diff options
| -rw-r--r-- | ChangeLog-selinux | 5 | ||||
| -rw-r--r-- | src/Makefile.am | 2 | ||||
| -rw-r--r-- | src/mkfifo.c | 18 | ||||
| -rw-r--r-- | src/mknod.c | 18 |
4 files changed, 39 insertions, 4 deletions
diff --git a/ChangeLog-selinux b/ChangeLog-selinux index 7860f9b92..7a27296d4 100644 --- a/ChangeLog-selinux +++ b/ChangeLog-selinux @@ -1,5 +1,10 @@ 2007-01-31 Jim Meyering <jim@meyering.net> + mkfifo, mknod: Accept new "-Z, --context=C" option. + * src/mkfifo.c, src/mknod.c: Include <selinux/selinux.h>. + (main): Honor it. + * src/Makefile.am (mkfifo_LDADD, mknod_LDADD): Use $(LIB_SELINUX). + mkdir: Accept new "-Z, --context=C" option. * src/mkdir.c: Include <selinux/selinux.h>. (main): Honor it. diff --git a/src/Makefile.am b/src/Makefile.am index 473b7f7d0..853773038 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -64,6 +64,8 @@ chcon_LDADD = $(LDADD) $(LIB_SELINUX) cp_LDADD = $(LDADD) $(LIB_EACCESS) $(LIB_SELINUX) ginstall_LDADD = $(LDADD) $(LIB_EACCESS) $(LIB_SELINUX) mkdir_LDADD = $(LDADD) $(LIB_SELINUX) +mkfifo_LDADD = $(LDADD) $(LIB_SELINUX) +mknod_LDADD = $(LDADD) $(LIB_SELINUX) mv_LDADD = $(LDADD) $(LIB_EACCESS) $(LIB_SELINUX) pathchk_LDADD = $(LDADD) $(LIB_EACCESS) rm_LDADD = $(LDADD) $(LIB_EACCESS) diff --git a/src/mkfifo.c b/src/mkfifo.c index bd006c441..8651ba39e 100644 --- a/src/mkfifo.c +++ b/src/mkfifo.c @@ -1,5 +1,5 @@ /* mkfifo -- make fifo's (named pipes) - Copyright (C) 90, 91, 1995-2006 Free Software Foundation, Inc. + Copyright (C) 90, 91, 1995-2007 Free Software Foundation, Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -21,6 +21,7 @@ #include <stdio.h> #include <getopt.h> #include <sys/types.h> +#include <selinux/selinux.h> #include "system.h" #include "error.h" @@ -37,6 +38,7 @@ char *program_name; static struct option const longopts[] = { + {GETOPT_SELINUX_CONTEXT_OPTION_DECL}, {"mode", required_argument, NULL, 'm'}, {GETOPT_HELP_OPTION_DECL}, {GETOPT_VERSION_OPTION_DECL}, @@ -57,6 +59,9 @@ Create named pipes (FIFOs) with the given NAMEs.\n\ \n\ "), stdout); fputs (_("\ + -Z, --context=CTX set the SELinux security context of each NAME to CTX\n\ +"), stdout); + fputs (_("\ Mandatory arguments to long options are mandatory for short options too.\n\ "), stdout); fputs (_("\ @@ -76,6 +81,7 @@ main (int argc, char **argv) char const *specified_mode = NULL; int exit_status = EXIT_SUCCESS; int optc; + security_context_t scontext = NULL; initialize_main (&argc, &argv); program_name = argv[0]; @@ -85,13 +91,16 @@ main (int argc, char **argv) atexit (close_stdout); - while ((optc = getopt_long (argc, argv, "m:", longopts, NULL)) != -1) + while ((optc = getopt_long (argc, argv, "m:Z:", longopts, NULL)) != -1) { switch (optc) { case 'm': specified_mode = optarg; break; + case 'Z': + scontext = optarg; + break; case_GETOPT_HELP_CHAR; case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS); default: @@ -105,6 +114,11 @@ main (int argc, char **argv) usage (EXIT_FAILURE); } + if (scontext && setfscreatecon (scontext) < 0) + error (EXIT_FAILURE, errno, + _("failed to set default file creation context to %s"), + quote (optarg)); + newmode = (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH); if (specified_mode) { diff --git a/src/mknod.c b/src/mknod.c index 955f34507..af1aaec6d 100644 --- a/src/mknod.c +++ b/src/mknod.c @@ -1,5 +1,5 @@ /* mknod -- make special files - Copyright (C) 90, 91, 1995-2006 Free Software Foundation, Inc. + Copyright (C) 90, 91, 1995-2007 Free Software Foundation, Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -21,6 +21,7 @@ #include <stdio.h> #include <getopt.h> #include <sys/types.h> +#include <selinux/selinux.h> #include "system.h" #include "error.h" @@ -38,6 +39,7 @@ char *program_name; static struct option const longopts[] = { + {GETOPT_SELINUX_CONTEXT_OPTION_DECL}, {"mode", required_argument, NULL, 'm'}, {GETOPT_HELP_OPTION_DECL}, {GETOPT_VERSION_OPTION_DECL}, @@ -58,6 +60,9 @@ usage (int status) Create the special file NAME of the given TYPE.\n\ \n\ "), stdout); + fputs(_("\ + -Z, --context=CTX set the SELinux security context of NAME to CTX\n\ +"), stdout); fputs (_("\ Mandatory arguments to long options are mandatory for short options too.\n\ "), stdout); @@ -92,6 +97,7 @@ main (int argc, char **argv) int optc; int expected_operands; mode_t node_type; + security_context_t scontext = NULL; initialize_main (&argc, &argv); program_name = argv[0]; @@ -101,13 +107,16 @@ main (int argc, char **argv) atexit (close_stdout); - while ((optc = getopt_long (argc, argv, "m:", longopts, NULL)) != -1) + while ((optc = getopt_long (argc, argv, "m:Z:", longopts, NULL)) != -1) { switch (optc) { case 'm': specified_mode = optarg; break; + case 'Z': + scontext = optarg; + break; case_GETOPT_HELP_CHAR; case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS); default: @@ -157,6 +166,11 @@ main (int argc, char **argv) usage (EXIT_FAILURE); } + if (scontext && setfscreatecon (scontext) < 0) + error (EXIT_FAILURE, errno, + _("failed to set default file creation context to %s"), + quote (optarg)); + /* Only check the first character, to allow mnemonic usage like `mknod /dev/rst0 character 18 0'. */ |