[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: [PATCH 3/8] busybox -- SELinux option support for coreutils: ver3
From: Yuichi Nakamura <ynakam () hitachisoft ! jp>
Date: 2007-02-23 8:47:53
Message-ID: 20070223174753.db70e01c.ynakam () hitachisoft ! jp
[Download RAW message or body]
[3/8] busybox-coreutils-03-mk.v3.patch
- -Z option support for mkdir, mkfifo, mknod.
By -Z, security context for created file can be set.
Signed-off-by: Yoshinori Sato <ysato@users.sourceforge.jp>
["busybox-coreutils-mk-03.v3.patch" (application/octet-stream)]
Index: coreutils/mkdir.c
===================================================================
--- coreutils/mkdir.c (revision 17961)
+++ coreutils/mkdir.c (working copy)
@@ -16,6 +16,11 @@
* conjunction with -m.
*/
+/* Nov 28, 2006 Yoshinori Sato <ysato@users.sourceforge.jp>
+ *
+ * Add -Z (SELinux) support.
+ */
+
#include <stdlib.h>
#include <unistd.h>
#include <getopt.h> /* struct option */
@@ -25,6 +30,9 @@
static const struct option mkdir_long_options[] = {
{ "mode", 1, NULL, 'm' },
{ "parents", 0, NULL, 'p' },
+#if ENABLE_SELINUX
+ { "context", 1, NULL, 'Z'},
+#endif
{ 0, 0, 0, 0 }
};
#endif
@@ -37,11 +45,14 @@
int flags = 0;
unsigned opt;
char *smode;
+#if ENABLE_SELINUX
+ security_context_t scontext;
+#endif
#if ENABLE_FEATURE_MKDIR_LONG_OPTIONS
applet_long_options = mkdir_long_options;
#endif
- opt = getopt32(argc, argv, "m:p", &smode);
+ opt = getopt32(argc, argv, "m:p" USE_SELINUX("Z:"), &smode USE_SELINUX(,&scontext));
if (opt & 1) {
mode = 0777;
if (!bb_parse_mode(smode, &mode)) {
@@ -50,6 +61,15 @@
}
if (opt & 2)
flags |= FILEUTILS_RECUR;
+#if ENABLE_SELINUX
+ if(opt & 4) {
+ selinux_or_die();
+ if (setfscreatecon(scontext)) {
+ bb_error_msg_and_die ("failed to set default file creation context "
+ "to %s.\n", scontext);
+ }
+ }
+#endif
if (optind == argc) {
bb_show_usage();
Index: coreutils/libcoreutils/getopt_mk_fifo_nod.c
===================================================================
--- coreutils/libcoreutils/getopt_mk_fifo_nod.c (revision 17961)
+++ coreutils/libcoreutils/getopt_mk_fifo_nod.c (working copy)
@@ -30,11 +30,25 @@
{
mode_t mode = 0666;
char *smode = NULL;
-
- getopt32(argc, argv, "m:", &smode);
- if(smode) {
+#if ENABLE_SELINUX
+ security_context_t scontext;
+#endif
+ int opt = 0;
+ opt = getopt32(argc, argv, "m:" USE_SELINUX("Z:"), &smode USE_SELINUX(,&scontext));
+ if(opt & 1) {
if (bb_parse_mode(smode, &mode))
umask(0);
}
+
+#if ENABLE_SELINUX
+ if(opt & 2) {
+ selinux_or_die();
+ if (setfscreatecon(scontext)) {
+ bb_error_msg_and_die ("failed to set default file creation context "
+ "to %s", scontext);
+ }
+ }
+#endif
+
return mode;
}
_______________________________________________
busybox mailing list
busybox@busybox.net
http://busybox.net/cgi-bin/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic