mkfifo, mknod: Accept new "-Z, --context=C" option.

* src/mkfifo.c, src/mknod.c: Include <selinux/selinux.h>.
(main): Honor it.
* src/Makefile.am (mkfifo_LDADD, mknod_LDADD): Use $(LIB_SELINUX).

diff --git a/ChangeLog-selinux b/ChangeLog-selinux
index 7860f9b..7a27296 100644 (file)
--- a/ChangeLog-selinux
+++ b/ChangeLog-selinux
@@ -1,5 +1,10 @@
 2007-01-31  Jim Meyering  <jim@meyering.net>
 
+       mkfifo, mknod: Accept new "-Z, --context=C" option.
+       * src/mkfifo.c, src/mknod.c: Include <selinux/selinux.h>.
+       (main): Honor it.
+       * src/Makefile.am (mkfifo_LDADD, mknod_LDADD): Use $(LIB_SELINUX).
+
        mkdir: Accept new "-Z, --context=C" option.
        * src/mkdir.c: Include <selinux/selinux.h>.
        (main): Honor it.

diff --git a/src/Makefile.am b/src/Makefile.am
index 473b7f7..8537730 100644 (file)
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -64,6 +64,8 @@ chcon_LDADD = $(LDADD) $(LIB_SELINUX)
 cp_LDADD = $(LDADD) $(LIB_EACCESS) $(LIB_SELINUX)
 ginstall_LDADD = $(LDADD) $(LIB_EACCESS) $(LIB_SELINUX)
 mkdir_LDADD = $(LDADD) $(LIB_SELINUX)
+mkfifo_LDADD = $(LDADD) $(LIB_SELINUX)
+mknod_LDADD = $(LDADD) $(LIB_SELINUX)
 mv_LDADD = $(LDADD) $(LIB_EACCESS) $(LIB_SELINUX)
 pathchk_LDADD = $(LDADD) $(LIB_EACCESS)
 rm_LDADD = $(LDADD) $(LIB_EACCESS)

diff --git a/src/mkfifo.c b/src/mkfifo.c
index bd006c4..8651ba3 100644 (file)
--- a/src/mkfifo.c
+++ b/src/mkfifo.c
@@ -1,5 +1,5 @@
 /* mkfifo -- make fifo's (named pipes)
-   Copyright (C) 90, 91, 1995-2006 Free Software Foundation, Inc.
+   Copyright (C) 90, 91, 1995-2007 Free Software Foundation, Inc.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -21,6 +21,7 @@
 #include <stdio.h>
 #include <getopt.h>
 #include <sys/types.h>
+#include <selinux/selinux.h>
 
 #include "system.h"
 #include "error.h"
@@ -37,6 +38,7 @@ char *program_name;
 
 static struct option const longopts[] =
 {
+  {GETOPT_SELINUX_CONTEXT_OPTION_DECL},
   {"mode", required_argument, NULL, 'm'},
   {GETOPT_HELP_OPTION_DECL},
   {GETOPT_VERSION_OPTION_DECL},
@@ -57,6 +59,9 @@ Create named pipes (FIFOs) with the given NAMEs.\n\
 \n\
 "), stdout);
       fputs (_("\
+  -Z, --context=CTX  set the SELinux security context of each NAME to CTX\n\
+"), stdout);
+      fputs (_("\
 Mandatory arguments to long options are mandatory for short options too.\n\
 "), stdout);
       fputs (_("\
@@ -76,6 +81,7 @@ main (int argc, char **argv)
   char const *specified_mode = NULL;
   int exit_status = EXIT_SUCCESS;
   int optc;
+  security_context_t scontext = NULL;
 
   initialize_main (&argc, &argv);
   program_name = argv[0];
@@ -85,13 +91,16 @@ main (int argc, char **argv)
 
   atexit (close_stdout);
 
-  while ((optc = getopt_long (argc, argv, "m:", longopts, NULL)) != -1)
+  while ((optc = getopt_long (argc, argv, "m:Z:", longopts, NULL)) != -1)
     {
       switch (optc)
        {
        case 'm':
          specified_mode = optarg;
          break;
+       case 'Z':
+         scontext = optarg;
+         break;
        case_GETOPT_HELP_CHAR;
        case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
        default:
@@ -105,6 +114,11 @@ main (int argc, char **argv)
       usage (EXIT_FAILURE);
     }
 
+  if (scontext && setfscreatecon (scontext) < 0)
+    error (EXIT_FAILURE, errno,
+          _("failed to set default file creation context to %s"),
+          quote (optarg));
+
   newmode = (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
   if (specified_mode)
     {

diff --git a/src/mknod.c b/src/mknod.c
index 955f345..af1aaec 100644 (file)
--- a/src/mknod.c
+++ b/src/mknod.c
@@ -1,5 +1,5 @@
 /* mknod -- make special files
-   Copyright (C) 90, 91, 1995-2006 Free Software Foundation, Inc.
+   Copyright (C) 90, 91, 1995-2007 Free Software Foundation, Inc.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -21,6 +21,7 @@
 #include <stdio.h>
 #include <getopt.h>
 #include <sys/types.h>
+#include <selinux/selinux.h>
 
 #include "system.h"
 #include "error.h"
@@ -38,6 +39,7 @@ char *program_name;
 
 static struct option const longopts[] =
 {
+  {GETOPT_SELINUX_CONTEXT_OPTION_DECL},
   {"mode", required_argument, NULL, 'm'},
   {GETOPT_HELP_OPTION_DECL},
   {GETOPT_VERSION_OPTION_DECL},
@@ -58,6 +60,9 @@ usage (int status)
 Create the special file NAME of the given TYPE.\n\
 \n\
 "), stdout);
+      fputs(_("\
+  -Z, --context=CTX  set the SELinux security context of NAME to CTX\n\
+"), stdout);
       fputs (_("\
 Mandatory arguments to long options are mandatory for short options too.\n\
 "), stdout);
@@ -92,6 +97,7 @@ main (int argc, char **argv)
   int optc;
   int expected_operands;
   mode_t node_type;
+  security_context_t scontext = NULL;
 
   initialize_main (&argc, &argv);
   program_name = argv[0];
@@ -101,13 +107,16 @@ main (int argc, char **argv)
 
   atexit (close_stdout);
 
-  while ((optc = getopt_long (argc, argv, "m:", longopts, NULL)) != -1)
+  while ((optc = getopt_long (argc, argv, "m:Z:", longopts, NULL)) != -1)
     {
       switch (optc)
        {
        case 'm':
          specified_mode = optarg;
          break;
+       case 'Z':
+         scontext = optarg;
+         break;
        case_GETOPT_HELP_CHAR;
        case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
        default:
@@ -157,6 +166,11 @@ main (int argc, char **argv)
       usage (EXIT_FAILURE);
     }
 
+  if (scontext && setfscreatecon (scontext) < 0)
+    error (EXIT_FAILURE, errno,
+          _("failed to set default file creation context to %s"),
+          quote (optarg));
+
   /* Only check the first character, to allow mnemonic usage like
      `mknod /dev/rst0 character 18 0'. */