diff options
| -rw-r--r-- | ChangeLog-selinux | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/ChangeLog-selinux b/ChangeLog-selinux new file mode 100644 index 000000000..cb5f4b398 --- /dev/null +++ b/ChangeLog-selinux @@ -0,0 +1,92 @@ +2007-01-06 Jim Meyering <jim@meyering.net> + + stat: Add support for SELinux in the form of a %C format directive. + * src/stat.c (follow_links): Make this variable file-global. + (out_file_context): New function. + (print_statfs): Honor %C. + (print_stat): Honor %C. + (do_stat): Remove follow_links parameter. + (usage): Document the two %C directives. + (main): Accept -Z (though it's a no-op). + * src/Makefile.am (stat_LDADD): Define. + + ls: Add support for SELinux and a slightly modified -Z option. + I started with the patches from Red Hat. + The entries below tell how the code evolved. + + * src/ls.c (print_long_format, print_file_name_and_frills): When + there is no security context (due to getfilecon/lgetfilecon failing + with e.g. ENOTSUP), print it as "?", not "". + * src/ls.c (print_file_name_and_frills): Make -Z work without -l. + (length_of_file_name_and_frills): Likewise. + + * src/ls.c: Remove the --lcontext and --scontext options. + Change the way -Z, --context work so that it no longer implies -l. + Thus, -Z -l will work like -lcontext and -Z without -l will work + like --scontext. + + Adjust tests to reflect new 'ls -l' syntax -- affects only + systems with SELinux when operating on a file with no ACL. + These tests assumed that everything before the first space on + each line is the 10-byte mode string. But there may also be a "+" + in the 11th column, just before the space. However, note that this + is not new. The same thing would have happened even without the + change below, when listing a file with an ACL. + * tests/chmod/equals, tests/cp/cp-parents, tests/cp/fail-perm: + * tests/cp/link-preserve, tests/install/basic-1, tests/misc/mknod: + * tests/mkdir/parents, tests/mkdir/special-1, tests/mv/partition-perm: + + Don't make compilation depend on USE_ACL. An SELinux security + context counts as an "alternate access control method", so ls + must output a "+" for each file with a security context. + * src/ls.c [struct fileinfo] (have_acl): Declare unconditionally. + (FILE_HAS_ACL): Remove macro definition. Use f->have_acl directly. + (gobble_file): Record whether a file has a security context, and + update the condition used to determine whether to print the "+". + (gobble_file): Call getfilecon/lgetfilecon also when + format == long_format, so that we get the "+". + + * src/ls.c (gobble_file): Add a comment explaining why (with a + security context option) ls doesn't exit nonzero due to e.g., + getfilecon failing with errno == ENOTSUP. + + * src/ls.c (gobble_file): Ignore failure of getfilecon if it's due + to ENOTSUP. + + * src/ls.c (gobble_file): Factor out three small blocks using + getfilecon and lgetfilecon. + Don't ignore return value from getfilecon and lgetfilecon. + + * src/ls.c (print_long_format): Don't use ?: (empty 2nd arg with C + ternary operator). + (print_scontext_format): Likewise. + (print_scontext): Declare to be "bool", not int. Adjust uses. + + * src/Makefile.am (dir_LDADD, ls_LDADD, vdir_LDADD): Add $(LIB_SELINUX). + + * tests/misc/chcon: New file. + * tests/misc/chcon-fail: New file. + * tests/Makefile.am (check-root): Run new, root-only misc/chcon test. + * tests/misc/Makefile.am (TESTS): Add chcon and chcon-fail. + + * tests/misc/Makefile.am (TESTS): Add selinux. + * tests/misc/selinux: New file. + * tests/help-version: Skip chcon. + * man/chcon.x: New file. + * man/Makefile.am: Build chcon.1. + + New program: chcon + * gl/modules/selinux-at: New module. Check for libselinux and set + LIB_SELINUX here, unconditionally, rather than depending on + the configure-time --enable-selinux option. + * gl/modules/selinux-h: New module. + * bootstrap.conf (gnulib_modules): Add selinux-at. + * gl/lib/selinux-at.c, gl/lib/selinux-at.h: New files. + * gl/lib/se-selinux_.h: New file. + * gl/lib/se-context_.h: New file. + * gl/m4/selinux-selinux-h.m4: New file. + * gl/m4/selinux-context-h.m4: New file. + * src/Makefile.am (bin_PROGRAMS): Add chcon. + (chcon_LDADD): Define. + * README: Add chcon to the list of programs. + * src/chcon.c: Rewrite the original (Red Hat) chcon to use fts. |