2013-04-12 11:10:41 +00:00
|
|
|
diff --git a/autoconf/configure.in b/autoconf/configure.in
|
2014-06-27 13:52:34 +00:00
|
|
|
index fc9f880..30383e4 100644
|
2013-04-12 11:10:41 +00:00
|
|
|
--- a/autoconf/configure.in
|
|
|
|
+++ b/autoconf/configure.in
|
2014-06-27 13:52:34 +00:00
|
|
|
@@ -906,6 +906,15 @@ LIBS="$LIBS $lib_cap"
|
|
|
|
AC_CHECK_FUNCS(cap_get_proc cap_set_proc cap_set_flag cap_clear_flag)
|
2009-01-27 19:51:20 +00:00
|
|
|
LIBS="$ac_save_LIBS"
|
|
|
|
|
|
|
|
+AC_CHECK_HEADERS(selinux/selinux.h)
|
|
|
|
+if test "$ac_cv_header_selinux_selinux_h" = yes; then
|
|
|
|
+ AC_CHECKING(for SELinux support)
|
|
|
|
+ AC_CHECK_LIB(selinux, is_selinux_enabled, lib_selinux="-lselinux -lattr")
|
|
|
|
+ ac_save_LIBS="$LIBS"
|
|
|
|
+ LIBS="$LIBS $lib_selinux"
|
|
|
|
+ AC_CHECK_FUNCS(is_selinux_enabled)
|
|
|
|
+fi
|
|
|
|
+
|
|
|
|
dnl Misc OS checks.
|
2013-04-12 11:10:41 +00:00
|
|
|
AC_CHECK_FILES(/dev/tty /dev/null /dev/zero)
|
|
|
|
AC_CHECK_FILES(/dev/stdin /dev/stdout /dev/stderr)
|
2014-06-27 13:52:34 +00:00
|
|
|
@@ -992,6 +1001,7 @@ AC_SUBST(lib_secdb)
|
2009-01-27 19:51:20 +00:00
|
|
|
AC_SUBST(lib_gen)
|
|
|
|
AC_SUBST(lib_pthread)
|
|
|
|
AC_SUBST(lib_rt)
|
|
|
|
+AC_SUBST(lib_selinux)
|
2010-01-13 12:11:06 +00:00
|
|
|
AC_SUBST(lib_dl)
|
|
|
|
AC_SUBST(lib_dir)
|
2014-06-27 13:52:34 +00:00
|
|
|
AC_SUBST(lib_cap)
|
2013-04-12 11:10:41 +00:00
|
|
|
diff --git a/autoconf/rules.cnf.in b/autoconf/rules.cnf.in
|
2014-06-27 13:52:34 +00:00
|
|
|
index affcb5c..2b7bff2 100644
|
2013-04-12 11:10:41 +00:00
|
|
|
--- a/autoconf/rules.cnf.in
|
|
|
|
+++ b/autoconf/rules.cnf.in
|
2014-06-27 13:52:34 +00:00
|
|
|
@@ -34,6 +34,7 @@ LIB_SECDB = @lib_secdb@
|
2009-01-27 19:51:20 +00:00
|
|
|
LIB_GEN = @lib_gen@
|
|
|
|
LIB_PTHREAD = @lib_pthread@
|
|
|
|
LIB_RT = @lib_rt@
|
|
|
|
+LIB_SELINUX = @lib_selinux@
|
2010-01-13 12:11:06 +00:00
|
|
|
LIB_DL= @lib_dl@
|
|
|
|
LIB_DIR= @lib_dir@
|
2014-06-27 13:52:34 +00:00
|
|
|
LIB_CAP= @lib_cap@
|
2013-04-12 11:10:41 +00:00
|
|
|
diff --git a/star/cpio.mk b/star/cpio.mk
|
2014-06-27 13:52:34 +00:00
|
|
|
index 37a6dd2..8bfc3bd 100644
|
2013-04-12 11:10:41 +00:00
|
|
|
--- a/star/cpio.mk
|
|
|
|
+++ b/star/cpio.mk
|
2009-01-27 19:51:20 +00:00
|
|
|
@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND
|
2004-11-22 14:57:57 +00:00
|
|
|
CPPOPTS += -DUSE_ACL
|
|
|
|
CPPOPTS += -DUSE_XATTR
|
|
|
|
CPPOPTS += -DUSE_FFLAGS
|
2009-01-27 19:51:20 +00:00
|
|
|
+CPPOPTS += -DWITH_SELINUX
|
2007-08-24 10:06:57 +00:00
|
|
|
CPPOPTS += -DSCHILY_PRINT
|
2009-01-27 19:51:20 +00:00
|
|
|
CFILES= cpio.c header.c cpiohdr.c xheader.c xattr.c \
|
2007-08-24 10:06:57 +00:00
|
|
|
list.c extract.c create.c append.c diff.c restore.c \
|
