = true;
x.dereference = DEREF_NEVER; x.dereference = DEREF_NEVER;
@@ -1072,6 +1090,27 @@ main (int argc, char **argv) @@ -1054,6 +1070,27 @@ main (int argc, char **argv)
x.one_file_system = true; x.one_file_system = true;
break; break;
@ -162,10 +150,22 @@ diff -urp coreutils-7.0.orig/src/cp.c coreutils-7.0/src/cp.c
case 'S': case 'S':
make_backups = true; make_backups = true;
backup_suffix_string = optarg; backup_suffix_string = optarg;
diff -urp coreutils-7.0.orig/src/id.c coreutils-7.0/src/id.c diff -urNp coreutils-7.1-orig/src/chcon.c coreutils-7.1/src/chcon.c
--- coreutils-7.0.orig/src/id.c 2008-08-24 22:58:15.000000000 +0200 --- coreutils-7.1-orig/src/chcon.c 2008-10-12 16:12:56.000000000 +0200
+++ coreutils-7.0/src/id.c 2009-01-28 17:18:52.766913973 +0100 +++ coreutils-7.1/src/chcon.c 2009-02-24 13:47:15.000000000 +0100
@@ -106,7 +106,7 @@ int @@ -346,7 +346,7 @@ Usage: %s [OPTION]... CONTEXT FILE...\n\
"),
program_name, program_name, program_name);
fputs (_("\
-Change the security context of each FILE to CONTEXT.\n\
+Change the SELinux security context of each FILE to CONTEXT.\n\
With --reference, change the security context of each FILE to that of RFILE.\n\
\n\
-h, --no-dereference affect symbolic links instead of any referenced file\n\
diff -urNp coreutils-7.1-orig/src/id.c coreutils-7.1/src/id.c
--- coreutils-7.1-orig/src/id.c 2009-02-16 15:57:44.000000000 +0100
+++ coreutils-7.1/src/id.c 2009-02-24 13:47:15.000000000 +0100
@@ -107,7 +107,7 @@ int
main (int argc, char **argv) main (int argc, char **argv)
{ {
int optc; int optc;
@ -174,10 +174,10 @@ diff -urp coreutils-7.0.orig/src/id.c coreutils-7.0/src/id.c
/* If true, output the list of all group IDs. -G */ /* If true, output the list of all group IDs. -G */
bool just_group_list = false; bool just_group_list = false;
diff -urp coreutils-7.0.orig/src/install.c coreutils-7.0/src/install.c diff -urNp coreutils-7.1-orig/src/install.c coreutils-7.1/src/install.c
--- coreutils-7.0.orig/src/install.c 2009-01-28 17:18:16.751671000 +0100 --- coreutils-7.1-orig/src/install.c 2009-02-18 15:32:52.000000000 +0100
+++ coreutils-7.0/src/install.c 2009-01-28 17:18:52.767913980 +0100 +++ coreutils-7.1/src/install.c 2009-02-24 13:47:15.000000000 +0100
@@ -152,11 +152,11 @@ static struct option const long_options[ @@ -157,11 +157,11 @@ static struct option const long_options[
{"no-target-directory", no_argument, NULL, 'T'}, {"no-target-directory", no_argument, NULL, 'T'},
{"owner", required_argument, NULL, 'o'}, {"owner", required_argument, NULL, 'o'},
{"preserve-timestamps", no_argument, NULL, 'p'}, {"preserve-timestamps", no_argument, NULL, 'p'},
@ -191,15 +191,15 @@ diff -urp coreutils-7.0.orig/src/install.c coreutils-7.0/src/install.c
{"strip", no_argument, NULL, 's'}, {"strip", no_argument, NULL, 's'},
{"strip-program", required_argument, NULL, STRIP_PROGRAM_OPTION}, {"strip-program", required_argument, NULL, STRIP_PROGRAM_OPTION},
{"suffix", required_argument, NULL, 'S'}, {"suffix", required_argument, NULL, 'S'},
@@ -185,6 +185,7 @@ cp_option_init (struct cp_options *x) @@ -292,6 +292,7 @@ cp_option_init (struct cp_options *x)
x->preserve_timestamps = false; x->reduce_diagnostics=false;
x->require_preserve = false; x->require_preserve = false;
x->require_preserve_context = false; x->require_preserve_context = false;
+ x->set_security_context = false; + x->set_security_context = false;
