doc: add missing documentation for some SELinux options

* doc/coreutils.texi (ls invocation): Describe the --context (-Z) option
(install invocation): Describe the --preserve-context and -Z options
(id invocation): Describe the --context (-Z) option
(mkdir invocation): ditto
(mknod invocation): ditto
(mkfifo invocation): ditto
* TODO: remove the todo item

diff --git a/TODO b/TODO
index 7288285..9128ddf 100644 (file)
--- a/TODO
+++ b/TODO
@@ -15,7 +15,6 @@ document the following in coreutils.texi:
   mktemp
   [
   pinky
-Also document the SELinux changes.
 
 Suggestion from Paul Eggert:
   More generally, there's not that much use for imaxtostr nowadays,

diff --git a/doc/coreutils.texi b/doc/coreutils.texi
index 70effa1..c6e66d5 100644 (file)
--- a/doc/coreutils.texi
+++ b/doc/coreutils.texi
@@ -6540,6 +6540,16 @@ it also affects the HP-UX @command{ls} program.
 
 @optSi
 
+@item -Z
+@itemx --context
+@opindex -Z
+@opindex --context
+@cindex SELinux
+@cindex security context
+Display the SELinux security context or @samp{?} if none is found.
+When used with the @option{-l} option, print the security context
+to the left of the size column.
+
 @end table
 
 
@@ -8045,6 +8055,15 @@ ownership of installed files or directories to @var{owner}.  The default
 is @code{root}.  @var{owner} may be either a user name or a numeric user
 ID.
 
+@item --preserve-context
+@opindex --preserve-context
+@cindex SELinux
+@cindex security context
+Preserve the SELinux security context of files and directories.
+Failure to preserve the context in all of the files or directories
+will result in an exit status of 1.  If SELinux is disabled then
+print a warning and ignore the option.
+
 @item -p
 @itemx --preserve-timestamps
 @opindex -p
@@ -8083,6 +8102,16 @@ Program used to strip binaries.
 @opindex --verbose
 Print the name of each file before copying it.
 
+@item -Z @var{context}
+@itemx --context=@var{context}
+@opindex -Z
+@opindex --context
+@cindex SELinux
+@cindex security context
+Set the default SELinux security context to be used for any
+created files and directories.  If SELinux is disabled then
+print a warning and ignore the option.
+
 @end table
 
 @exitstatus
@@ -8917,6 +8946,15 @@ newly-created parent directories are inherited.
 @opindex --verbose
 Print a message for each created directory.  This is most useful with
 @option{--parents}.
+
+@item -Z @var{context}
+@itemx --context=@var{context}
+@opindex -Z
+@opindex --context
+@cindex SELinux
+@cindex security context
+Set the default SELinux security context to be used for created directories.
+
 @end table
 
 @exitstatus
@@ -8956,6 +8994,14 @@ Set the mode of created FIFOs to @var{mode}, which is symbolic as in
 for the point of departure.  @var{mode} should specify only file
 permission bits.  @xref{File permissions}.
 
+@item -Z @var{context}
+@itemx --context=@var{context}
+@opindex -Z
+@opindex --context
+@cindex SELinux
+@cindex security context
+Set the default SELinux security context to be used for created FIFOs.
+
 @end table
 
 @exitstatus
@@ -9031,6 +9077,14 @@ Set the mode of created files to @var{mode}, which is symbolic as in
 @var{mode} should specify only file permission bits.
 @xref{File permissions}.
 
+@item -Z @var{context}
+@itemx --context=@var{context}
+@opindex -Z
+@opindex --context
+@cindex SELinux
+@cindex security context
+Set the default SELinux security context to be used for created files.
+
 @end table
 
 @exitstatus
@@ -12737,6 +12791,16 @@ Print the real, instead of effective, user or group ID.  Requires
 @opindex --user
 Print only the user ID.
 
+@item -Z
+@itemx --context
+@opindex -Z
+@opindex --context
+@cindex SELinux
+@cindex security context
+Print only the security context of the current user.
+If SELinux is disabled then print a warning and
+set the exit status to 1.
+
 @end table
 
 @exitstatus