2013-04-12 11:10:41 +00:00
|
|
|
@@ -34,7 +35,7 @@ CFILES= cpio.c header.c cpiohdr.c xheader.c xattr.c \
|
2009-01-27 19:51:20 +00:00
|
|
|
HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \
|
|
|
|
movearch.h table.h props.h fifo.h diff.h \
|
2014-06-27 13:52:34 +00:00
|
|
|
checkerr.h dumpdate.h bitstring.h pathname.h
|
|
|
|
-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP)
|
|
|
|
+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP) $(LIB_SELINUX)
|
2009-01-27 19:51:20 +00:00
|
|
|
XMK_FILE= scpioman.mk
|
2005-08-26 14:58:14 +00:00
|
|
|
|
2005-11-08 15:59:33 +00:00
|
|
|
###########################################################################
|
2013-04-12 11:10:41 +00:00
|
|
|
diff --git a/star/extract.c b/star/extract.c
|
2014-06-27 13:52:34 +00:00
|
|
|
index cf60154..98842e1 100644
|
2013-04-12 11:10:41 +00:00
|
|
|
--- a/star/extract.c
|
|
|
|
+++ b/star/extract.c
|
2014-06-27 13:52:34 +00:00
|
|
|
@@ -256,6 +256,17 @@ extern struct WALK walkstate;
|
2007-08-24 10:06:57 +00:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
+
|
|
|
|
+#ifdef WITH_SELINUX
|
|
|
|
+ if (!to_stdout && selinux_enabled) {
|
|
|
|
+ if (setselinux(&finfo) == FALSE) {
|
|
|
|
+ errmsgno(EX_BAD,
|
|
|
|
+ "Can not setup security context for '%s'. Not created.\n",
|
|
|
|
+ finfo.f_name);
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+#endif
|
|
|
|
+
|
|
|
|
if (finfo.f_flags & F_BAD_META) {
|
|
|
|
if (!void_bad(&finfo))
|
|
|
|
break;
|
2013-04-12 11:10:41 +00:00
|
|
|
diff --git a/star/gnutar.mk b/star/gnutar.mk
|
2014-06-27 13:52:34 +00:00
|
|
|
index 1a296e1..6595aa2 100644
|
2013-04-12 11:10:41 +00:00
|
|
|
--- a/star/gnutar.mk
|
|
|
|
+++ b/star/gnutar.mk
|
2009-01-27 19:51:20 +00:00
|
|
|
@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND
|
2007-08-24 10:06:57 +00:00
|
|
|
CPPOPTS += -DUSE_ACL
|
2005-08-26 14:58:14 +00:00
|
|
|
CPPOPTS += -DUSE_XATTR
|
|
|
|
CPPOPTS += -DUSE_FFLAGS
|
|
|
|
+CPPOPTS += -DWITH_SELINUX
|
2007-08-24 10:06:57 +00:00
|
|
|
CPPOPTS += -DSCHILY_PRINT
|
2009-01-27 19:51:20 +00:00
|
|
|
CFILES= gnutar.c header.c cpiohdr.c xheader.c xattr.c \
|
2005-08-26 14:58:14 +00:00
|
|
|
list.c extract.c create.c append.c diff.c restore.c \
|
2013-04-12 11:10:41 +00:00
|
|
|
@@ -34,7 +35,7 @@ CFILES= gnutar.c header.c cpiohdr.c xheader.c xattr.c \
|
2009-01-27 19:51:20 +00:00
|
|
|
HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \
|
|
|
|
movearch.h table.h props.h fifo.h diff.h \
|
2014-06-27 13:52:34 +00:00
|
|
|
checkerr.h dumpdate.h bitstring.h pathname.h
|
|
|
|
-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP)
|
|
|
|
+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP) $(LIB_SELINUX)
|
2009-01-27 19:51:20 +00:00
|
|
|