x->require_preserve_xattr = false; x->require_preserve_xattr = false;
x->recursive = false; x->recursive = false;
x->sparse_mode = SPARSE_AUTO; x->sparse_mode = SPARSE_AUTO;
@@ -361,7 +362,7 @@ main (int argc, char **argv) @@ -469,7 +470,7 @@ main (int argc, char **argv)
we'll actually use backup_suffix_string. */ we'll actually use backup_suffix_string. */
backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX"); backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
@ -208,7 +208,7 @@ diff -urp coreutils-7.0.orig/src/install.c coreutils-7.0/src/install.c
NULL)) != -1) NULL)) != -1)
{ {
switch (optc) switch (optc)
@@ -428,6 +429,7 @@ main (int argc, char **argv) @@ -539,6 +540,7 @@ main (int argc, char **argv)
no_target_directory = true; no_target_directory = true;
break; break;
@ -216,7 +216,7 @@ diff -urp coreutils-7.0.orig/src/install.c coreutils-7.0/src/install.c
case PRESERVE_CONTEXT_OPTION: case PRESERVE_CONTEXT_OPTION:
if ( ! selinux_enabled) if ( ! selinux_enabled)
{ {
@@ -435,6 +437,10 @@ main (int argc, char **argv) @@ -546,6 +548,10 @@ main (int argc, char **argv)
"this kernel is not SELinux-enabled")); "this kernel is not SELinux-enabled"));
break; break;
} }
@ -227,7 +227,7 @@ diff -urp coreutils-7.0.orig/src/install.c coreutils-7.0/src/install.c
x.preserve_security_context = true; x.preserve_security_context = true;
use_default_selinux_context = false; use_default_selinux_context = false;
break; break;
@@ -446,6 +452,7 @@ main (int argc, char **argv) @@ -557,6 +563,7 @@ main (int argc, char **argv)
break; break;
} }
scontext = optarg; scontext = optarg;
@ -235,7 +235,7 @@ diff -urp coreutils-7.0.orig/src/install.c coreutils-7.0/src/install.c
use_default_selinux_context = false; use_default_selinux_context = false;
break; break;
case_GETOPT_HELP_CHAR; case_GETOPT_HELP_CHAR;
@@ -850,8 +857,8 @@ Mandatory arguments to long options are @@ -990,8 +997,8 @@ Mandatory arguments to long options are
-v, --verbose print the name of each directory as it is created\n\ -v, --verbose print the name of each directory as it is created\n\
"), stdout); "), stdout);
fputs (_("\ fputs (_("\
@ -246,10 +246,10 @@ diff -urp coreutils-7.0.orig/src/install.c coreutils-7.0/src/install.c
"), stdout); "), stdout);
fputs (HELP_OPTION_DESCRIPTION, stdout); fputs (HELP_OPTION_DESCRIPTION, stdout);
diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c diff -urNp coreutils-7.1-orig/src/ls.c coreutils-7.1/src/ls.c
--- coreutils-7.0.orig/src/ls.c 2009-01-28 17:18:16.705671000 +0100 --- coreutils-7.1-orig/src/ls.c 2009-02-20 19:34:02.000000000 +0100
+++ coreutils-7.0/src/ls.c 2009-01-28 17:18:52.770914000 +0100 +++ coreutils-7.1/src/ls.c 2009-02-24 13:47:15.000000000 +0100
@@ -139,7 +139,8 @@ enum filetype @@ -136,7 +136,8 @@ enum filetype
symbolic_link, symbolic_link,
sock, sock,
whiteout, whiteout,
@ -259,7 +259,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
}; };
/* Display letters and indicators for each filetype. /* Display letters and indicators for each filetype.
@@ -246,6 +248,7 @@ static void queue_directory (char const @@ -253,6 +254,7 @@ static void queue_directory (char const
static void sort_files (void); static void sort_files (void);
static void parse_ls_color (void); static void parse_ls_color (void);
void usage (int status); void usage (int status);
@ -267,7 +267,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
/* Initial size of hash table. /* Initial size of hash table.
