star/star-1.5-selinux.patch

269 lines
9.2 KiB
Diff
Raw Normal View History

2006-02-22 10:14:45 +00:00
--- star-1.5/conf/configure.in.selinux 2006-02-07 11:23:13.000000000 -0500
+++ star-1.5/conf/configure.in 2006-02-22 10:11:28.000000000 -0500
@@ -357,6 +357,15 @@
echo no
2005-08-26 14:58:14 +00:00
fi
+AC_CHECK_HEADERS(selinux/selinux.h)
+if test "$ac_cv_header_selinux_selinux_h" = yes; then
+ AC_CHECKING(for SELinux support)
+ AC_CHECK_LIB(selinux, is_selinux_enabled, lib_selinux="-lselinux -lattr")
+ ac_save_LIBS="$LIBS"
+ LIBS="$LIBS $lib_selinux"
+ AC_CHECK_FUNCS(is_selinux_enabled)
+fi
+
dnl Checks for OS madness.
AC_BROKEN_LINUX_EXT2_FS_H
AC_BROKEN_SRC_LINUX_EXT2_FS_H
2006-02-22 10:14:45 +00:00
@@ -373,5 +382,6 @@
2005-08-26 14:58:14 +00:00
AC_SUBST(lib_acl_test)
AC_SUBST(lib_attr)
2006-02-22 10:14:45 +00:00
AC_SUBST(lib_secdb)
2005-08-26 14:58:14 +00:00
+AC_SUBST(lib_selinux)
AC_OUTPUT(rules.cnf)
2006-02-22 10:14:45 +00:00
--- star-1.5/conf/rules.cnf.in.selinux 2005-12-20 06:41:02.000000000 -0500
+++ star-1.5/conf/rules.cnf.in 2006-02-22 10:12:56.000000000 -0500
@@ -10,3 +10,5 @@
2005-08-26 14:58:14 +00:00
LIB_ACL_TEST= @lib_acl_test@
LIB_ATTR = @lib_attr@
2006-02-22 10:14:45 +00:00
LIB_SECDB = @lib_secdb@
2005-08-26 14:58:14 +00:00
+LIB_SELINUX = @lib_selinux@
+
2006-02-22 10:14:45 +00:00
--- star-1.5/star/pax.mk.selinux 2006-02-02 10:00:31.000000000 -0500
+++ star-1.5/star/pax.mk 2006-02-22 10:10:09.000000000 -0500
2005-11-08 15:59:33 +00:00
@@ -17,6 +17,7 @@
2004-11-22 14:57:57 +00:00
CPPOPTS += -DUSE_LARGEFILES
CPPOPTS += -DUSE_ACL
CPPOPTS += -DUSE_XATTR
+CPPOPTS += -DWITH_SELINUX
CPPOPTS += -DUSE_FFLAGS
2005-11-08 15:59:33 +00:00
CPPOPTS += -DPAX
CFILES= pax.c header.c cpiohdr.c xheader.c xattr.c \
@@ -35,7 +36,7 @@
2004-11-22 14:57:57 +00:00
checkerr.h dumpdate.h bitstring.h
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
2005-08-15 12:21:48 +00:00
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
2005-11-08 15:59:33 +00:00
XMK_FILE= spaxman.mk
2005-08-26 14:58:14 +00:00
2005-11-08 15:59:33 +00:00
###########################################################################
--- star-1.5/star/star.mk.selinux 2005-08-28 07:22:30.000000000 -0400
2006-02-22 10:14:45 +00:00
+++ star-1.5/star/star.mk 2006-02-22 10:10:09.000000000 -0500
2005-11-08 15:59:33 +00:00
@@ -19,6 +19,7 @@
2005-08-26 14:58:14 +00:00
CPPOPTS += -DUSE_XATTR
CPPOPTS += -DUSE_FFLAGS
2005-11-08 15:59:33 +00:00
CPPOPTS += -DCOPY_LINKS_DELAYED
2005-08-26 14:58:14 +00:00
+CPPOPTS += -DWITH_SELINUX
2005-11-08 15:59:33 +00:00
CFILES= star.c header.c cpiohdr.c xheader.c xattr.c \
2005-08-26 14:58:14 +00:00
list.c extract.c create.c append.c diff.c restore.c \
remove.c star_unix.c acl_unix.c acltext.c fflags.c \
2005-11-08 15:59:33 +00:00
@@ -35,7 +36,7 @@
2005-08-26 14:58:14 +00:00
checkerr.h dumpdate.h bitstring.h
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