XMK_FILE= gnutarman.mk
|
2005-08-26 14:58:14 +00:00
|
|
|
|
|
|
|
###########################################################################
|
2013-04-12 11:10:41 +00:00
|
|
|
diff --git a/star/pax.mk b/star/pax.mk
|
2014-06-27 13:52:34 +00:00
|
|
|
index 73c6bc1..d2a52a9 100644
|
2013-04-12 11:10:41 +00:00
|
|
|
--- a/star/pax.mk
|
|
|
|
+++ b/star/pax.mk
|
2009-01-27 19:51:20 +00:00
|
|
|
@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND
|
2007-08-24 10:06:57 +00:00
|
|
|
CPPOPTS += -DUSE_ACL
|
|
|
|
CPPOPTS += -DUSE_XATTR
|
|
|
|
CPPOPTS += -DUSE_FFLAGS
|
2009-01-27 19:51:20 +00:00
|
|
|
+CPPOPTS += -DWITH_SELINUX
|
2007-08-24 10:06:57 +00:00
|
|
|
CPPOPTS += -DPAX
|
2007-01-19 13:07:31 +00:00
|
|
|
CPPOPTS += -DSCHILY_PRINT
|
2007-08-24 10:06:57 +00:00
|
|
|
CFILES= pax.c header.c cpiohdr.c xheader.c xattr.c \
|
2013-04-12 11:10:41 +00:00
|
|
|
@@ -35,7 +36,7 @@ CFILES= pax.c header.c cpiohdr.c xheader.c xattr.c \
|
2009-01-27 19:51:20 +00:00
|
|
|
HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \
|
|
|
|
movearch.h table.h props.h fifo.h diff.h \
|
2014-06-27 13:52:34 +00:00
|
|
|
checkerr.h dumpdate.h bitstring.h pathname.h
|
|
|
|
-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP)
|
|
|
|
+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP) $(LIB_SELINUX)
|
2007-08-24 10:06:57 +00:00
|
|
|
XMK_FILE= spaxman.mk
|
2004-11-22 14:57:57 +00:00
|
|
|
|
2007-08-24 10:06:57 +00:00
|
|
|
###########################################################################
|
2013-04-12 11:10:41 +00:00
|
|
|
diff --git a/star/star.c b/star/star.c
|
2014-06-27 13:52:34 +00:00
|
|
|
index 9dfcef7..464c751 100644
|
2013-04-12 11:10:41 +00:00
|
|
|
--- a/star/star.c
|
|
|
|
+++ b/star/star.c
|
2014-06-27 13:52:34 +00:00
|
|
|
@@ -48,6 +48,10 @@ static UConst char sccsid[] =
|
2005-11-08 15:59:33 +00:00
|
|
|
#include "starsubs.h"
|
|
|
|
#include "checkerr.h"
|
2004-11-22 14:57:57 +00:00
|
|
|
|
|
|
|
+#ifdef WITH_SELINUX
|
|
|
|
+int selinux_enabled=0;
|
|
|
|
+#endif
|
|
|
|
+
|
|
|
|
EXPORT int main __PR((int ac, char **av));
|
|
|
|
LOCAL void star_create __PR((int ac, char *const *av));
|
|
|
|
LOCAL void checkdumptype __PR((GINFO *gp));
|
2014-06-27 13:52:34 +00:00
|
|
|
@@ -402,6 +406,10 @@ main(ac, av)
|
2004-11-22 14:57:57 +00:00
|
|
|
comerr("Panic cannot set back effective uid.\n");
|
|
|
|
}
|
2005-08-15 12:21:48 +00:00
|
|
|
my_uid = geteuid();
|
|
|
|
+
|
2004-11-22 14:57:57 +00:00
|
|
|
+#ifdef WITH_SELINUX
|
2009-01-27 19:51:20 +00:00
|
|
|
+ selinux_enabled=is_selinux_enabled()>0;
|
2004-11-22 14:57:57 +00:00
|
|
|
+#endif
|
|
|
|
/*
|
|
|
|
* WARNING: We now are no more able to open a new remote connection
|
|
|
|
* unless we have been called by root.
