From ebbf0a1f0f75490dd7e8b7d717adc46888075e1e Mon Sep 17 00:00:00 2001 From: Jim Meyering Date: Fri, 11 Sep 2009 16:30:27 +0200 Subject: [PATCH] id: don't print context=... when POSIXLY_CORRECT is set * src/id.c (print_full_info) [POSIXLY_CORRECT]: Don't print context. Reported by Ulrich Drepper. * NEWS (Changes in behavior): Mention it. * doc/coreutils.texi (id invocation): Document that id also prints the security context, when possible, and when POSIXLY_CORRECT is not set. * tests/id/no-context: New file. Test for this. * tests/Makefile.am (TESTS): Add it. --- NEWS | 5 +++++ doc/coreutils.texi | 4 ++++ src/id.c | 5 ++++- tests/Makefile.am | 1 + tests/id/no-context | 40 ++++++++++++++++++++++++++++++++++++++++ 5 files changed, 54 insertions(+), 1 deletion(-) create mode 100755 tests/id/no-context diff --git a/NEWS b/NEWS index 6cfe8bb..b3c6c8c 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,11 @@ GNU coreutils NEWS -*- outline -*- * Noteworthy changes in release ?.? (????-??-??) [?] +** Changes in behavior + + id no longer prints SELinux " context=..." when the POSIXLY_CORRECT + environment variable is set. + ** Improvements rm: rewrite to use gnulib's fts diff --git a/doc/coreutils.texi b/doc/coreutils.texi index 22d307a..8b28566 100644 --- a/doc/coreutils.texi +++ b/doc/coreutils.texi @@ -12825,9 +12825,13 @@ running it if no user is specified. Synopsis: id [@var{option}]@dots{} [@var{username}] @end example +@vindex POSIXLY_CORRECT By default, it prints the real user ID, real group ID, effective user ID if different from the real user ID, effective group ID if different from the real group ID, and supplemental group IDs. +In addition, if SELinux +is enabled and the @env{POSIXLY_CORRECT} environment variable is not set, +then print @samp{context=@var{c}}, where @var{c} is the security context. Each of these numeric values is preceded by an identifying string and followed by the corresponding user or group name in parentheses. diff --git a/src/id.c b/src/id.c index b28643b..ec255e2 100644 --- a/src/id.c +++ b/src/id.c @@ -328,6 +328,9 @@ print_full_info (const char *username) free (groups); } #endif /* HAVE_GETGROUPS */ - if (context != NULL) + + /* POSIX mandates the precise output format, and that it not include + any context=... part, so skip that if POSIXLY_CORRECT is set. */ + if (context != NULL && ! getenv ("POSIXLY_CORRECT")) printf (_(" context=%s"), context); } diff --git a/tests/Makefile.am b/tests/Makefile.am index 7a20e0c..43a493f 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -334,6 +334,7 @@ TESTS = \ du/slink \ du/trailing-slash \ du/two-args \ + id/no-context \ install/basic-1 \ install/create-leading \ install/d-slashdot \ diff --git a/tests/id/no-context b/tests/id/no-context new file mode 100755 index 0000000..f875ee0 --- /dev/null +++ b/tests/id/no-context @@ -0,0 +1,40 @@ +#!/bin/sh +# With POSIXLY_CORRECT, id must not print context=... + +# Copyright (C) 2009 Free Software Foundation, Inc. + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +if test "$VERBOSE" = yes; then + set -x + id --version +fi + +. $srcdir/test-lib.sh + +# We don't need selinux *FS* support to test id, +# but this is as good a witness as any, in general. +require_selinux_ + +fail=0 + +# Require the context=... part by default. +id > out || fail=1 +grep context= out || fail=1 + +# Require no context=... part in conforming mode. +POSIXLY_CORRECT=1 id > out || fail=1 +grep context= out && fail=1 + +Exit $fail -- 2.7.4