rpms/findutils/devel findutils-selinux.patch, 1.11, 1.12 findutils.spec, 1.42, 1.43
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Jan 30 21:28:13 UTC 2006
Author: mitr
Update of /cvs/dist/rpms/findutils/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv20972
Modified Files:
findutils-selinux.patch findutils.spec
Log Message:
* Mon Jan 30 2006 Miloslav Trmac <mitr at redhat.com> - 1:4.2.27-3
- Updated SELinux patch, --context is no longer valid (use -context)
findutils-selinux.patch:
configure.in | 10 +++++
doc/find.texi | 11 ++++++
find/Makefile.am | 2 -
find/defs.h | 14 +++++++
find/find.1 | 4 ++
find/find.c | 98 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-
find/parser.c | 49 ++++++++++++++++++++++++++-
find/pred.c | 55 ++++++++++++++++++++++++++++++
find/util.c | 3 +
9 files changed, 242 insertions(+), 4 deletions(-)
Index: findutils-selinux.patch
===================================================================
RCS file: /cvs/dist/rpms/findutils/devel/findutils-selinux.patch,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- findutils-selinux.patch 12 Jan 2006 06:53:05 -0000 1.11
+++ findutils-selinux.patch 30 Jan 2006 21:28:09 -0000 1.12
@@ -1,107 +1,61 @@
---- findutils-4.2.27/find/parser.c.selinux 2005-12-04 03:07:52.000000000 +0100
-+++ findutils-4.2.27/find/parser.c 2006-01-12 07:36:36.000000000 +0100
-@@ -47,6 +47,10 @@
- /* We need <unistd.h> for isatty(). */
- #include <unistd.h>
-
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h>
-+#endif /*WITH_SELINUX*/
-+
- #if ENABLE_NLS
- # include <libintl.h>
- # define _(Text) gettext (Text)
-@@ -147,6 +151,9 @@
- static boolean parse_warn PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
- static boolean parse_xtype PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
- static boolean parse_quit PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
-+#ifdef WITH_SELINUX
-+static boolean parse_scontext PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
-+#endif /*WITH_SELINUX*/
-
-
-
-@@ -298,6 +305,8 @@
- {ARG_TEST, "-help", parse_help, NULL}, /* GNU */
- {ARG_TEST, "version", parse_version, NULL}, /* GNU */
- {ARG_TEST, "-version", parse_version, NULL}, /* GNU */
-+ {ARG_TEST, "context", parse_scontext, pred_scontext}, /* SELinux */
-+ {ARG_TEST, "-context", parse_scontext, pred_scontext}, /* SELinux */
- {0, 0, 0, 0}
- };
-
-@@ -803,6 +812,10 @@
- -nouser -nogroup -path PATTERN -perm [+-]MODE -regex PATTERN\n\
- -wholename PATTERN -size N[bcwkMG] -true -type [bcdpflsD] -uid N\n\
- -used N -user NAME -xtype [bcdpfls]\n"));
-+#ifdef WITH_SELINUX
-+ puts (_("\
-+ -context CONTEXT\n"));
-+#endif /*WITH_SELINUX*/
- puts (_("\
- actions: -delete -print0 -printf FORMAT -fprintf FILE FORMAT -print \n\
- -fprint0 FILE -fprint FILE -ls -fls FILE -prune -quit\n\
-@@ -1727,6 +1740,29 @@
- exit (0);
- }
-
-+#ifdef WITH_SELINUX
-+
-+static boolean
-+parse_scontext ( const struct parser_table* entry, char **argv, int *arg_ptr)
-+{
-+ struct predicate *our_pred;
-+
-+ if ( (argv == NULL) || (argv[*arg_ptr] == NULL) )
-+ return( false );
-+
-+ our_pred = insert_primary(entry);
-+ our_pred->need_stat = false;
-+#ifdef DEBUG
-+ our_pred->p_name = find_pred_name (pred_scontext);
-+#endif /*DEBUG*/
-+ our_pred->args.scontext = argv[*arg_ptr];;
-+
-+ (*arg_ptr)++;
-+ return( true );
-+}
-+
-+#endif /*WITH_SELINUX*/
-+
- static boolean
- parse_xdev (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
-@@ -1964,7 +2000,11 @@
- if (*scan2 == '.')