Most hierarchies are likely to be shallower than this. */ Most hierarchies are likely to be shallower than this. */
@@ -315,7 +318,7 @@ static struct pending *pending_dirs; @@ -322,7 +324,7 @@ static struct pending *pending_dirs;
static struct timespec current_time; static struct timespec current_time;
@ -276,7 +276,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
static char UNKNOWN_SECURITY_CONTEXT[] = "?"; static char UNKNOWN_SECURITY_CONTEXT[] = "?";
/* Whether any of the files has an ACL. This affects the width of the /* Whether any of the files has an ACL. This affects the width of the
@@ -355,7 +358,9 @@ enum format @@ -362,7 +364,9 @@ enum format
one_per_line, /* -1 */ one_per_line, /* -1 */
many_per_line, /* -C */ many_per_line, /* -C */
horizontal, /* -x */ horizontal, /* -x */
@ -287,7 +287,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
}; };
static enum format format; static enum format format;
@@ -744,6 +749,9 @@ enum @@ -754,6 +758,9 @@ enum
SHOW_CONTROL_CHARS_OPTION, SHOW_CONTROL_CHARS_OPTION,
SI_OPTION, SI_OPTION,
SORT_OPTION, SORT_OPTION,
@ -297,7 +297,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
TIME_OPTION, TIME_OPTION,
TIME_STYLE_OPTION TIME_STYLE_OPTION
}; };
@@ -789,7 +797,9 @@ static struct option const long_options[ @@ -799,7 +806,9 @@ static struct option const long_options[
{"time-style", required_argument, NULL, TIME_STYLE_OPTION}, {"time-style", required_argument, NULL, TIME_STYLE_OPTION},
{"color", optional_argument, NULL, COLOR_OPTION}, {"color", optional_argument, NULL, COLOR_OPTION},
{"block-size", required_argument, NULL, BLOCK_SIZE_OPTION}, {"block-size", required_argument, NULL, BLOCK_SIZE_OPTION},
@ -308,7 +308,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
{"author", no_argument, NULL, AUTHOR_OPTION}, {"author", no_argument, NULL, AUTHOR_OPTION},
{GETOPT_HELP_OPTION_DECL}, {GETOPT_HELP_OPTION_DECL},
{GETOPT_VERSION_OPTION_DECL}, {GETOPT_VERSION_OPTION_DECL},
@@ -799,12 +809,12 @@ static struct option const long_options[ @@ -809,12 +818,12 @@ static struct option const long_options[
static char const *const format_args[] = static char const *const format_args[] =
{ {
"verbose", "long", "commas", "horizontal", "across", "verbose", "long", "commas", "horizontal", "across",
@ -323,7 +323,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
}; };
ARGMATCH_VERIFY (format_args, format_types); ARGMATCH_VERIFY (format_args, format_types);
@@ -1251,7 +1261,7 @@ main (int argc, char **argv) @@ -1261,7 +1270,7 @@ main (int argc, char **argv)
format_needs_stat = sort_type == sort_time || sort_type == sort_size format_needs_stat = sort_type == sort_time || sort_type == sort_size
|| format == long_format || format == long_format
@ -332,7 +332,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
|| print_block_size; || print_block_size;
format_needs_type = (! format_needs_stat format_needs_type = (! format_needs_stat
&& (recursive && (recursive
@@ -1282,7 +1292,7 @@ main (int argc, char **argv) @@ -1292,7 +1301,7 @@ main (int argc, char **argv)
} }
else else
do do
@ -341,7 +341,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
while (i < argc); while (i < argc);
if (cwd_n_used) if (cwd_n_used)
@@ -1445,7 +1455,7 @@ decode_switches (int argc, char **argv) @@ -1455,7 +1464,7 @@ decode_switches (int argc, char **argv)
ignore_mode = IGNORE_DEFAULT; ignore_mode = IGNORE_DEFAULT;
ignore_patterns = NULL; ignore_patterns = NULL;
hide_patterns = NULL; hide_patterns = NULL;
@ -350,7 +350,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
/* FIXME: put this in a function. */ /* FIXME: put this in a function. */
{ {
@@ -1827,13 +1837,27 @@ decode_switches (int argc, char **argv) @@ -1837,13 +1846,27 @@ decode_switches (int argc, char **argv)
break; break;
case 'Z': case 'Z':
@ -379,7 +379,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
default: default:
usage (LS_FAILURE); usage (LS_FAILURE);
} }
@@ -2547,8 +2571,10 @@ clear_files (void) @@ -2557,8 +2580,10 @@ clear_files (void)
struct fileinfo *f = sorted_file[i]; struct fileinfo *f = sorted_file[i];
free (f->name); free (f->name);
free (f->linkname); free (f->linkname);
@ -392,7 +392,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
} }
cwd_n_used = 0; cwd_n_used = 0;
@@ -2590,6 +2616,7 @@ gobble_file (char const *name, enum file @@ -2600,6 +2625,7 @@ gobble_file (char const *name, enum file
memset (f, '\0', sizeof *f); memset (f, '\0', sizeof *f);
f->stat.st_ino = inode; f->stat.st_ino = inode;
f->filetype = type; f->filetype = type;