|
2013-04-12 11:10:41 +00:00
|
|
|
diff --git a/star/star.mk b/star/star.mk
|
2018-11-28 15:19:04 +00:00
|
|
|
index fdaff9c..7b89f8c 100644
|
2013-04-12 11:10:41 +00:00
|
|
|
--- a/star/star.mk
|
|
|
|
+++ b/star/star.mk
|
2009-01-27 19:51:20 +00:00
|
|
|
@@ -21,6 +21,7 @@ CPPOPTS += -DUSE_XATTR
|
2005-08-26 14:58:14 +00:00
|
|
|
CPPOPTS += -DUSE_FFLAGS
|
2007-08-24 10:06:57 +00:00
|
|
|
CPPOPTS += -DCOPY_LINKS_DELAYED
|
|
|
|
CPPOPTS += -DSCHILY_PRINT
|
2009-01-27 19:51:20 +00:00
|
|
|
+CPPOPTS += -DWITH_SELINUX
|
2007-08-24 10:06:57 +00:00
|
|
|
CFILES= star.c header.c cpiohdr.c xheader.c xattr.c \
|
2005-08-26 14:58:14 +00:00
|
|
|
list.c extract.c create.c append.c diff.c restore.c \
|
2009-01-27 19:51:20 +00:00
|
|
|
remove.c star_unix.c acl_unix.c acltext.c fflags.c \
|
2018-11-28 15:19:04 +00:00
|
|
|
@@ -36,6 +37,7 @@ HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \
|
2009-01-27 19:51:20 +00:00
|
|
|
movearch.h table.h props.h fifo.h diff.h restore.h \
|
2018-11-28 15:19:04 +00:00
|
|
|
checkerr.h dumpdate.h bitstring.h pathname.h
|
|
|
|
LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP)
|
|
|
|
+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP) $(LIB_SELINUX)
|
2007-08-24 10:06:57 +00:00
|
|
|
XMK_FILE= Makefile.man starformatman.mk
|
2005-08-26 14:58:14 +00:00
|
|
|
|
|
|
|
###########################################################################
|
2013-04-12 11:10:41 +00:00
|
|
|
diff --git a/star/star_fat.mk b/star/star_fat.mk
|
|
|
|
index 1975c94..507fbee 100644
|
|
|
|
--- a/star/star_fat.mk
|
|
|
|
+++ b/star/star_fat.mk
|
|
|
|
@@ -29,6 +29,7 @@ CPPOPTS += -DUSE_FFLAGS
|
|
|
|
CPPOPTS += -DCOPY_LINKS_DELAYED
|
|
|
|
CPPOPTS += -DSTAR_FAT
|
|
|
|
CPPOPTS += -DSCHILY_PRINT
|
|
|
|
+CPPOPTS += -DWITH_SELINUX
|
|
|
|
CFILES= star_fat.c header.c cpiohdr.c xheader.c xattr.c \
|
|
|
|
list.c extract.c create.c append.c diff.c restore.c \
|
|
|
|
remove.c star_unix.c acl_unix.c acltext.c fflags.c \
|
|
|
|
@@ -48,7 +49,7 @@ HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \
|
|
|
|
|
|
|
|
#LIBS= -lunos
|
|
|
|
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
|
|
|
|
-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL)
|
|
|
|
+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_SELINUX)
|
|
|
|
#
|
|
|
|
# Wenn -lfind, dann auch $(LIB_INTL)
|
|
|
|
#
|
|
|
|
diff --git a/star/starsubs.h b/star/starsubs.h
|
|
|
|
index a914ade..1e2a233 100644
|
|
|
|
--- a/star/starsubs.h
|
|
|
|
+++ b/star/starsubs.h
|
|
|
|
@@ -317,6 +317,11 @@ extern void opt_xattr __PR((void));
|
2009-01-27 19:51:20 +00:00
|
|
|
extern BOOL get_xattr __PR((register FINFO *info));
|
|
|
|
extern BOOL set_xattr __PR((register FINFO *info));
|
|
|
|
extern void free_xattr __PR((star_xattr_t **xattr));
|
|
|
|
+# ifdef WITH_SELINUX
|
|
|
|
+#include <selinux/selinux.h>
|
|
|
|
+extern BOOL setselinux __PR((register FINFO *info));
|
|
|
|
+extern int selinux_enabled;
