diff options
| author | Chengwei Yang <chengwei.yang@intel.com> | 2014-01-17 15:46:43 +0000 |
|---|---|---|
| committer | Pádraig Brady <P@draigBrady.com> | 2014-01-17 16:13:18 +0000 |
| commit | 6fab28dce4785a86ea3f6616ecf6036c43337edd (patch) | |
| tree | 3a745ebb32222eefd49a6c1ccb629963d4438e97 /src | |
| parent | 7fa1641db049912f59654153d077953714720ca2 (diff) | |
| download | coreutils-6fab28dce4785a86ea3f6616ecf6036c43337edd.tar.xz | |
doc: clarify SMACK related --help and documentation
* src/ls.c: Remove all mention of SELinux since ls
should treat all security context labels equally.
* doc/coreutils.texi (ls invocation): Likewise.
(id invocation): Clarify that -Z outputs the context
inherited by the process, rather than one specific to a user.
Note for SMACK this can be set instead by the SMACK64EXEC label,
in the unusual case where this is set on the id executable.
* src/id.c (usage): Likewise.
* src/mkdir.c (usage): Clarify that -Z is specific to SELinux,
while --context=CTX is also supported for SMACK.
* src/mkfifo.c (usage): Likewise.
* src/mknod.c (usage): Likewise.
Diffstat (limited to 'src')
| -rw-r--r-- | src/id.c | 2 | ||||
| -rw-r--r-- | src/ls.c | 18 | ||||
| -rw-r--r-- | src/mkdir.c | 3 | ||||
| -rw-r--r-- | src/mkfifo.c | 3 | ||||
| -rw-r--r-- | src/mknod.c | 3 |
5 files changed, 16 insertions, 13 deletions
@@ -89,7 +89,7 @@ or (when USER omitted) for the current user.\n\ stdout); fputs (_("\ -a ignore, for compatibility with other versions\n\ - -Z, --context print only the security context of the current user\n\ + -Z, --context print only the security context of the process\n\ -g, --group print only the effective group ID\n\ -G, --groups print all group IDs\n\ -n, --name print a name instead of a number, for -ugG\n\ @@ -186,7 +186,7 @@ verify (sizeof filetype_letter - 1 == arg_directory + 1); enum acl_type { ACL_T_NONE, - ACL_T_SELINUX_ONLY, + ACL_T_LSM_CONTEXT_ONLY, ACL_T_YES }; @@ -206,7 +206,7 @@ struct fileinfo zero. */ mode_t linkmode; - /* SELinux security context. */ + /* security context. */ security_context_t scontext; bool stat_ok; @@ -216,7 +216,7 @@ struct fileinfo bool linkok; /* For long listings, true if the file has an access control list, - or an SELinux security context. */ + or a security context. */ enum acl_type acl_type; /* For color listings, true if a regular file has capability info. */ @@ -2804,8 +2804,8 @@ errno_unsupported (int err) } /* Cache *getfilecon failure, when it's trivial to do so. - Like getfilecon/lgetfilecon, but when F's st_dev says it's on a known- - SELinux-challenged file system, fail with ENOTSUP immediately. */ + Like getfilecon/lgetfilecon, but when F's st_dev says it's doesn't + support getting the security context, fail with ENOTSUP immediately. */ static int getfilecon_cache (char const *file, struct fileinfo *f, bool deref) { @@ -3052,7 +3052,7 @@ gobble_file (char const *name, enum filetype type, ino_t inode, f->acl_type = (!have_scontext && !have_acl ? ACL_T_NONE : (have_scontext && !have_acl - ? ACL_T_SELINUX_ONLY + ? ACL_T_LSM_CONTEXT_ONLY : ACL_T_YES)); any_has_acl |= f->acl_type != ACL_T_NONE; @@ -3799,7 +3799,7 @@ print_long_format (const struct fileinfo *f) struct tm *when_local; /* Compute the mode string, except remove the trailing space if no - file in this directory has an ACL or SELinux security context. */ + file in this directory has an ACL or security context. */ if (f->stat_ok) filemodestring (&f->stat, modebuf); else @@ -3810,7 +3810,7 @@ print_long_format (const struct fileinfo *f) } if (! any_has_acl) modebuf[10] = '\0'; - else if (f->acl_type == ACL_T_SELINUX_ONLY) + else if (f->acl_type == ACL_T_LSM_CONTEXT_ONLY) modebuf[10] = '.'; else if (f->acl_type == ACL_T_YES) modebuf[10] = '+'; @@ -4886,7 +4886,7 @@ Sort entries alphabetically if none of -cftuvSUX nor --sort is specified.\n\ -w, --width=COLS assume screen width instead of current value\n\ -x list entries by lines instead of by columns\n\ -X sort alphabetically by entry extension\n\ - -Z, --context print any SELinux security context of each file\n\ + -Z, --context print any security context of each file\n\ -1 list one file per line\n\ "), stdout); fputs (HELP_OPTION_DESCRIPTION, stdout); diff --git a/src/mkdir.c b/src/mkdir.c index c904d4f27..a6f6c24a6 100644 --- a/src/mkdir.c +++ b/src/mkdir.c @@ -67,7 +67,8 @@ Create the DIRECTORY(ies), if they do not already exist.\n\ -p, --parents no error if existing, make parent directories as needed\n\ -v, --verbose print a message for each created directory\n\ -Z, --context[=CTX] set the SELinux security context of each created\n\ - directory to default type or to CTX if specified\n\ + directory to default type or set the SELinux or\n\ + SMACK security context to CTX if specified\n\ "), stdout); fputs (HELP_OPTION_DESCRIPTION, stdout); fputs (VERSION_OPTION_DESCRIPTION, stdout); diff --git a/src/mkfifo.c b/src/mkfifo.c index f9c6af611..cf970593b 100644 --- a/src/mkfifo.c +++ b/src/mkfifo.c @@ -62,7 +62,8 @@ Create named pipes (FIFOs) with the given NAMEs.\n\ "), stdout); fputs (_("\ -Z, --context[=CTX] set the SELinux security context of each NAME to\n\ - default type, or CTX if specified\n\ + default type, or set the SELinux or SMACK\n\ + security context to CTX if specified\n\ "), stdout); fputs (HELP_OPTION_DESCRIPTION, stdout); fputs (VERSION_OPTION_DESCRIPTION, stdout); diff --git a/src/mknod.c b/src/mknod.c index c6ea1ea19..dfb9ef4fc 100644 --- a/src/mknod.c +++ b/src/mknod.c @@ -64,7 +64,8 @@ Create the special file NAME of the given TYPE.\n\ "), stdout); fputs (_("\ -Z, --context[=CTX] set the SELinux security context of NAME to\n\ - default type, or to CTX if specified\n\ + default type, or set the SELinux or SMACK\n\ + security context to CTX if specified\n\ "), stdout); fputs (HELP_OPTION_DESCRIPTION, stdout); fputs (VERSION_OPTION_DESCRIPTION, stdout); |