From: Jinkun Jang Date: Fri, 15 Mar 2013 16:11:15 +0000 (+0900) Subject: merge with master X-Git-Tag: submit/tizen_2.2/20130714.154440 X-Git-Url: http://review.tizen.org/git/?p=external%2Ftizen-coreutils.git;a=commitdiff_plain;h=refs%2Ftags%2Fsubmit%2Ftizen_2.2%2F20130714.154440 merge with master --- diff --git a/packaging/coreutils-6.9-smack.patch b/packaging/coreutils-6.9-smack.patch new file mode 100644 index 0000000..1ac188e --- /dev/null +++ b/packaging/coreutils-6.9-smack.patch @@ -0,0 +1,927 @@ +diff -Nuarp tizen-coreutils/src/copy.c tizen-coreutils-smack/src/copy.c +--- tizen-coreutils/src/copy.c 2012-11-30 11:18:57.473521424 +0200 ++++ tizen-coreutils-smack/src/copy.c 2012-11-30 11:26:01.601502515 +0200 +@@ -53,6 +53,7 @@ + #include "utimens.h" + #include "xreadlink.h" + #include "yesno.h" ++#include "smack.h" + + #ifndef HAVE_FCHOWN + # define HAVE_FCHOWN false +@@ -570,6 +574,28 @@ copy_reg (char const *src_name, char con + } + } + ++ if (x->preserve_context) ++ { ++ char src_context[SMACK_LABELLEN]; ++ char dst_context[SMACK_LABELLEN]; ++ ++ if (smack_of_fd (source_desc, src_context, SMACK_LABELLEN) < 0) ++ { ++ if (x->require_preserve) ++ ; //fail silently now // return_val = false; ++ } ++ else if (smack_of_fd (dest_desc, dst_context, SMACK_LABELLEN) < 0) ++ { ++ if (x->require_preserve) ++ ; //fail silently now // return_val = false; ++ } ++ else if (strcmp(src_context, dst_context)) ++ { ++ if (smack_to_fd(dest_desc, src_context) < 0 && x->require_preserve) ++ ; //fail silently now // return_val = false; ++ } ++ } ++ + close_src_and_dst_desc: + if (close (dest_desc) < 0) + { +diff -Nuarp tizen-coreutils/src/copy.h tizen-coreutils-smack/src/copy.h +--- tizen-coreutils/src/copy.h 2012-11-30 10:11:38.000000000 +0200 ++++ tizen-coreutils-smack/src/copy.h 2012-11-30 11:20:39.837516860 +0200 +@@ -128,6 +128,10 @@ struct cp_options + bool preserve_mode; + bool preserve_timestamps; + ++ /* If true, attempt to give the copies the original files' ++ security context. */ ++ bool preserve_context; ++ + /* Enabled for mv, and for cp by the --preserve=links option. + If true, attempt to preserve in the destination files any + logical hard links between the source files. If used with cp's +diff -Nuarp tizen-coreutils/src/cp.c tizen-coreutils-smack/src/cp.c +--- tizen-coreutils/src/cp.c 2012-11-30 10:11:38.000000000 +0200 ++++ tizen-coreutils-smack/src/cp.c 2012-11-30 11:20:39.837516860 +0200 +@@ -35,6 +35,7 @@ + #include "stat-time.h" + #include "utimens.h" + #include "acl.h" ++#include "smack.h" + + #define ASSIGN_BASENAME_STRDUPA(Dest, File_name) \ + do \ +@@ -191,7 +192,7 @@ Mandatory arguments to long options are + -p same as --preserve=mode,ownership,timestamps\n\ + --preserve[=ATTR_LIST] preserve the specified attributes (default:\n\ + mode,ownership,timestamps), if possible\n\ +- additional attributes: links, all\n\ ++ additional attributes: links, context, all\n\ + "), stdout); + fputs (_("\ + --no-preserve=ATTR_LIST don't preserve the specified attributes\n\ +@@ -317,6 +318,27 @@ re_protect (char const *const_dst_name, + } + } + ++ if (x->preserve_context) ++ { ++ char src_context[SMACK_LABELLEN]; ++ char dst_context[SMACK_LABELLEN]; ++ ++ if (smack_of_file (src_name, src_context, SMACK_LABELLEN) < 0 || ++ smack_of_file (dst_name, dst_context, SMACK_LABELLEN) < 0) ++ { ++ ; //error (0, errno, _("failed to preserve context for %s"), ++ // quote (dst_name)); ++ //return false; ++ } ++ if (strcmp (src_context, dst_context) && ++ smack_to_file (dst_name, src_context) < 0) ++ { ++ ; //error (0, errno, _("failed to preserve context for %s"), ++ // quote (dst_name)); ++ //return false; ++ } ++ } ++ + if (x->preserve_ownership) + { + if (chown (dst_name, src_sb.st_uid, src_sb.st_gid) != 0 +@@ -749,6 +771,7 @@ cp_option_init (struct cp_options *x) + x->preserve_links = false; + x->preserve_mode = false; + x->preserve_timestamps = false; ++ x->preserve_context = false; + + x->require_preserve = false; + x->recursive = false; +@@ -777,18 +800,19 @@ decode_preserve_arg (char const *arg, st + PRESERVE_TIMESTAMPS, + PRESERVE_OWNERSHIP, + PRESERVE_LINK, ++ PRESERVE_CONTEXT, + PRESERVE_ALL + }; + static enum File_attribute const preserve_vals[] = + { + PRESERVE_MODE, PRESERVE_TIMESTAMPS, +- PRESERVE_OWNERSHIP, PRESERVE_LINK, PRESERVE_ALL ++ PRESERVE_OWNERSHIP, PRESERVE_LINK, PRESERVE_CONTEXT, PRESERVE_ALL + }; + /* Valid arguments to the `--preserve' option. */ + static char const* const preserve_args[] = + { + "mode", "timestamps", +- "ownership", "links", "all", NULL ++ "ownership", "links", "context", "all", NULL + }; + ARGMATCH_VERIFY (preserve_args, preserve_vals); + +@@ -824,11 +848,16 @@ decode_preserve_arg (char const *arg, st + x->preserve_links = on_off; + break; + ++ case PRESERVE_CONTEXT: ++ x->preserve_context = on_off; ++ break; ++ + case PRESERVE_ALL: + x->preserve_mode = on_off; + x->preserve_timestamps = on_off; + x->preserve_ownership = on_off; + x->preserve_links = on_off; ++ x->preserve_context = on_off; + break; + + default: +@@ -885,6 +914,8 @@ main (int argc, char **argv) + x.preserve_ownership = true; + x.preserve_mode = true; + x.preserve_timestamps = true; ++ /* Context preservation may be draconian */ ++ x.preserve_context = true; + x.require_preserve = true; + x.recursive = true; + break; +diff -Nuarp tizen-coreutils/src/id.c tizen-coreutils-smack/src/id.c +--- tizen-coreutils/src/id.c 2012-11-30 10:11:38.000000000 +0200 ++++ tizen-coreutils-smack/src/id.c 2012-11-30 11:20:39.837516860 +0200 +@@ -29,6 +29,7 @@ + #include "system.h" + #include "error.h" + #include "quote.h" ++#include "smack.h" + + /* The official name of this program (e.g., no `g' prefix). */ + #define PROGRAM_NAME "id" +@@ -40,6 +41,7 @@ int getugroups (); + static void print_user (uid_t uid); + static void print_group (gid_t gid); + static void print_group_list (const char *username); ++static void print_context (void); + static void print_full_info (const char *username); + + /* The name this program was run with. */ +@@ -52,11 +54,15 @@ static bool use_name = false; + static uid_t ruid, euid; + static gid_t rgid, egid; + ++/* The security "context" to print. */ ++static char context[SMACK_LABELLEN]; ++ + /* True unless errors have been encountered. */ + static bool ok = true; + + static struct option const longopts[] = + { ++ {"context", no_argument, NULL, 'Z'}, + {"group", no_argument, NULL, 'g'}, + {"groups", no_argument, NULL, 'G'}, + {"name", no_argument, NULL, 'n'}, +@@ -80,6 +86,7 @@ usage (int status) + Print information for USERNAME, or the current user.\n\ + \n\ + -a ignore, for compatibility with other versions\n\ ++ -Z, --context print only the security context\n\ + -g, --group print only the effective group ID\n\ + -G, --groups print all group IDs\n\ + -n, --name print a name instead of a number, for -ugG\n\ +@@ -102,6 +109,8 @@ main (int argc, char **argv) + { + int optc; + ++ /* If true, output only the security context. -Z */ ++ bool just_context = false; + /* If true, output the list of all group IDs. -G */ + bool just_group_list = false; + /* If true, output only the group ID(s). -g */ +@@ -119,13 +128,16 @@ main (int argc, char **argv) + + atexit (close_stdout); + +- while ((optc = getopt_long (argc, argv, "agnruG", longopts, NULL)) != -1) ++ while ((optc = getopt_long (argc, argv, "agnruGZ", longopts, NULL)) != -1) + { + switch (optc) + { + case 'a': + /* Ignore -a, for compatibility with SVR4. */ + break; ++ case 'Z': ++ just_context = true; ++ break; + case 'g': + just_group = true; + break; +@@ -148,8 +160,8 @@ main (int argc, char **argv) + } + } + +- if (just_user + just_group + just_group_list > 1) +- error (EXIT_FAILURE, 0, _("cannot print only user and only group")); ++ if (just_user + just_group + just_group_list + just_context > 1) ++ error (EXIT_FAILURE, 0, _("cannot print multiple exclusive fields")); + + if (just_user + just_group + just_group_list == 0 && (use_real | use_name)) + error (EXIT_FAILURE, 0, +@@ -183,6 +195,8 @@ main (int argc, char **argv) + print_group (use_real ? rgid : egid); + else if (just_group_list) + print_group_list (argv[optind]); ++ else if (just_context) ++ print_context (); + else + print_full_info (argv[optind]); + putchar ('\n'); +@@ -324,6 +338,18 @@ print_group_list (const char *username) + #endif /* HAVE_GETGROUPS */ + } + ++/* Print the security context. */ ++ ++static void ++print_context (void) ++{ ++ ++ if (smack_of_proc(-1, context, sizeof (context)) < 1 || strlen(context) < 1) ++ printf (""); ++ else ++ printf ("%s", context); ++} ++ + /* Print all of the info about the user's user and group IDs. */ + + static void +@@ -385,4 +411,7 @@ print_full_info (const char *username) + free (groups); + } + #endif /* HAVE_GETGROUPS */ ++ ++ if (smack_of_proc(-1, context, sizeof (context)) > 0 && strlen(context) > 0) ++ printf (" context=\"%s\"", context); + } +diff -Nuarp tizen-coreutils/src/install.c tizen-coreutils-smack/src/install.c +--- tizen-coreutils/src/install.c 2012-11-30 10:11:38.000000000 +0200 ++++ tizen-coreutils-smack/src/install.c 2012-11-30 11:20:39.837516860 +0200 +@@ -39,6 +39,7 @@ + #include "stat-time.h" + #include "utimens.h" + #include "xstrtol.h" ++#include "smack.h" + + /* The official name of this program (e.g., no `g' prefix). */ + #define PROGRAM_NAME "install" +@@ -115,6 +116,9 @@ static mode_t dir_mode = DEFAULT_MODE; + or S_ISGID bits. */ + static mode_t dir_mode_bits = CHMOD_MODE_BITS; + ++/* The security context to give all files. */ ++static char *context; ++ + /* If true, strip executable files after copying them. */ + static bool strip_files; + +@@ -124,6 +128,7 @@ static bool dir_arg; + static struct option const long_options[] = + { + {"backup", optional_argument, NULL, 'b'}, ++ {"context", required_argument, NULL, 'Z'}, + {"directory", no_argument, NULL, 'd'}, + {"group", required_argument, NULL, 'g'}, + {"mode", required_argument, NULL, 'm'}, +@@ -155,6 +160,7 @@ cp_option_init (struct cp_options *x) + x->preserve_links = false; + x->preserve_mode = false; + x->preserve_timestamps = false; ++ x->preserve_context = false; + x->require_preserve = false; + x->recursive = false; + x->sparse_mode = SPARSE_AUTO; +@@ -243,7 +249,7 @@ main (int argc, char **argv) + we'll actually use backup_suffix_string. */ + backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX"); + +- while ((optc = getopt_long (argc, argv, "bcsDdg:m:o:pt:TvS:", long_options, ++ while ((optc = getopt_long (argc, argv, "bcsDdg:m:o:pt:TvS:Z:", long_options, + NULL)) != -1) + { + switch (optc) +@@ -305,6 +311,9 @@ main (int argc, char **argv) + case 'T': + no_target_directory = true; + break; ++ case 'Z': ++ context = optarg; ++ break; + case_GETOPT_HELP_CHAR; + case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS); + default: +@@ -520,6 +529,8 @@ change_attributes (char const *name) + error (0, errno, _("cannot change ownership of %s"), quote (name)); + else if (chmod (name, mode) != 0) + error (0, errno, _("cannot change permissions of %s"), quote (name)); ++ else if (context && smack_to_file (name, context) < 0) ++ ; // error (0, errno, _("cannot change security context of %s"), quote (name)); + else + return true; + +@@ -686,6 +697,7 @@ Mandatory arguments to long options are + -t, --target-directory=DIRECTORY copy all SOURCE arguments into DIRECTORY\n\ + -T, --no-target-directory treat DEST as a normal file\n\ + -v, --verbose print the name of each directory as it is created\n\ ++ -Z, --context=CONTEXT set the security context on all destination files\n\ + "), stdout); + fputs (HELP_OPTION_DESCRIPTION, stdout); + fputs (VERSION_OPTION_DESCRIPTION, stdout); +diff -Nuarp tizen-coreutils/src/ls.c tizen-coreutils-smack/src/ls.c +--- tizen-coreutils/src/ls.c 2012-11-30 10:11:38.000000000 +0200 ++++ tizen-coreutils-smack/src/ls.c 2012-11-30 11:20:39.841516860 +0200 +@@ -104,6 +104,7 @@ + #include "wcwidth.h" + #include "xstrtol.h" + #include "xreadlink.h" ++#include "smack.h" + + #define PROGRAM_NAME (ls_mode == LS_LS ? "ls" \ + : (ls_mode == LS_MULTI_COL \ +@@ -177,6 +178,9 @@ struct fileinfo + /* For long listings, true if the file has an access control list. */ + bool have_acl; + #endif ++ ++ /* Security context */ ++ char context[SMACK_LABELLEN]; + }; + + #if USE_ACL +@@ -339,6 +343,7 @@ static int nlink_width; + static int owner_width; + static int group_width; + static int author_width; ++static int context_width; + static int major_device_number_width; + static int minor_device_number_width; + static int file_size_width; +@@ -434,6 +439,10 @@ static bool print_owner = true; + + static bool print_author; + ++/* True means to display the security context. */ ++ ++static bool print_context; ++ + /* True means to display group information. -G and -o turn this off. */ + + static bool print_group = true; +@@ -1514,7 +1523,7 @@ decode_switches (int argc, char **argv) + } + + while ((c = getopt_long (argc, argv, +- "abcdfghiklmnopqrstuvw:xABCDFGHI:LNQRST:UX1", ++ "abcdfghiklmnopqrstuvw:xABCDFGHI:LNQRST:UXZ1", + long_options, NULL)) != -1) + { + switch (c) +@@ -1717,6 +1726,10 @@ decode_switches (int argc, char **argv) + sort_type_specified = true; + break; + ++ case 'Z': ++ print_context = true; ++ break; ++ + case '1': + /* -1 has no effect after -l. */ + if (format != long_format) +@@ -2574,6 +2587,7 @@ gobble_file (char const *name, enum file + /* Command line dereferences are already taken care of by the above + assertion that the inode number is not yet known. */ + || (print_inode && inode == NOT_AN_INODE_NUMBER) ++ || print_context + || (format_needs_type + && (type == unknown || command_line_arg + /* --indicator-style=classify (aka -F) +@@ -2605,6 +2619,7 @@ gobble_file (char const *name, enum file + switch (dereference) + { + case DEREF_ALWAYS: ++ err = smack_of_file_follow(absolute_name, f->context, SMACK_LABELLEN); + err = stat (absolute_name, &f->stat); + break; + +@@ -2613,6 +2628,8 @@ gobble_file (char const *name, enum file + if (command_line_arg) + { + bool need_lstat; ++ err = smack_of_file_follow(absolute_name, f->context, ++ SMACK_LABELLEN); + err = stat (absolute_name, &f->stat); + + if (dereference == DEREF_COMMAND_LINE_ARGUMENTS) +@@ -2631,6 +2648,7 @@ gobble_file (char const *name, enum file + } + + default: /* DEREF_NEVER */ ++ err = smack_of_file(absolute_name, f->context, SMACK_LABELLEN); + err = lstat (absolute_name, &f->stat); + break; + } +@@ -2738,6 +2756,13 @@ gobble_file (char const *name, enum file + author_width = len; + } + ++ if (print_context) ++ { ++ int len = strlen (f->context); ++ if (context_width < len) ++ context_width = len; ++ } ++ + { + char buf[INT_BUFSIZE_BOUND (uintmax_t)]; + int len = strlen (umaxtostr (f->stat.st_nlink, buf)); +@@ -3463,7 +3488,7 @@ print_long_format (const struct fileinfo + + DIRED_INDENT (); + +- if (print_owner | print_group | print_author) ++ if (print_owner | print_group | print_author | print_context) + { + DIRED_FPUTS (buf, stdout, p - buf); + +@@ -3476,6 +3501,9 @@ print_long_format (const struct fileinfo + if (print_author) + format_user (f->stat.st_author, author_width, f->stat_ok); + ++ if (print_context) ++ format_user_or_group(f->context, 0, context_width); ++ + p = buf; + } + +@@ -3812,6 +3840,9 @@ print_file_name_and_frills (const struct + human_readable (ST_NBLOCKS (f->stat), buf, human_output_opts, + ST_NBLOCKSIZE, output_block_size)); + ++ if (print_context) ++ printf ("%*s ", format == with_commas ? 0 : context_width, f->context); ++ + print_name_with_quoting (f->name, FILE_OR_LINK_MODE (f), f->linkok, + f->stat_ok, f->filetype, NULL); + +@@ -3975,6 +4006,9 @@ length_of_file_name_and_frills (const st + output_block_size)) + : block_size_width); + ++ if (print_context) ++ len += 1 + (format == with_commas ? strlen (f->context) : context_width); ++ + quote_name (NULL, f->name, filename_quoting_options, &name_width); + len += name_width; + +@@ -4403,6 +4437,7 @@ Mandatory arguments to long options are + -w, --width=COLS assume screen width instead of current value\n\ + -x list entries by lines instead of by columns\n\ + -X sort alphabetically by entry extension\n\ ++ -Z print the security context\n\ + -1 list one file per line\n\ + "), stdout); + fputs (HELP_OPTION_DESCRIPTION, stdout); +diff -Nuarp tizen-coreutils/src/mkdir.c tizen-coreutils-smack/src/mkdir.c +--- tizen-coreutils/src/mkdir.c 2012-11-30 10:11:38.000000000 +0200 ++++ tizen-coreutils-smack/src/mkdir.c 2012-11-30 11:20:39.841516860 +0200 +@@ -29,6 +29,7 @@ + #include "modechange.h" + #include "quote.h" + #include "savewd.h" ++#include "smack.h" + + /* The official name of this program (e.g., no `g' prefix). */ + #define PROGRAM_NAME "mkdir" +@@ -40,6 +41,7 @@ char *program_name; + + static struct option const longopts[] = + { ++ {"context", required_argument, NULL, 'Z'}, + {"mode", required_argument, NULL, 'm'}, + {"parents", no_argument, NULL, 'p'}, + {"verbose", no_argument, NULL, 'v'}, +@@ -65,9 +67,10 @@ Create the DIRECTORY(ies), if they do no + Mandatory arguments to long options are mandatory for short options too.\n\ + "), stdout); + fputs (_("\ +- -m, --mode=MODE set file mode (as in chmod), not a=rwx - umask\n\ +- -p, --parents no error if existing, make parent directories as needed\n\ +- -v, --verbose print a message for each created directory\n\ ++ -Z, --context=CONTEXT set security context\n\ ++ -m, --mode=MODE set file mode (as in chmod), not a=rwx - umask\n\ ++ -p, --parents no error if existing, make parent directories as needed\n\ ++ -v, --verbose print a message for each created directory\n\ + "), stdout); + fputs (HELP_OPTION_DESCRIPTION, stdout); + fputs (VERSION_OPTION_DESCRIPTION, stdout); +@@ -92,6 +95,9 @@ struct mkdir_options + /* File mode bits affected by MODE. */ + mode_t mode_bits; + ++ /* Security context. */ ++ char *context; ++ + /* If not null, format to use when reporting newly made directories. */ + char const *created_directory_format; + }; +@@ -101,6 +107,17 @@ static void + announce_mkdir (char const *dir, void *options) + { + struct mkdir_options const *o = options; ++ ++ if (o->context) { ++ char *sep = strrchr(dir, '/'); ++ int res = 0; ++ if ((sep != NULL) && (strlen(sep) != strlen(dir))) ++ res = smack_to_file (sep + 1, o->context); ++ else ++ res = smack_to_file (dir, o->context); ++ if (res < 0) ++ ; // error (0, errno, _("setting directory context failed")); ++ } + if (o->created_directory_format) + error (0, 0, o->created_directory_format, quote (dir)); + } +@@ -144,6 +155,7 @@ main (int argc, char **argv) + options.make_ancestor_function = NULL; + options.mode = S_IRWXUGO; + options.mode_bits = 0; ++ options.context = NULL; + options.created_directory_format = NULL; + + initialize_main (&argc, &argv); +@@ -154,10 +166,13 @@ main (int argc, char **argv) + + atexit (close_stdout); + +- while ((optc = getopt_long (argc, argv, "pm:v", longopts, NULL)) != -1) ++ while ((optc = getopt_long (argc, argv, "Z:pm:v", longopts, NULL)) != -1) + { + switch (optc) + { ++ case 'Z': ++ options.context = optarg; ++ break; + case 'p': + options.make_ancestor_function = make_ancestor; + break; +diff -Nuarp tizen-coreutils/src/mkfifo.c tizen-coreutils-smack/src/mkfifo.c +--- tizen-coreutils/src/mkfifo.c 2012-11-30 10:11:38.000000000 +0200 ++++ tizen-coreutils-smack/src/mkfifo.c 2012-11-30 11:20:39.841516860 +0200 +@@ -26,6 +26,7 @@ + #include "error.h" + #include "modechange.h" + #include "quote.h" ++#include "smack.h" + + /* The official name of this program (e.g., no `g' prefix). */ + #define PROGRAM_NAME "mkfifo" +@@ -37,6 +38,7 @@ char *program_name; + + static struct option const longopts[] = + { ++ {"context", required_argument, NULL, 'Z'}, + {"mode", required_argument, NULL, 'm'}, + {GETOPT_HELP_OPTION_DECL}, + {GETOPT_VERSION_OPTION_DECL}, +@@ -60,7 +62,10 @@ Create named pipes (FIFOs) with the give + Mandatory arguments to long options are mandatory for short options too.\n\ + "), stdout); + fputs (_("\ +- -m, --mode=MODE set file permission bits to MODE, not a=rw - umask\n\ ++ -Z, --context=CONTEXT set security context to CONTEXT\n\ ++"), stdout); ++ fputs (_("\ ++ -m, --mode=MODE set file permission bits to MODE, not a=rw - umask\n\ + "), stdout); + fputs (HELP_OPTION_DESCRIPTION, stdout); + fputs (VERSION_OPTION_DESCRIPTION, stdout); +@@ -73,6 +78,7 @@ int + main (int argc, char **argv) + { + mode_t newmode; ++ char const *specified_context = NULL; + char const *specified_mode = NULL; + int exit_status = EXIT_SUCCESS; + int optc; +@@ -85,10 +91,13 @@ main (int argc, char **argv) + + atexit (close_stdout); + +- while ((optc = getopt_long (argc, argv, "m:", longopts, NULL)) != -1) ++ while ((optc = getopt_long (argc, argv, "Z:m:", longopts, NULL)) != -1) + { + switch (optc) + { ++ case 'Z': ++ specified_context = optarg; ++ break; + case 'm': + specified_mode = optarg; + break; +@@ -119,11 +128,17 @@ main (int argc, char **argv) + } + + for (; optind < argc; ++optind) +- if (mkfifo (argv[optind], newmode) != 0) +- { +- error (0, errno, _("cannot create fifo %s"), quote (argv[optind])); +- exit_status = EXIT_FAILURE; +- } ++ { ++ if (mkfifo (argv[optind], newmode) != 0) ++ { ++ error (0, errno, _("cannot create fifo %s"), quote (argv[optind])); ++ exit_status = EXIT_FAILURE; ++ } ++ if (specified_context && ++ smack_to_file(argv[optind], specified_context) < 0) ++ ;// error (0, errno, _("context assignment of %s to %s failed"), ++ // argv[optind], quote (specified_context)); ++ } + + exit (exit_status); + } +diff -Nuarp tizen-coreutils/src/mknod.c tizen-coreutils-smack/src/mknod.c +--- tizen-coreutils/src/mknod.c 2012-11-30 10:11:38.000000000 +0200 ++++ tizen-coreutils-smack/src/mknod.c 2012-11-30 11:20:39.841516860 +0200 +@@ -27,6 +27,7 @@ + #include "modechange.h" + #include "quote.h" + #include "xstrtol.h" ++#include "smack.h" + + /* The official name of this program (e.g., no `g' prefix). */ + #define PROGRAM_NAME "mknod" +@@ -38,6 +39,7 @@ char *program_name; + + static struct option const longopts[] = + { ++ {"context", required_argument, NULL, 'Z'}, + {"mode", required_argument, NULL, 'm'}, + {GETOPT_HELP_OPTION_DECL}, + {GETOPT_VERSION_OPTION_DECL}, +@@ -62,7 +64,10 @@ Create the special file NAME of the give + Mandatory arguments to long options are mandatory for short options too.