|
|
|
|
+# endif
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
2013-04-12 11:10:41 +00:00
|
|
|
diff --git a/star/suntar.mk b/star/suntar.mk
|
2014-06-27 13:52:34 +00:00
|
|
|
index 9b76a23..1842917 100644
|
2013-04-12 11:10:41 +00:00
|
|
|
--- a/star/suntar.mk
|
|
|
|
+++ b/star/suntar.mk
|
2009-01-27 19:51:20 +00:00
|
|
|
@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND
|
|
|
|
CPPOPTS += -DUSE_ACL
|
|
|
|
CPPOPTS += -DUSE_XATTR
|
|
|
|
CPPOPTS += -DUSE_FFLAGS
|
|
|
|
+CPPOPTS += -DWITH_SELINUX
|
|
|
|
CPPOPTS += -DSCHILY_PRINT
|
|
|
|
CFILES= suntar.c header.c cpiohdr.c xheader.c xattr.c \
|
|
|
|
list.c extract.c create.c append.c diff.c restore.c \
|
2013-04-12 11:10:41 +00:00
|
|
|
@@ -34,7 +35,7 @@ CFILES= suntar.c header.c cpiohdr.c xheader.c xattr.c \
|
2009-01-27 19:51:20 +00:00
|
|
|
HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \
|
|
|
|
movearch.h table.h props.h fifo.h diff.h \
|
2014-06-27 13:52:34 +00:00
|
|
|
checkerr.h dumpdate.h bitstring.h pathname.h
|
|
|
|
-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP)
|
|
|
|
+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP) $(LIB_SELINUX)
|
2009-01-27 19:51:20 +00:00
|
|
|
XMK_FILE= suntarman.mk
|
|
|
|
|
|
|
|
###########################################################################
|
2013-04-12 11:10:41 +00:00
|
|
|
diff --git a/star/xattr.c b/star/xattr.c
|
2014-06-27 13:52:34 +00:00
|
|
|
index 2e262ef..08fc42e 100644
|
2013-04-12 11:10:41 +00:00
|
|
|
--- a/star/xattr.c
|
|
|
|
+++ b/star/xattr.c
|
2014-06-27 13:52:34 +00:00
|
|
|
@@ -198,6 +198,27 @@ fail:
|
2004-11-22 14:57:57 +00:00
|
|
|
#endif /* USE_XATTR */
|
|
|
|
}
|
|
|
|
|
|
|
|
+#ifdef WITH_SELINUX
|
|
|
|
+EXPORT BOOL
|
|
|
|
+setselinux(info)
|
|
|
|
+ register FINFO *info;
|
|
|
|
+{
|
|
|
|
+#if defined(USE_XATTR) && defined(HAVE_SETXATTR) && defined(WITH_SELINUX)
|
|
|
|
+ if (info->f_xattr) {
|
|
|
|
+ star_xattr_t *xap;
|
|
|
|
+ for (xap = info->f_xattr; xap->name != NULL; xap++) {
|
|
|
|
+ if (strcmp(xap->name, "security.selinux") == 0) {
|
|
|
|
+ if (setfscreatecon(xap->value)) {
|
|
|
|
+ return FALSE;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+#endif /* USE_XATTR && WITH_SELINUX */
|
|
|
|
+ return TRUE;
|
|
|
|
+}
|
|
|
|
+#endif
|
|
|
|
+
|
|
|
|
/* ARGSUSED */
|
|
|
|
EXPORT BOOL
|
|
|
|
set_xattr(info)
|
2014-06-27 13:52:34 +00:00
|
|
|
@@ -211,6 +232,10 @@ set_xattr(info)
|
2004-11-22 14:57:57 +00:00
|
|
|
return (TRUE);
|
|
|
|
|
|
|
|
for (xap = info->f_xattr; xap->name != NULL; xap++) {
|
|
|
|
+#ifdef WITH_SELINUX
|
2009-01-27 19:51:20 +00:00
|
|
|
+ if (selinux_enabled && (strcmp(xap->name, "security.selinux") == 0))
|
|
|
|
+ continue;
|
2004-11-22 14:57:57 +00:00
|
|
|
+#endif
|
2006-02-22 10:14:45 +00:00
|
|
|
if (lsetxattr(info->f_name, xap->name, xap->value,
|
2004-11-22 14:57:57 +00:00
|
|
|
xap->value_len, 0) != 0) {
|
|
|
|
if (!errhidden(E_SETXATTR, info->f_name)) {
|