- for (scan2++; ISDIGIT (*scan2); scan2++)
- /* Do nothing. */ ;
-+#ifdef WITH_SELINUX
-+ if (strchr ("abcdDfFgGhHiklmMnpPstuUyYZ", *scan2))
-+#else /* WITH_SELINUX */
- if (strchr ("abcdDfFgGhHiklmMnpPstuUyY", *scan2))
-+#endif /* WITH_SELINUX */
- {
- segmentp = make_segment (segmentp, format, scan2 - format,
- (int) *scan2);
-@@ -2046,6 +2086,9 @@
- case 'H': /* ARGV element file was found under */
- case 'p': /* pathname */
- case 'P': /* pathname with ARGV element stripped */
-+#ifdef WITH_SELINUX
-+ case 'Z': /* SELinux security context */
-+#endif /* WITH_SELINUX */
- *fmt++ = 's';
- break;
-
---- findutils-4.2.27/find/defs.h.selinux 2005-09-04 19:59:34.000000000 +0200
-+++ findutils-4.2.27/find/defs.h 2006-01-12 07:36:19.000000000 +0100
+diff -ur --exclude '*.o' --exclude '*~' --exclude '*.selinux' findutils-4.2.27/configure.in findutils/configure.in
+--- findutils-4.2.27/configure.in 2005-12-06 07:53:12.000000000 +0100
++++ findutils/configure.in 2006-01-30 21:10:04.000000000 +0100
+@@ -95,6 +95,16 @@
+ AC_CHECK_FUNC(getpwnam, [],
+ [AC_CHECK_LIB(sun, getpwnam)])
+
++AC_ARG_WITH([selinux],
++ AS_HELP_STRING([--without-selinux], [disable SELinux support]),
++ [:],
++[AC_CHECK_LIB([selinux], [is_selinux_enabled],
++ [with_selinux=yes], [with_selinux=no])])
++if test x$with_selinux != xno; then
++ AC_DEFINE([WITH_SELINUX], [1], [Define to support SELinux])
++ AC_SUBST([LIBSELINUX], [-lselinux])
++fi
++
+ dnl Checks for header files.
+ AC_HEADER_STDC
+ dnl Assume unistd.h is present - coreutils does too.
+diff -ur --exclude '*.o' --exclude '*~' --exclude '*.selinux' findutils-4.2.27/doc/find.texi findutils/doc/find.texi
+--- findutils-4.2.27/doc/find.texi 2005-12-05 08:35:33.000000000 +0100
++++ findutils/doc/find.texi 2006-01-30 21:20:10.000000000 +0100
+@@ -1091,6 +1091,14 @@
+
+ @end deffn
+
++ at deffn Test -context pattern
++True if file's SELinux context matches the pattern @var{pattern}.
++The pattern uses shell glob matching.
++
++This predicate is supported only on @code{find} versions compiled with
++SELinux support and only when SELinux is enabled.
++ at end deffn
++
+ @node Contents
+ @section Contents
+
+@@ -1610,6 +1618,9 @@
+ file is a sparse file (that is, it has ``holes'').
+ @item %s
+ File's size in bytes.
++ at item %Z
++File's SELinux context, or empty string if the file has no SELinux context
++or this version of find does not support SELinux.