@ -400,16 +400,16 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
if (command_line_arg if (command_line_arg
|| format_needs_stat || format_needs_stat
@@ -2689,7 +2716,7 @@ gobble_file (char const *name, enum file @@ -2699,7 +2725,7 @@ gobble_file (char const *name, enum file
f->stat_ok = true; f->stat_ok = true;
- if (format == long_format || print_scontext) - if (format == long_format || print_scontext)
+ if (format == long_format || format == security_format || print_scontext) + if (format == long_format || format == security_format || print_scontext)
{ {
bool have_selinux = false;
bool have_acl = false; bool have_acl = false;
int attr_len = (do_deref @@ -3312,6 +3338,13 @@ print_current_files (void)
@@ -3297,6 +3322,13 @@ print_current_files (void)
print_long_format (sorted_file[i]); print_long_format (sorted_file[i]);
DIRED_PUTCHAR ('\n'); DIRED_PUTCHAR ('\n');
} }
@ -423,295 +423,7 @@ diff -urp coreutils-7.0.orig/src/ls.c coreutils-7.0/src/ls.c
break; break;
} }
} }
@@ -3482,7 +3514,7 @@ print_long_format (const struct fileinfo @@ -3434,6 +3467,69 @@ format_group_width (gid_t g)
The latter is wrong when inode_number_width is zero. */
p += strlen (p);
}
-
+
if (print_block_size)
{
char hbuf[LONGEST_HUMAN_READABLE + 1];
@@ -3511,9 +3543,15 @@ print_long_format (const struct fileinfo
The latter is wrong when nlink_width is zero. */
p += strlen (p);
+ if (print_scontext)
+ {
+ sprintf (p, "%-32s ", f->scontext ? f->scontext : "");
+ p += strlen (p);
+ }
+
DIRED_INDENT ();
- if (print_owner | print_group | print_author | print_scontext)
+ if (print_owner | print_group | print_author)
{
DIRED_FPUTS (buf, stdout, p - buf);
@@ -3526,9 +3564,6 @@ print_long_format (const struct fileinfo
if (print_author)
format_user (f->stat.st_author, author_width, f->stat_ok);
- if (print_scontext)
- format_user_or_group (f->scontext, 0, scontext_width);
-
p = buf;
}
@@ -3867,9 +3902,6 @@ print_file_name_and_frills (const struct
human_readable (ST_NBLOCKS (f->stat), buf, human_output_opts,
ST_NBLOCKSIZE, output_block_size));
- if (print_scontext)
- printf ("%*s ", format == with_commas ? 0 : scontext_width, f->scontext);
-
size_t width = print_name_with_quoting (f->name, FILE_OR_LINK_MODE (f),
f->linkok, f->stat_ok, f->filetype,
NULL, f->stat.st_nlink, start_col);
@@ -4077,9 +4109,6 @@ length_of_file_name_and_frills (const st
output_block_size))
: block_size_width);
- if (print_scontext)
- len += 1 + (format == with_commas ? strlen (f->scontext) : scontext_width);
-
quote_name (NULL, f->name, filename_quoting_options, &name_width);
len += name_width;
@@ -4510,9 +4539,16 @@ Mandatory arguments to long options are
-w, --width=COLS assume screen width instead of current value\n\
-x list entries by lines instead of by columns\n\
-X sort alphabetically by entry extension\n\
- -Z, --context print any SELinux security context of each file\n\
-1 list one file per line\n\
"), stdout);
+ fputs(_("\nSELinux options:\n\n\
+ --lcontext Display security context. Enable -l. Lines\n\
+ will probably be too wide for most displays.\n\
+ -Z, --context Display security context so it fits on most\n\
+ displays. Displays only mode, user, group,\n\
+ security context and file name.\n\
+ --scontext Display only security context and file name.\n\
+"), stdout);
fputs (HELP_OPTION_DESCRIPTION, stdout);
fputs (VERSION_OPTION_DESCRIPTION, stdout);
fputs (_("\n\
diff -urp coreutils-7.0.orig/src/mkdir.c coreutils-7.0/src/mkdir.c
--- coreutils-7.0.orig/src/mkdir.c 2008-08-24 22:58:15.000000000 +0200
+++ coreutils-7.0/src/mkdir.c 2009-01-28 17:18:52.771914007 +0100
@@ -39,6 +39,7 @@
static struct option const longopts[] =
{
{GETOPT_SELINUX_CONTEXT_OPTION_DECL},
+ {"context", required_argument, NULL, 'Z'},
{"mode", required_argument, NULL, 'm'},
{"parents", no_argument, NULL, 'p'},
{"verbose", no_argument, NULL, 'v'},
diff -urp coreutils-7.0.orig/src/mknod.c coreutils-7.0/src/mknod.c
--- coreutils-7.0.orig/src/mknod.c 2008-09-27 19:28:54.000000000 +0200
+++ coreutils-7.0/src/mknod.c 2009-01-28 17:18:52.772914014 +0100
@@ -35,7 +35,7 @@
static struct option const longopts[] =
{
- {GETOPT_SELINUX_CONTEXT_OPTION_DECL},
+ {GETOPT_SELINUX_CONTEXT_OPTION_DECL},
{"mode", required_argument, NULL, 'm'},
{GETOPT_HELP_OPTION_DECL},
{GETOPT_VERSION_OPTION_DECL},
diff -urp coreutils-7.0.orig/src/mv.c coreutils-7.0/src/mv.c
--- coreutils-7.0.orig/src/mv.c 2009-01-28 17:18:16.752671000 +0100
+++ coreutils-7.0/src/mv.c 2009-01-28 17:18:52.773914020 +0100
@@ -138,6 +138,7 @@ cp_option_init (struct cp_options *x)
x->preserve_mode = true;
