From e1609b144a27ce68b99a19f99978632028da5998 Mon Sep 17 00:00:00 2001 From: Sebastian Grabowski Date: Tue, 14 Oct 2014 08:54:01 +0200 Subject: [PATCH] id: Added -Z (Smack) option. It displays smack security context of the current user. Change-Id: I2545f6fe77527b1ecc604cc14d8fc282a1b4c70c Signed-off-by: Sebastian Grabowski --- toys/posix/id.c | 37 ++++++++++++++++++++++++++++++++++++- 1 file changed, 36 insertions(+), 1 deletion(-) diff --git a/toys/posix/id.c b/toys/posix/id.c index c3fe609..3d21555 100644 --- a/toys/posix/id.c +++ b/toys/posix/id.c @@ -15,7 +15,7 @@ config ID bool "id" default y help - usage: id [-nGgru] + usage: id [-nGgruZ] Print user and group ID. @@ -24,6 +24,7 @@ config ID -g Show only the effective group ID -r Show real ID instead of effective ID -u Show only the effective user ID + -Z Show only the security context of the current user config ID_SELINUX bool @@ -80,6 +81,30 @@ static void s_or_u(char *s, unsigned u, int done) } } +static void show_security_context(int done) +{ +#ifdef USE_SMACK + char *smack_label = NULL; + ssize_t sl_len = -1; + + if ((sl_len = smack_new_label_from_self(&smack_label)) >= 0) { + if (!done) + putchar(' '); + if (!TT.do_Z) + printf("context="); + printf("%.*s", sl_len, smack_label); + free(smack_label); + } +#else + if (done) + printf("id: -Z works only with smack enabled toybox"); +#endif + if (done) { + xputc('\n'); + exit(0); + } +} + static void showid(char *header, unsigned u, char *s) { printf("%s%u(%s)", header, u, s); @@ -103,6 +128,13 @@ void do_id(char *username) if (TT.is_groups) printf("%s : ", pw->pw_name); } + if (TT.do_Z) + if (username) { + printf("id: cannot print security context when user specified\n"); + exit(1); + } else + show_security_context(1); + i = flags & FLAG_r; pw = xgetpwuid(i ? uid : euid); if (TT.do_u) s_or_u(pw->pw_name, pw->pw_uid, 1); @@ -163,6 +195,9 @@ void do_id(char *username) if (CFG_TOYBOX_FREE) free(context); } + if (!TT.do_Z && !username) + show_security_context(0); + xputc('\n'); } -- 2.7.4