2005-11-08 15:59:33 +00:00
XMK_FILE= Makefile.man starformatman.mk
2005-08-26 14:58:14 +00:00
###########################################################################
2005-11-08 15:59:33 +00:00
--- star-1.5/star/star_fat.mk.selinux 2005-11-01 15:53:51.000000000 -0500
2006-02-22 10:14:45 +00:00
+++ star-1.5/star/star_fat.mk 2006-02-22 10:10:09.000000000 -0500
2005-11-08 15:59:33 +00:00
@@ -28,6 +28,7 @@
2005-08-26 14:58:14 +00:00
CPPOPTS += -DUSE_FFLAGS
2005-11-08 15:59:33 +00:00
CPPOPTS += -DCOPY_LINKS_DELAYED
CPPOPTS += -DSTAR_FAT
2005-08-26 14:58:14 +00:00
+CPPOPTS += -DWITH_SELINUX
2005-11-08 15:59:33 +00:00
CFILES= star_fat.c header.c cpiohdr.c xheader.c xattr.c \
2005-08-26 14:58:14 +00:00
list.c extract.c create.c append.c diff.c restore.c \
remove.c star_unix.c acl_unix.c acltext.c fflags.c \
2005-11-08 15:59:33 +00:00
@@ -48,7 +49,7 @@
find.h gettnum.h fetchdir.h walk.h find_list.h mem.h find_misc.h
2005-08-26 14:58:14 +00:00
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
2005-11-08 15:59:33 +00:00
XMK_FILE= Makefile.man starformatman.mk scpioman.mk gnutarman.mk \
spaxman.mk suntarman.mk Makefile.dfl
2004-11-22 14:57:57 +00:00
2005-11-08 15:59:33 +00:00
--- star-1.5/star/Makefile.selinux 2005-11-01 15:53:51.000000000 -0500
2006-02-22 10:14:45 +00:00
+++ star-1.5/star/Makefile 2006-02-22 10:10:09.000000000 -0500
2005-11-08 15:59:33 +00:00
@@ -25,6 +25,7 @@
CPPOPTS += -DUSE_FIND
2004-11-22 14:57:57 +00:00
CPPOPTS += -DUSE_ACL
CPPOPTS += -DUSE_XATTR
+CPPOPTS += -DWITH_SELINUX
CPPOPTS += -DUSE_FFLAGS
2005-11-08 15:59:33 +00:00
CPPOPTS += -DCOPY_LINKS_DELAYED
CPPOPTS += -DSTAR_FAT
@@ -48,7 +49,7 @@
find.h gettnum.h fetchdir.h walk.h find_list.h mem.h find_misc.h
2004-11-22 14:57:57 +00:00
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
2005-08-15 12:21:48 +00:00
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
2005-11-08 15:59:33 +00:00
XMK_FILE= Makefile.man starformatman.mk scpioman.mk gnutarman.mk \
spaxman.mk suntarman.mk Makefile.dfl
2004-11-22 14:57:57 +00:00
2006-02-22 10:14:45 +00:00
--- star-1.5/star/star.c.selinux 2006-02-18 14:09:39.000000000 -0500
+++ star-1.5/star/star.c 2006-02-22 10:10:09.000000000 -0500
@@ -42,6 +42,10 @@
2005-11-08 15:59:33 +00:00
#include "starsubs.h"
#include "checkerr.h"
2004-11-22 14:57:57 +00:00
+#ifdef WITH_SELINUX
+int selinux_enabled=0;
+#endif
+
EXPORT int main __PR((int ac, char **av));
LOCAL void star_create __PR((int ac, char *const *av));
LOCAL void checkdumptype __PR((GINFO *gp));
2006-02-22 10:14:45 +00:00
@@ -375,6 +379,11 @@
2004-11-22 14:57:57 +00:00
comerr("Panic cannot set back effective uid.\n");
}
2005-08-15 12:21:48 +00:00
my_uid = geteuid();
+
2004-11-22 14:57:57 +00:00
+#ifdef WITH_SELINUX
+ selinux_enabled=is_selinux_enabled()>0;
+#endif
+
/*
* WARNING: We now are no more able to open a new remote connection
* unless we have been called by root.
