rpms/vim
5
0
Fork 0
Code Issues Pull Requests Releases Activity
1401a3eb97
vim/vim-selinux.patch
cvsdist 1401a3eb97 auto-import changelog data from vim-6.2.214-1.src.rpm 
Thu Jan 29 2004 Karsten Hopp <karsten@redhat.de> 6.2.214-1
- Patchlevel 214
6.2.195-5
- Fix call to is_selinux_enabled()
Sat Jan 24 2004 Karsten Hopp <karsten@redhat.de> 6.2.195-4
- fix perl requirement
6.2.195-3
- Only attempt to change context if it is different
Thu Jan 22 2004 Karsten Hopp <karsten@redhat.de> 6.2.195-1
- update to patchlevel 195
- enable ppc64 build
Mon Jan 12 2004 Karsten Hopp <karsten@redhat.de> 6.2.180-2
- vim-enhanced requires perl >= 5.8.2 (#111592)
Mon Jan 12 2004 Karsten Hopp <karsten@redhat.de> 6.2.180-1
- Patchlevel 180
- update spec.vim, use g:packager instead of {Packager} macro
6.2.154-7
- Enable selinux support for vim-minimal
6.2.154-6
- Enable selinux support
6.2.154-5
- rebuild with new perl
6.2.154-4
- fix sh.vim syntax file (#104312)
6.2.154-3
- perl interface was disabled when perl had thread support.
6.2.154-2
- fix date in specfile changelog entries
6.2.154-1
- Patchlevel 154
- vim-minimal doesn't really require vim-common to run, removed dependency
    (#109819)
6.2.149-1
- Patchlevel 149
- fix fstab syntax file (Robert G. (Doc) Savage)
- lots of updates for syntax files, macros, documentation
- disable vimnotvi patch so that vim's behaviour matches documentation
- clean up vimrc
6.2.145-1
- rebuild with new Python
- Patchlevel 145
2004-09-09 14:07:26 +00:00

143 lines
3.6 KiB
Diff
Raw Blame History

--- vim62/src/configure.in.selinux 2004-01-20 11:34:17.177103792 -0500
+++ vim62/src/configure.in 2004-01-20 11:34:18.507126105 -0500
@@ -195,6 +195,20 @@
fi
+dnl vim: set sw=2 tw=78 fo+=l:
+dnl Link with -lselinux for SELinux stuff; if not found
+AC_MSG_CHECKING(--disable-selinux argument)
+AC_ARG_ENABLE(selinux,
+ [ --disable-selinux Don't check for SELinux support.],
+ , [enable_selinux="yes"])
+if test "$enable_selinux" = "yes"; then
+ AC_MSG_RESULT(no)
+ AC_CHECK_LIB(selinux, is_selinux_enabled, [LIBS="$LIBS -lselinux"])
+ AC_DEFINE(HAVE_SELINUX)
+else
+ AC_MSG_RESULT(yes)
+fi
+
dnl Check user requested features.
AC_MSG_CHECKING(--with-features argument)
--- vim62/src/config.h.in.selinux 2003-05-25 12:07:42.000000000 -0400
+++ vim62/src/config.h.in 2004-01-20 11:34:18.507126105 -0500
@@ -155,6 +155,7 @@
#undef HAVE_READLINK
#undef HAVE_RENAME
#undef HAVE_SELECT
+#undef HAVE_SELINUX
#undef HAVE_SETENV
#undef HAVE_SETPGID
#undef HAVE_SETSID
--- vim62/src/fileio.c.selinux 2004-01-20 11:34:16.577093725 -0500
+++ vim62/src/fileio.c 2004-01-20 11:34:18.517126273 -0500
@@ -1,3 +1,4 @@
+
/* vi:set ts=8 sts=4 sw=4:
*
* VIM - Vi IMproved by Bram Moolenaar
@@ -3079,6 +3080,9 @@
)
mch_setperm(backup,
(perm & 0707) | ((perm & 07) << 3));
+#ifdef HAVE_SELINUX
+ mch_copy_sec(backup, fname);
+#endif
#endif
/*
@@ -3115,6 +3119,9 @@
#ifdef HAVE_ACL
mch_set_acl(backup, acl);
#endif
+#ifdef HAVE_SELINUX
+ mch_copy_sec(backup,fname);
+#endif
break;
}
}
@@ -3719,6 +3726,12 @@
mch_set_acl(wfname, acl);
#endif
+#ifdef HAVE_SELINUX
+ /* Probably need to set the security context */
+ if (!backup_copy)
+ mch_copy_sec(backup, wfname);
+#endif
+
#ifdef UNIX
/* When creating a new file, set its owner/group to that of the original
* file. Get the new device and inode number. */
--- vim62/src/os_unix.c.selinux 2004-01-20 11:34:15.897082317 -0500
+++ vim62/src/os_unix.c 2004-01-20 11:37:54.310746614 -0500
@@ -41,6 +41,10 @@
# include <X11/SM/SMlib.h>
#endif
+#ifdef HAVE_SELINUX
+#include <selinux/selinux.h>
+static int selinux_enabled=-1;
+#endif
/*
* Use this prototype for select, some include files have a wrong prototype
*/
@@ -2279,6 +2283,55 @@
} vim_acl_solaris_T;
# endif
+mch_copy_sec(from_file, to_file)
+ char_u *from_file;
+ char_u *to_file;
+{
+ if (from_file == NULL)
+ return;
+
+#ifdef HAVE_SELINUX
+ if (selinux_enabled == -1)
+ selinux_enabled = is_selinux_enabled ();
+
+ if (selinux_enabled>0)
+ {
+ security_context_t from_context=NULL;
+ security_context_t to_context=NULL;
+ if (getfilecon (from_file, &from_context) < 0)
+ {
+ /* If the filesystem doesn't support extended attributes,
+ the original had no special security context and the
+ target cannot have one either. */
+ if (errno == EOPNOTSUPP)
+ return ;
+
+ MSG_PUTS(_("\nCould not get security context for "));
+ msg_outtrans(from_file);
+ msg_putchar('\n');
+ return ;
+ }
+ if (getfilecon (to_file, &to_context) < 0)
+ {
+ MSG_PUTS(_("\nCould not get security context for "));
+ msg_outtrans(to_file);
+ msg_putchar('\n');
+ freecon (from_context);
+ return ;
+ }
+ if (strcmp(from_context,to_context) != 0 ) {
+ if (setfilecon (to_file, from_context) < 0)
+ {
+ MSG_PUTS(_("\nCould not set security context for "));
+ msg_outtrans(to_file);
+ msg_putchar('\n');
+ }
+ }
+ freecon (to_context);
+ freecon (from_context);
+ }
+#endif /* HAVE_SELINUX */
+}
/*
* Return a pointer to the ACL of file "fname" in allocated memory.
* Return NULL if the ACL is not available for whatever reason.
Reference in New Issue View Git Blame Copy Permalink