+ @end table
+
+ @node Location Directives
+diff -ur --exclude '*.o' --exclude '*~' --exclude '*.selinux' findutils-4.2.27/find/defs.h findutils/find/defs.h
+--- findutils-4.2.27/find/defs.h 2005-09-04 19:59:34.000000000 +0200
++++ findutils/find/defs.h 2006-01-30 21:15:38.000000000 +0100
@@ -131,6 +131,10 @@
#define MODE_RWX (S_IXUSR | S_IXGRP | S_IXOTH | MODE_RW)
#define MODE_ALL (S_ISUID | S_ISGID | S_ISVTX | MODE_RWX)
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
-+#endif /*WITH_SELINUX*/
++#endif
+
#if 1
#include <stdbool.h>
@@ -112,7 +66,7 @@
FILE *stream; /* ls fls fprint0 */
+#ifdef WITH_SELINUX
+ security_context_t scontext; /* scontext */
-+#endif /*WITH_SELINUX*/
++#endif
struct format_val printf_vec; /* printf fprintf fprint */
} args;
@@ -121,8 +75,8 @@
boolean pred_user PARAMS((char *pathname, struct stat *stat_buf, struct predicate *pred_ptr));
boolean pred_xtype PARAMS((char *pathname, struct stat *stat_buf, struct predicate *pred_ptr));
+#ifdef WITH_SELINUX
-+boolean pred_scontext PARAMS((char *pathname, struct stat *stat_buf, struct predicate *pred_ptr));
-+#endif /* WITH_SELINUX */
++boolean pred_context PARAMS((char *pathname, struct stat *stat_buf, struct predicate *pred_ptr));
++#endif
@@ -133,58 +87,24 @@
+
+#ifdef WITH_SELINUX
+ int (*x_getfilecon) ();
-+#endif /* WITH_SELINUX */
++#endif
};
extern struct options options;
---- findutils-4.2.27/find/Makefile.am.selinux 2005-07-03 18:07:08.000000000 +0200
-+++ findutils-4.2.27/find/Makefile.am 2006-01-12 07:36:19.000000000 +0100
-@@ -5,8 +5,9 @@
- # regexprops_SOURCES = regexprops.c
- find_SOURCES = find.c fstype.c parser.c pred.c tree.c util.c version.c
- EXTRA_DIST = defs.h $(man_MANS)
-+DEFS = @DEFS@ -I. -I$(srcdir) -I.. -DWITH_SELINUX
- INCLUDES = -I../gnulib/lib -I$(top_srcdir)/lib -I$(top_srcdir)/gnulib/lib -I../intl -DLOCALEDIR=\"$(localedir)\"
--LDADD = ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@
-+LDADD = ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@ -lselinux
- man_MANS = find.1
- SUBDIRS = testsuite
-
---- findutils-4.2.27/find/find.1.selinux 2005-12-05 18:05:02.000000000 +0100
-+++ findutils-4.2.27/find/find.1 2006-01-12 07:36:19.000000000 +0100
-@@ -483,6 +483,9 @@
- link to a file of type \fIc\fR; if the \-L option has been given, true
- if \fIc\fR is `l'. In other words, for symbolic links, \-xtype checks
- the type of the file that \-type does not check.
-+.IP "\-context \fIscontext\fR"
-+.IP "\--context \fIscontext\fR"
-+(SELinux only) File has the security context \fIscontext\fR.
-
- .SS ACTIONS
- .IP "\-delete\fR"
-@@ -785,6 +788,8 @@
- File's type (like in ls \-l), U=unknown type (shouldn't happen)
- .IP %Y
- File's type (like %y), plus follow symlinks: L=loop, N=nonexistent
-+.IP %Z
-+(SELinux only) file's security context.
- .PP
- A `%' character followed by any other character is discarded (but the
- other character is printed).
---- findutils-4.2.27/find/find.c.selinux 2005-11-11 08:41:37.000000000 +0100
-+++ findutils-4.2.27/find/find.c 2006-01-12 07:36:19.000000000 +0100
-@@ -244,6 +244,93 @@
- {
+diff -ur --exclude '*.o' --exclude '*~' --exclude '*.selinux' findutils-4.2.27/find/find.c findutils/find/find.c
+--- findutils-4.2.27/find/find.c 2005-11-11 08:41:37.000000000 +0100
++++ findutils/find/find.c 2006-01-30 21:15:21.000000000 +0100
+@@ -245,6 +245,93 @@
return lstat(name, p);
}
+
+#ifdef WITH_SELINUX
-+
+static int
+fallback_getfilecon(const char *name, security_context_t *p, int prev_rv)
+{
+ /* Our original getfilecon() call failed. Perhaps we can't follow a
-+ * symbolic link. If that might be the problem, lgetfilecon() the link.