2006-02-22 10:14:45 +00:00
--- star-1.5/star/extract.c.selinux 2005-11-13 08:57:21.000000000 -0500
+++ star-1.5/star/extract.c 2006-02-22 10:14:45.000000000 -0500
@@ -224,6 +224,17 @@
continue;
}
#endif
+
2005-11-08 15:59:33 +00:00
+#ifdef WITH_SELINUX
+ if (!to_stdout && selinux_enabled) {
+ if (setselinux(&finfo) == FALSE) {
+ errmsgno(EX_BAD,
+ "Can not setup security context for '%s'. Not created.\n",
+ finfo.f_name);
+ }
+ }
+#endif
+
if (finfo.f_flags & F_BAD_META) {
if (!void_bad(&finfo))
break;
2006-02-22 10:14:45 +00:00
--- star-1.5/star/cpio.mk.selinux 2006-02-02 10:01:18.000000000 -0500
+++ star-1.5/star/cpio.mk 2006-02-22 10:10:09.000000000 -0500
2005-11-08 15:59:33 +00:00
@@ -18,6 +18,7 @@
CPPOPTS += -DUSE_ACL
2005-08-26 14:58:14 +00:00
CPPOPTS += -DUSE_XATTR
CPPOPTS += -DUSE_FFLAGS
+CPPOPTS += -DWITH_SELINUX
2005-11-08 15:59:33 +00:00
CFILES= cpio.c header.c cpiohdr.c xheader.c xattr.c \
2005-08-26 14:58:14 +00:00
list.c extract.c create.c append.c diff.c restore.c \
remove.c star_unix.c acl_unix.c acltext.c fflags.c \
2005-11-08 15:59:33 +00:00
@@ -34,7 +35,7 @@
2005-08-26 14:58:14 +00:00
checkerr.h dumpdate.h bitstring.h
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
2005-11-08 15:59:33 +00:00
XMK_FILE= scpioman.mk
2004-11-22 14:57:57 +00:00
2005-08-26 14:58:14 +00:00
###########################################################################
2006-02-22 10:14:45 +00:00
--- star-1.5/star/gnutar.mk.selinux 2006-02-02 10:00:31.000000000 -0500
+++ star-1.5/star/gnutar.mk 2006-02-22 10:10:09.000000000 -0500
2005-11-08 15:59:33 +00:00
@@ -18,6 +18,7 @@
CPPOPTS += -DUSE_ACL
CPPOPTS += -DUSE_XATTR
2005-08-26 14:58:14 +00:00
CPPOPTS += -DUSE_FFLAGS
+CPPOPTS += -DWITH_SELINUX
2005-11-08 15:59:33 +00:00
CFILES= gnutar.c header.c cpiohdr.c xheader.c xattr.c \
2005-08-26 14:58:14 +00:00
list.c extract.c create.c append.c diff.c restore.c \
remove.c star_unix.c acl_unix.c acltext.c fflags.c \
2005-11-08 15:59:33 +00:00
@@ -34,7 +35,7 @@
2005-08-26 14:58:14 +00:00
checkerr.h dumpdate.h bitstring.h
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
2005-11-08 15:59:33 +00:00
XMK_FILE= gnutarman.mk
2004-11-22 14:57:57 +00:00
2005-11-08 15:59:33 +00:00
###########################################################################
2006-02-22 10:14:45 +00:00
--- star-1.5/star/suntar.mk.selinux 2006-02-02 10:00:31.000000000 -0500
+++ star-1.5/star/suntar.mk 2006-02-22 10:10:09.000000000 -0500
2005-11-08 15:59:33 +00:00
@@ -18,6 +18,7 @@
2005-08-26 14:58:14 +00:00