\n\ + "), stdout); + fputs (_("\ +- -m, --mode=MODE set file permission bits to MODE, not a=rw - umask\n\ ++ -Z, --context=CONTEXT set file security context to CONTEXT\n\ ++"), stdout); ++ fputs (_("\ ++ -m, --mode=MODE set file permission bits to MODE, not a=rw - umask\n\ + "), stdout); + fputs (HELP_OPTION_DESCRIPTION, stdout); + fputs (VERSION_OPTION_DESCRIPTION, stdout); +@@ -88,6 +93,7 @@ int + main (int argc, char **argv) + { + mode_t newmode; ++ char const *specified_context = NULL; + char const *specified_mode = NULL; + int optc; + int expected_operands; +@@ -101,10 +107,13 @@ main (int argc, char **argv) + + atexit (close_stdout); + +- while ((optc = getopt_long (argc, argv, "m:", longopts, NULL)) != -1) ++ while ((optc = getopt_long (argc, argv, "Z:m:", longopts, NULL)) != -1) + { + switch (optc) + { ++ case 'Z': ++ specified_context = optarg; ++ break; + case 'm': + specified_mode = optarg; + break; +@@ -217,5 +226,9 @@ main (int argc, char **argv) + usage (EXIT_FAILURE); + } + ++ if (specified_context && smack_to_file (argv[optind], specified_context) < 0) ++ ; //error (0, errno, _("context assignment to %s failed"), ++ // quote (specified_context)); ++ + exit (EXIT_SUCCESS); + } +diff -Nuarp tizen-coreutils/src/mv.c tizen-coreutils-smack/src/mv.c +--- tizen-coreutils/src/mv.c 2012-11-30 10:11:38.000000000 +0200 ++++ tizen-coreutils-smack/src/mv.c 2012-11-30 11:20:39.841516860 +0200 +@@ -32,6 +32,7 @@ + #include "filenamecat.h" + #include "quote.h" + #include "remove.h" ++#include "smack.h" + + /* The official name of this program (e.g., no `g' prefix). */ + #define PROGRAM_NAME "mv" +@@ -126,6 +127,7 @@ cp_option_init (struct cp_options *x) + x->preserve_links = true; + x->preserve_mode = true; + x->preserve_timestamps = true; ++ x->preserve_context = true; + x->require_preserve = false; /* FIXME: maybe make this an option */ + x->recursive = true; + x->sparse_mode = SPARSE_AUTO; /* FIXME: maybe make this an option */ +diff -Nuarp tizen-coreutils/src/smack.h tizen-coreutils-smack/src/smack.h +--- tizen-coreutils/src/smack.h 1970-01-01 02:00:00.000000000 +0200 ++++ tizen-coreutils-smack/src/smack.h 2012-11-30 11:20:39.841516860 +0200 +@@ -0,0 +1,134 @@ ++/* smack.h - Simplified Mandatory Access Control Kernel ++ ++ Copyright (C) 2010 Free Software Foundation, Inc. ++ ++ This program is free software: you can redistribute it and/or modify ++ it under the terms of the GNU General Public License as published by ++ the Free Software Foundation; either version 3 of the License, or ++ (at your option) any later version. ++ ++ This program is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ GNU General Public License for more details. ++ ++ You should have received a copy of the GNU General Public License ++ along with this program. If not, see . ++ ++ Written by Casey Schaufler. */ ++ ++#include ++#include ++#include ++#include ++ ++#define SMACK_PATHTEXTSIZE 80 ++#define SMACK_LABELLEN 256 ++#define SMACK_PROC_FMT "/proc/%s/attr/current" ++#define SMACK_CHECK_PATH "/smack/load" ++#define SMACK_ATTRNAME "security.SMACK64" ++ ++static inline int ++smack_enabled(void) ++{ ++ int i; ++ struct stat buf; ++ ++ i = stat(SMACK_CHECK_PATH, &buf); ++ ++ if (i < 0) ++ return 0; ++ ++ return 1; ++} ++ ++static inline int ++smack_of_file(const char *path, char *result, int rlen) ++{ ++ int i; ++ ++ i = lgetxattr(path, SMACK_ATTRNAME, result, rlen); ++ if (i < 0) ++ return i; ++ ++ if (i < rlen) ++ result[i] = '\0'; ++ ++ return i; ++} ++ ++static inline int ++smack_of_file_follow(const char *path, char *result, int rlen) ++{ ++ int i; ++ ++ i = getxattr(path, SMACK_ATTRNAME, result, rlen); ++ if (i < 0) ++ return i; ++ ++ if (i < rlen) ++ result[i] = '\0'; ++ ++ return i; ++} ++ ++static inline int ++smack_of_fd(int fd, char *result, int rlen) ++{ ++ int i; ++ ++ i = fgetxattr(fd, SMACK_ATTRNAME, result, rlen); ++ if (i < 0) ++ return i; ++ ++ if (i < rlen) ++ result[i] = '\0'; ++ ++ return i; ++} ++ ++static inline int ++smack_to_fd(int fd, char *smack) ++{ ++ return fsetxattr(fd, SMACK_ATTRNAME, smack, strlen(smack), 0); ++} ++ ++static inline int ++smack_to_file(const char *path, char *smack) ++{ ++ return lsetxattr(path, SMACK_ATTRNAME, smack, strlen(smack), 0); ++} ++ ++static inline int ++smack_of_proc(pid_t pid, char *result, int rlen) ++{ ++ int fd; ++ int red; ++ char *cp = "self"; ++ char pidtext[SMACK_PATHTEXTSIZE]; ++ char path[SMACK_PATHTEXTSIZE]; ++ ++ if (pid > 0) ++ { ++ sprintf(pidtext, "%d", pid); ++ cp = pidtext; ++ } ++ ++ if (strlen(cp) + strlen(SMACK_PROC_FMT) >= SMACK_PATHTEXTSIZE) ++ return -1; ++ ++ sprintf(path, SMACK_PROC_FMT, cp); ++ fd = open(path, O_RDONLY); ++ if (fd < 0) ++ return fd; ++ ++ red = read(fd, result, rlen); ++ close(fd); ++ ++ if (red >= 0 && red < rlen) ++ result[red] = '\0'; ++ if ((cp = index (result, '\n')) != NULL) ++ *cp = '\0'; ++ ++ return strlen (result); ++} +diff -Nuarp tizen-coreutils/src/stat.c tizen-coreutils-smack/src/stat.c +--- tizen-coreutils/src/stat.c 2012-11-30 10:11:38.000000000 +0200 ++++ tizen-coreutils-smack/src/stat.c 2012-11-30 11:20:39.845516860 +0200 +@@ -68,6 +68,7 @@ + #include "stat-time.h" + #include "strftime.h" + #include "xreadlink.h" ++#include "smack.h" + + #define alignof(type) offsetof (struct { char c; type x; }, x) + +@@ -270,6 +271,8 @@ human_fstype (STRUCT_STATVFS const *stat + return "squashfs"; + case S_MAGIC_SYSFS: /* 0x62656572 */ + return "sysfs"; ++ case S_MAGIC_SMACK: /* 0x43415D53 */ ++ return "smack"; + # elif __GNU__ + case FSTYPE_UFS: + return "ufs"; +@@ -595,6 +598,14 @@ print_stat (char *pformat, size_t prefix + else + out_uint (pformat, prefix_len, statbuf->st_ctime); + break; ++ case 'C': ++ { ++ char context[SMACK_LABELLEN]; ++ ++ if (smack_of_file(filename, context, SMACK_LABELLEN) > 0) ++ out_string(pformat, prefix_len, context); ++ } ++ break; + default: + fputc ('?', stdout); + break; +@@ -855,6 +866,7 @@ The valid format sequences for files (wi + %B The size in bytes of each block reported by %b\n\ + "), stdout); + fputs (_("\ ++ %C Security context\n\ + %d Device number in decimal\n\ + %D Device number in hex\n\ + %f Raw mode in hex\n\ diff --git a/packaging/coreutils.changes b/packaging/coreutils.changes index 1bf3ce5..5398496 100644 --- a/packaging/coreutils.changes +++ b/packaging/coreutils.changes @@ -1,3 +1,6 @@ +* Tue Dec 11 2012 Elena Reshetova - 6.9 +- Bringing smack support back + * Sun May 22 2011 Anas Nashif - 6.9 - Split docs and translations diff --git a/packaging/tizen-coreutils.spec b/packaging/tizen-coreutils.spec index 7b60ead..6593e65 100644 --- a/packaging/tizen-coreutils.spec +++ b/packaging/tizen-coreutils.spec @@ -12,6 +12,7 @@ Source0: ftp://ftp.gnu.org/gnu/%{name}/coreutils-%{version}.tar.bz2 Source1: mktemp-1.5.tar.gz Source1001: %{name}.manifest Patch1: coreutils-futimens.patch +Patch2: coreutils-6.9-smack.patch Patch1001: mktemp-1.5-build.patch BuildRequires: autoconf >= 2.58 @@ -29,6 +30,7 @@ the old GNU fileutils, sh-utils, and textutils packages. %prep %setup -q -b 1 -n coreutils-%{version} %patch1 -p1 -b .futimens +%patch2 -p1 -b .smack %build cp %{SOURCE1001} .