x->preserve_timestamps = true;
x->preserve_security_context = selinux_enabled;
+ x->set_security_context = false;
x->reduce_diagnostics = false;
x->require_preserve = false; /* FIXME: maybe make this an option */
x->require_preserve_context = false;
diff -urp coreutils-7.0.orig/src/runcon.c coreutils-7.0/src/runcon.c
--- coreutils-7.0.orig/src/runcon.c 2008-08-24 22:30:10.000000000 +0200
+++ coreutils-7.0/src/runcon.c 2009-01-28 17:18:52.774914027 +0100
@@ -86,7 +86,7 @@ Usage: %s CONTEXT COMMAND [args]\n\
or: %s [ -c ] [-u USER] [-r ROLE] [-t TYPE] [-l RANGE] COMMAND [args]\n\
"), program_name, program_name);
fputs (_("\
-Run a program in a different security context.\n\
+Run a program in a different SELinux security context.\n\
With neither CONTEXT nor COMMAND, print the current security context.\n\
\n\
CONTEXT Complete security context\n\
diff -urp coreutils-7.0.orig/src/stat.c coreutils-7.0/src/stat.c
--- coreutils-7.0.orig/src/stat.c 2008-09-27 19:28:54.000000000 +0200
+++ coreutils-7.0/src/stat.c 2009-01-28 17:18:52.775914034 +0100
@@ -823,7 +823,7 @@ print_it (char const *format, char const
/* Stat the file system and print what we find. */
static bool
-do_statfs (char const *filename, bool terse, char const *format)
+do_statfs (char const *filename, bool terse, bool secure, char const *format)
{
STRUCT_STATVFS statfsbuf;
@@ -835,15 +835,31 @@ do_statfs (char const *filename, bool te
}
if (format == NULL)
+ {
+ if (terse)
{
- format = (terse
- ? "%n %i %l %t %s %S %b %f %a %c %d\n"
- : " File: \"%n\"\n"
- " ID: %-8i Namelen: %-7l Type: %T\n"
- "Block size: %-10s Fundamental block size: %S\n"
- "Blocks: Total: %-10b Free: %-10f Available: %a\n"
- "Inodes: Total: %-10c Free: %d\n");
+ if (secure)
+ format = "%n %i %l %t %s %S %b %f %a %c %d %C\n";
+ else
+ format = "%n %i %l %t %s %S %b %f %a %c %d\n";
}
+ else
+ {
+ if (secure)
+ format = " File: \"%n\"\n"
+ " ID: %-8i Namelen: %-7l Type: %T\n"
+ "Block size: %-10s Fundamental block size: %S\n"
+ "Blocks: Total: %-10b Free: %-10f Available: %a\n"
+ "Inodes: Total: %-10c Free: %d\n"
+ " S_Context: %C\n";
+ else
+ format = " File: \"%n\"\n"
+ " ID: %-8i Namelen: %-7l Type: %T\n"
+ "Block size: %-10s Fundamental block size: %S\n"
+ "Blocks: Total: %-10b Free: %-10f Available: %a\n"
+ "Inodes: Total: %-10c Free: %d\n";
+ }
+ }
print_it (format, filename, print_statfs, &statfsbuf);
return true;
@@ -851,7 +867,7 @@ do_statfs (char const *filename, bool te
/* stat the file and print what we find */
static bool
-do_stat (char const *filename, bool terse, char const *format)
+do_stat (char const *filename, bool terse, bool secure, char const *format)
{
struct stat statbuf;
@@ -864,9 +880,12 @@ do_stat (char const *filename, bool ters
if (format == NULL)
{
if (terse)
- {
- format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o\n";
- }
+ {
+ if (secure)
+ format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o %C\n";
+ else
+ format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o\n";
+ }
else
{
/* Temporary hack to match original output until conditional
@@ -883,12 +902,22 @@ do_stat (char const *filename, bool ters
}
else
{
- format =
- " File: %N\n"
- " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
- "Device: %Dh/%dd\tInode: %-10i Links: %h\n"
- "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n"
- "Access: %x\n" "Modify: %y\n" "Change: %z\n";
+ if (secure)
+ format =
+ " File: %N\n"
+ " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
+ "Device: %Dh/%dd\tInode: %-10i Links: %-5h"
+ " Device type: %t,%T\n"
+ "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n"
+ " S_Context: %C\n"
+ "Access: %x\n" "Modify: %y\n" "Change: %z\n";
+ else
+ format =
+ " File: %N\n"
+ " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
+ "Device: %Dh/%dd\tInode: %-10i Links: %h\n"
+ "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n"
+ "Access: %x\n" "Modify: %y\n" "Change: %z\n";
}
}
}
@@ -909,6 +938,7 @@ usage (int status)
Display file or file system status.\n\
\n\
-L, --dereference follow links\n\
+ -Z, --context print the SELinux security context \n\
-f, --file-system display file system status instead of file status\n\
"), stdout);
fputs (_("\
@@ -993,6 +1023,7 @@ main (int argc, char *argv[])
int i;
bool fs = false;
bool terse = false;
+ bool secure = false;
char *format = NULL;
bool ok = true;
@@ -1032,13 +1063,13 @@ main (int argc, char *argv[])
terse = true;
break;
- case 'Z': /* FIXME: remove in 2010 */
- /* Ignore, for compatibility with distributions
- that implemented this before upstream.