CPPOPTS += -DUSE_ACL
CPPOPTS += -DUSE_XATTR
CPPOPTS += -DUSE_FFLAGS
+CPPOPTS += -DWITH_SELINUX
CFILES= suntar.c header.c cpiohdr.c xheader.c xattr.c \
list.c extract.c create.c append.c diff.c restore.c \
remove.c star_unix.c acl_unix.c acltext.c fflags.c \
2005-11-08 15:59:33 +00:00
@@ -34,7 +35,7 @@
2005-08-26 14:58:14 +00:00
checkerr.h dumpdate.h bitstring.h
#LIBS= -lunos
#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib
-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET)
+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX)
XMK_FILE= suntarman.mk
###########################################################################
2005-11-08 15:59:33 +00:00
--- star-1.5/star/starsubs.h.selinux 2005-11-01 16:32:18.000000000 -0500
2006-02-22 10:14:45 +00:00
+++ star-1.5/star/starsubs.h 2006-02-22 10:10:09.000000000 -0500
2005-11-08 15:59:33 +00:00
@@ -301,6 +301,11 @@
extern BOOL get_xattr __PR((register FINFO *info));
extern BOOL set_xattr __PR((register FINFO *info));
extern void free_xattr __PR((star_xattr_t **xattr));
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+extern BOOL setselinux __PR((register FINFO *info));
+extern int selinux_enabled;
+#endif
#endif
/*
2006-02-22 10:14:45 +00:00
--- star-1.5/star/xattr.c.selinux 2006-02-13 20:00:40.000000000 -0500
+++ star-1.5/star/xattr.c 2006-02-22 10:16:44.000000000 -0500
@@ -181,6 +181,29 @@
2004-11-22 14:57:57 +00:00
#endif /* USE_XATTR */
}
2005-08-15 12:21:48 +00:00
+
2004-11-22 14:57:57 +00:00
+#ifdef WITH_SELINUX
+EXPORT BOOL
+setselinux(info)
+ register FINFO *info;
+{
+#if defined(USE_XATTR) && defined(HAVE_SETXATTR) && defined(WITH_SELINUX)
+ if (info->f_xattr) {
+ star_xattr_t *xap;
+ for (xap = info->f_xattr; xap->name != NULL; xap++) {
+ if (strcmp(xap->name, "security.selinux") == 0) {
+ if (setfscreatecon(xap->value)) {
+ return FALSE;
+ }
+ }
+ }
+ }
+#endif /* USE_XATTR && WITH_SELINUX */
+ return TRUE;
+}
+#endif
2005-08-15 12:21:48 +00:00
+
2004-11-22 14:57:57 +00:00
+
/* ARGSUSED */
EXPORT BOOL
set_xattr(info)
2006-02-22 10:14:45 +00:00
@@ -194,6 +217,10 @@
2004-11-22 14:57:57 +00:00
return (TRUE);
for (xap = info->f_xattr; xap->name != NULL; xap++) {
+#ifdef WITH_SELINUX
2006-02-22 10:14:45 +00:00
+ if (selinux_enabled && (strcmp(xap->name, "security.selinux") == 0))
+ continue;
2004-11-22 14:57:57 +00:00
+#endif
2006-02-22 10:14:45 +00:00
if (lsetxattr(info->f_name, xap->name, xap->value,
2004-11-22 14:57:57 +00:00
xap->value_len, 0) != 0) {
if (!errhidden(E_SETXATTR, info->f_name)) {