From 447b254923c1e27e0031ae3fc69ce3a1fbc9a4f6 Mon Sep 17 00:00:00 2001
From: Jim Meyering <jim@meyering.net>
Date: Thu, 1 Feb 2007 00:26:07 +0100
Subject: mkfifo, mknod: Accept new "-Z, --context=C" option.

* src/mkfifo.c, src/mknod.c: Include <selinux/selinux.h>.
(main): Honor it.
* src/Makefile.am (mkfifo_LDADD, mknod_LDADD): Use $(LIB_SELINUX).
---
 src/Makefile.am |  2 ++
 src/mkfifo.c    | 18 ++++++++++++++++--
 src/mknod.c     | 18 ++++++++++++++++--
 3 files changed, 34 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/Makefile.am b/src/Makefile.am
index 473b7f7d0..853773038 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -64,6 +64,8 @@ chcon_LDADD = $(LDADD) $(LIB_SELINUX)
 cp_LDADD = $(LDADD) $(LIB_EACCESS) $(LIB_SELINUX)
 ginstall_LDADD = $(LDADD) $(LIB_EACCESS) $(LIB_SELINUX)
 mkdir_LDADD = $(LDADD) $(LIB_SELINUX)
+mkfifo_LDADD = $(LDADD) $(LIB_SELINUX)
+mknod_LDADD = $(LDADD) $(LIB_SELINUX)
 mv_LDADD = $(LDADD) $(LIB_EACCESS) $(LIB_SELINUX)
 pathchk_LDADD = $(LDADD) $(LIB_EACCESS)
 rm_LDADD = $(LDADD) $(LIB_EACCESS)
diff --git a/src/mkfifo.c b/src/mkfifo.c
index bd006c441..8651ba39e 100644
--- a/src/mkfifo.c
+++ b/src/mkfifo.c
@@ -1,5 +1,5 @@
 /* mkfifo -- make fifo's (named pipes)
-   Copyright (C) 90, 91, 1995-2006 Free Software Foundation, Inc.
+   Copyright (C) 90, 91, 1995-2007 Free Software Foundation, Inc.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -21,6 +21,7 @@
 #include <stdio.h>
 #include <getopt.h>
 #include <sys/types.h>
+#include <selinux/selinux.h>
 
 #include "system.h"
 #include "error.h"
@@ -37,6 +38,7 @@ char *program_name;
 
 static struct option const longopts[] =
 {
+  {GETOPT_SELINUX_CONTEXT_OPTION_DECL},
   {"mode", required_argument, NULL, 'm'},
   {GETOPT_HELP_OPTION_DECL},
   {GETOPT_VERSION_OPTION_DECL},
@@ -55,6 +57,9 @@ usage (int status)
       fputs (_("\
 Create named pipes (FIFOs) with the given NAMEs.\n\
 \n\
+"), stdout);
+      fputs (_("\
+  -Z, --context=CTX  set the SELinux security context of each NAME to CTX\n\
 "), stdout);
       fputs (_("\
 Mandatory arguments to long options are mandatory for short options too.\n\
@@ -76,6 +81,7 @@ main (int argc, char **argv)
   char const *specified_mode = NULL;
   int exit_status = EXIT_SUCCESS;
   int optc;
+  security_context_t scontext = NULL;
 
   initialize_main (&argc, &argv);
   program_name = argv[0];
@@ -85,13 +91,16 @@ main (int argc, char **argv)
 
   atexit (close_stdout);
 
-  while ((optc = getopt_long (argc, argv, "m:", longopts, NULL)) != -1)
+  while ((optc = getopt_long (argc, argv, "m:Z:", longopts, NULL)) != -1)
     {
       switch (optc)
 	{
 	case 'm':
 	  specified_mode = optarg;
 	  break;
+	case 'Z':
+	  scontext = optarg;
+	  break;
 	case_GETOPT_HELP_CHAR;
 	case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
 	default:
@@ -105,6 +114,11 @@ main (int argc, char **argv)
       usage (EXIT_FAILURE);
     }
 
+  if (scontext && setfscreatecon (scontext) < 0)
+    error (EXIT_FAILURE, errno,
+	   _("failed to set default file creation context to %s"),
+	   quote (optarg));
+
   newmode = (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
   if (specified_mode)
     {
diff --git a/src/mknod.c b/src/mknod.c
index 955f34507..af1aaec6d 100644
--- a/src/mknod.c
+++ b/src/mknod.c
@@ -1,5 +1,5 @@
 /* mknod -- make special files
-   Copyright (C) 90, 91, 1995-2006 Free Software Foundation, Inc.
+   Copyright (C) 90, 91, 1995-2007 Free Software Foundation, Inc.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -21,6 +21,7 @@
 #include <stdio.h>
 #include <getopt.h>
 #include <sys/types.h>
+#include <selinux/selinux.h>
 
 #include "system.h"
 #include "error.h"
@@ -38,6 +39,7 @@ char *program_name;
 
 static struct option const longopts[] =
 {
+  {GETOPT_SELINUX_CONTEXT_OPTION_DECL},
   {"mode", required_argument, NULL, 'm'},
   {GETOPT_HELP_OPTION_DECL},
   {GETOPT_VERSION_OPTION_DECL},
@@ -57,6 +59,9 @@ usage (int status)
       fputs (_("\
 Create the special file NAME of the given TYPE.\n\
 \n\
+"), stdout);
+      fputs(_("\
+  -Z, --context=CTX  set the SELinux security context of NAME to CTX\n\
 "), stdout);
       fputs (_("\
 Mandatory arguments to long options are mandatory for short options too.\n\
@@ -92,6 +97,7 @@ main (int argc, char **argv)
   int optc;
   int expected_operands;
   mode_t node_type;
+  security_context_t scontext = NULL;
 
   initialize_main (&argc, &argv);
   program_name = argv[0];
@@ -101,13 +107,16 @@ main (int argc, char **argv)
 
   atexit (close_stdout);
 
-  while ((optc = getopt_long (argc, argv, "m:", longopts, NULL)) != -1)
+  while ((optc = getopt_long (argc, argv, "m:Z:", longopts, NULL)) != -1)
     {
       switch (optc)
 	{
 	case 'm':
 	  specified_mode = optarg;
 	  break;
+	case 'Z':
+	  scontext = optarg;
+	  break;
 	case_GETOPT_HELP_CHAR;
 	case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
 	default:
@@ -157,6 +166,11 @@ main (int argc, char **argv)
       usage (EXIT_FAILURE);
     }
 
+  if (scontext && setfscreatecon (scontext) < 0)
+    error (EXIT_FAILURE, errno,
+	   _("failed to set default file creation context to %s"),
+	   quote (optarg));
+
   /* Only check the first character, to allow mnemonic usage like
      `mknod /dev/rst0 character 18 0'. */
 
-- 
cgit v1.2.3-70-g09d2