- But warn of impending removal. */
- error (0, 0,
- _("the --context (-Z) option is obsolete and will be removed\n"
- "in a future release"));
+ case 'Z':
+ if((is_selinux_enabled()>0))
+ secure = 1;
+ else {
+ error (0, 0, _("Kernel is not SELinux enabled"));
+ usage (EXIT_FAILURE);
+ }
break;
case_GETOPT_HELP_CHAR;
@@ -1058,8 +1089,8 @@ main (int argc, char *argv[])
for (i = optind; i < argc; i++)
ok &= (fs
- ? do_statfs (argv[i], terse, format)
- : do_stat (argv[i], terse, format));
+ ? do_statfs (argv[i], terse, secure, format)
+ : do_stat (argv[i], terse, secure, format));
exit (ok ? EXIT_SUCCESS : EXIT_FAILURE);
}
diff -urp coreutils-7.0.orig/tests/misc/selinux coreutils-7.0/tests/misc/selinux
--- coreutils-7.0.orig/tests/misc/selinux 2008-09-27 19:28:54.000000000 +0200
+++ coreutils-7.0/tests/misc/selinux 2009-01-28 17:18:52.776914041 +0100
@@ -30,7 +30,7 @@ chcon $ctx f d p ||
# inspect that context with both ls -Z and stat.
for i in d f p; do
- c=`ls -dogZ $i|cut -d' ' -f3`; test x$c = x$ctx || fail=1
+ c=`ls -dogZ $i|cut -d' ' -f5`; test x$c = x$ctx || fail=1
c=`stat --printf %C $i`; test x$c = x$ctx || fail=1
done
diff -urNp coreutils-7.1-orig/src/ls.c coreutils-7.1/src/ls.c
--- coreutils-7.1-orig/src/ls.c 2009-02-23 17:11:01.000000000 +0100
+++ coreutils-7.1/src/ls.c 2009-02-23 17:14:27.000000000 +0100
@@ -3467,6 +3467,69 @@ format_group_width (gid_t g)
} }
@ -781,3 +493,288 @@ diff -urNp coreutils-7.1-orig/src/ls.c coreutils-7.1/src/ls.c
/* Print information about F in long format. */ /* Print information about F in long format. */
static void static void
@@ -3499,7 +3595,7 @@ print_long_format (const struct fileinfo
The latter is wrong when inode_number_width is zero. */
p += strlen (p);
}
-
+
if (print_block_size)
{
char hbuf[LONGEST_HUMAN_READABLE + 1];
@@ -3528,9 +3624,15 @@ print_long_format (const struct fileinfo
The latter is wrong when nlink_width is zero. */
p += strlen (p);
+ if (print_scontext)
+ {
+ sprintf (p, "%-32s ", f->scontext ? f->scontext : "");
+ p += strlen (p);
+ }
+
DIRED_INDENT ();
- if (print_owner | print_group | print_author | print_scontext)
+ if (print_owner | print_group | print_author)
{
DIRED_FPUTS (buf, stdout, p - buf);
@@ -3543,9 +3645,6 @@ print_long_format (const struct fileinfo
if (print_author)
format_user (f->stat.st_author, author_width, f->stat_ok);
- if (print_scontext)
- format_user_or_group (f->scontext, 0, scontext_width);
-
p = buf;
}
@@ -3888,9 +3987,6 @@ print_file_name_and_frills (const struct
human_readable (ST_NBLOCKS (f->stat), buf, human_output_opts,
ST_NBLOCKSIZE, output_block_size));
- if (print_scontext)
- printf ("%*s ", format == with_commas ? 0 : scontext_width, f->scontext);
-
size_t width = print_name_with_quoting (f->name, FILE_OR_LINK_MODE (f),
f->linkok, f->stat_ok, f->filetype,
NULL, f->stat.st_nlink, start_col);
@@ -4105,9 +4201,6 @@ length_of_file_name_and_frills (const st
output_block_size))
: block_size_width);
- if (print_scontext)
- len += 1 + (format == with_commas ? strlen (f->scontext) : scontext_width);
-
quote_name (NULL, f->name, filename_quoting_options, &name_width);
len += name_width;
@@ -4538,9 +4631,16 @@ Mandatory arguments to long options are
-w, --width=COLS assume screen width instead of current value\n\
-x list entries by lines instead of by columns\n\
-X sort alphabetically by entry extension\n\
- -Z, --context print any SELinux security context of each file\n\
-1 list one file per line\n\
"), stdout);
+ fputs(_("\nSELinux options:\n\n\
+ --lcontext Display security context. Enable -l. Lines\n\
+ will probably be too wide for most displays.\n\
+ -Z, --context Display security context so it fits on most\n\
+ displays. Displays only mode, user, group,\n\
+ security context and file name.\n\
+ --scontext Display only security context and file name.\n\
+"), stdout);
fputs (HELP_OPTION_DESCRIPTION, stdout);
fputs (VERSION_OPTION_DESCRIPTION, stdout);
fputs (_("\n\
diff -urNp coreutils-7.1-orig/src/mkdir.c coreutils-7.1/src/mkdir.c
--- coreutils-7.1-orig/src/mkdir.c 2008-10-19 21:47:57.000000000 +0200
+++ coreutils-7.1/src/mkdir.c 2009-02-24 13:47:15.000000000 +0100
@@ -38,6 +38,7 @@
static struct option const longopts[] =
{
{GETOPT_SELINUX_CONTEXT_OPTION_DECL},
+ {"context", required_argument, NULL, 'Z'},
{"mode", required_argument, NULL, 'm'},
{"parents", no_argument, NULL, 'p'},
{"verbose", no_argument, NULL, 'v'},
diff -urNp coreutils-7.1-orig/src/mknod.c coreutils-7.1/src/mknod.c
--- coreutils-7.1-orig/src/mknod.c 2008-09-22 16:01:21.000000000 +0200
+++ coreutils-7.1/src/mknod.c 2009-02-24 13:47:15.000000000 +0100
@@ -35,7 +35,7 @@
static struct option const longopts[] =
{
- {GETOPT_SELINUX_CONTEXT_OPTION_DECL},
+ {GETOPT_SELINUX_CONTEXT_OPTION_DECL},
{"mode", required_argument, NULL, 'm'},
{GETOPT_HELP_OPTION_DECL},
{GETOPT_VERSION_OPTION_DECL},
diff -urNp coreutils-7.1-orig/src/mv.c coreutils-7.1/src/mv.c
--- coreutils-7.1-orig/src/mv.c 2009-02-18 15:32:52.000000000 +0100
+++ coreutils-7.1/src/mv.c 2009-02-24 13:47:15.000000000 +0100
@@ -122,6 +122,7 @@ cp_option_init (struct cp_options *x)
x->preserve_mode = true;
x->preserve_timestamps = true;
x->preserve_security_context = selinux_enabled;
+ x->set_security_context = false;
x->reduce_diagnostics = false;
x->require_preserve = false; /* FIXME: maybe make this an option */
x->require_preserve_context = false;
diff -urNp coreutils-7.1-orig/src/runcon.c coreutils-7.1/src/runcon.c
--- coreutils-7.1-orig/src/runcon.c 2008-09-18 09:06:57.000000000 +0200
+++ coreutils-7.1/src/runcon.c 2009-02-24 13:47:15.000000000 +0100
@@ -86,7 +86,7 @@ Usage: %s CONTEXT COMMAND [args]\n\
or: %s [ -c ] [-u USER] [-r ROLE] [-t TYPE] [-l RANGE] COMMAND [args]\n\
"), program_name, program_name);
fputs (_("\
-Run a program in a different security context.\n\
+Run a program in a different SELinux security context.\n\
With neither CONTEXT nor COMMAND, print the current security context.\n\
\n\
CONTEXT Complete security context\n\
diff -urNp coreutils-7.1-orig/src/stat.c coreutils-7.1/src/stat.c
--- coreutils-7.1-orig/src/stat.c 2009-01-27 22:11:25.000000000 +0100
+++ coreutils-7.1/src/stat.c 2009-02-24 13:47:15.000000000 +0100
@@ -825,7 +825,7 @@ print_it (char const *format, char const
/* Stat the file system and print what we find. */
static bool
-do_statfs (char const *filename, bool terse, char const *format)
+do_statfs (char const *filename, bool terse, bool secure, char const *format)
{
STRUCT_STATVFS statfsbuf;
@@ -837,15 +837,31 @@ do_statfs (char const *filename, bool te
}
if (format == NULL)
+ {
+ if (terse)
{
- format = (terse
- ? "%n %i %l %t %s %S %b %f %a %c %d\n"
- : " File: \"%n\"\n"
- " ID: %-8i Namelen: %-7l Type: %T\n"
- "Block size: %-10s Fundamental block size: %S\n"
- "Blocks: Total: %-10b Free: %-10f Available: %a\n"
- "Inodes: Total: %-10c Free: %d\n");
+ if (secure)
+ format = "%n %i %l %t %s %S %b %f %a %c %d %C\n";
+ else
+ format = "%n %i %l %t %s %S %b %f %a %c %d\n";
}
+ else
+ {
+ if (secure)
+ format = " File: \"%n\"\n"
+ " ID: %-8i Namelen: %-7l Type: %T\n"
+ "Block size: %-10s Fundamental block size: %S\n"
+ "Blocks: Total: %-10b Free: %-10f Available: %a\n"
+ "Inodes: Total: %-10c Free: %d\n"
+ " S_Context: %C\n";
+ else
+ format = " File: \"%n\"\n"
+ " ID: %-8i Namelen: %-7l Type: %T\n"
+ "Block size: %-10s Fundamental block size: %S\n"
+ "Blocks: Total: %-10b Free: %-10f Available: %a\n"
+ "Inodes: Total: %-10c Free: %d\n";
+ }
+ }
print_it (format, filename, print_statfs, &statfsbuf);
return true;
@@ -853,7 +869,7 @@ do_statfs (char const *filename, bool te
/* stat the file and print what we find */
static bool
-do_stat (char const *filename, bool terse, char const *format)
+do_stat (char const *filename, bool terse, bool secure, char const *format)
{
struct stat statbuf;
@@ -866,9 +882,12 @@ do_stat (char const *filename, bool ters
if (format == NULL)
{
if (terse)
- {
- format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o\n";
- }
+ {
+ if (secure)
+ format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o %C\n";
+ else
+ format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o\n";
+ }
else
{
/* Temporary hack to match original output until conditional
@@ -885,12 +904,22 @@ do_stat (char const *filename, bool ters
}
else
{
- format =
- " File: %N\n"
- " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
- "Device: %Dh/%dd\tInode: %-10i Links: %h\n"
- "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n"
- "Access: %x\n" "Modify: %y\n" "Change: %z\n";
+ if (secure)
+ format =
+ " File: %N\n"
+ " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
+ "Device: %Dh/%dd\tInode: %-10i Links: %-5h"
+ " Device type: %t,%T\n"
+ "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n"
+ " S_Context: %C\n"
+ "Access: %x\n" "Modify: %y\n" "Change: %z\n";
+ else
+ format =
+ " File: %N\n"
+ " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
+ "Device: %Dh/%dd\tInode: %-10i Links: %h\n"
+ "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n"
+ "Access: %x\n" "Modify: %y\n" "Change: %z\n";
}
}
}
@@ -911,6 +940,7 @@ usage (int status)
Display file or file system status.\n\
\n\
-L, --dereference follow links\n\
+ -Z, --context print the SELinux security context \n\
-f, --file-system display file system status instead of file status\n\
"), stdout);
fputs (_("\
@@ -995,6 +1025,7 @@ main (int argc, char *argv[])
int i;
bool fs = false;
bool terse = false;
+ bool secure = false;
char *format = NULL;
bool ok = true;
@@ -1034,13 +1065,13 @@ main (int argc, char *argv[])
terse = true;
break;
- case 'Z': /* FIXME: remove in 2010 */
- /* Ignore, for compatibility with distributions
- that implemented this before upstream.
- But warn of impending removal. */
- error (0, 0,
- _("the --context (-Z) option is obsolete and will be removed\n"
- "in a future release"));
+ case 'Z':
+ if((is_selinux_enabled()>0))
+ secure = 1;
+ else {
+ error (0, 0, _("Kernel is not SELinux enabled"));
+ usage (EXIT_FAILURE);
+ }
break;
case_GETOPT_HELP_CHAR;
@@ -1060,8 +1091,8 @@ main (int argc, char *argv[])
for (i = optind; i < argc; i++)
ok &= (fs
- ? do_statfs (argv[i], terse, format)
- : do_stat (argv[i], terse, format));
+ ? do_statfs (argv[i], terse, secure, format)
+ : do_stat (argv[i], terse, secure, format));
exit (ok ? EXIT_SUCCESS : EXIT_FAILURE);
}
diff -urNp coreutils-7.1-orig/tests/misc/selinux coreutils-7.1/tests/misc/selinux
--- coreutils-7.1-orig/tests/misc/selinux 2008-10-25 14:20:26.000000000 +0200
+++ coreutils-7.1/tests/misc/selinux 2009-02-24 13:47:15.000000000 +0100
@@ -30,7 +30,7 @@ chcon $ctx f d p ||
# inspect that context with both ls -Z and stat.
for i in d f p; do
- c=`ls -dogZ $i|cut -d' ' -f3`; test x$c = x$ctx || fail=1
+ c=`ls -dogZ $i|cut -d' ' -f5`; test x$c = x$ctx || fail=1
c=`stat --printf %C $i`; test x$c = x$ctx || fail=1
done