-+ * Otherwise, admit defeat.
++ * symbolic link. If that might be the problem, lgetfilecon() the link.
++ * Otherwise, admit defeat.
+ */
+ switch (errno)
+ {
@@ -210,7 +130,7 @@
+
+/* optionh_getfilecon() implements the getfilecon operation when the
+ * -H option is in effect.
-+ *
++ *
+ * If the item to be examined is a command-line argument, we follow
+ * symbolic links. If the getfilecon() call fails on the command-line
+ * item, we fall back on the properties of the symbolic link.
@@ -218,13 +138,13 @@
+ * If the item to be examined is not a command-line argument, we
+ * examine the link itself.
+ */
-+int
++int
+optionh_getfilecon(const char *name, security_context_t *p)
+{
-+ if (0 == state.curdepth)
++ if (0 == state.curdepth)
+ {
+ /* This file is from the command line; deference the link (if it
-+ * is a link).
++ * is a link).
+ */
+ int rv = getfilecon(name, p);
+ if (0 == rv)
@@ -244,7 +164,7 @@
+ * -L option is in effect. That option makes us examine the thing the
+ * symbolic link points to, not the symbolic link itself.
+ */
-+int
++int
+optionl_getfilecon(const char *name, security_context_t *p)
+{
+ int rv = getfilecon(name, p);
@@ -258,22 +178,23 @@
+ * option is in effect (this is also the default). That option makes
+ * us examine the symbolic link itself, not the thing it points to.
+ */
-+int
++int
+optionp_getfilecon(const char *name, security_context_t *p)
+{
+ return lgetfilecon(name, p);
+}
+#endif /* WITH_SELINUX */
-
++
#ifdef DEBUG_STAT
static uintmax_t stat_count = 0u;
+
@@ -272,11 +359,17 @@
{
case SYMLINK_ALWAYS_DEREF: /* -L */
options.xstat = optionl_stat;
+#ifdef WITH_SELINUX
+ options.x_getfilecon = optionl_getfilecon;
-+#endif /* WITH_SELINUX */
++#endif
options.no_leaf_check = true;
break;
@@ -281,7 +202,7 @@
options.xstat = optionp_stat;
+#ifdef WITH_SELINUX
+ options.x_getfilecon = optionp_getfilecon;
-+#endif /* WITH_SELINUX */
++#endif
/* Can't turn no_leaf_check off because the user might have specified
* -noleaf anyway
*/
@@ -291,36 +212,11 @@
options.xstat = optionh_stat;
+#ifdef WITH_SELINUX
+ options.x_getfilecon = optionh_getfilecon;
-+#endif /* WITH_SELINUX */
++#endif
options.no_leaf_check = true;
}
-@@ -389,6 +485,9 @@
- int
- main (int argc, char **argv)
- {
-+#ifdef WITH_SELINUX
-+ int is_selinux_enabled_flag = is_selinux_enabled()>0;
-+#endif /* WITH_SELINUX */
- int i;
- const struct parser_table *entry_close, *entry_print, *entry_open;
- const struct parser_table *parse_entry; /* Pointer to the parsing table entry for this expression. */
-@@ -538,6 +637,14 @@
- if (strchr ("-!(),", argv[i][0]) == NULL)
- usage (_("paths must precede expression"));
- predicate_name = argv[i];
-+#ifdef WITH_SELINUX
-+ if (! is_selinux_enabled_flag) {
-+ if ((strncmp(predicate_name,"-context",strlen("-context"))==0) ||
-+ (strncmp(predicate_name,"--context",strlen("--context"))==0)) {
-+ error (1, 0,_("Error: invalid predicate %s: the kernel is not selinux-enabled.\n"),predicate_name);
-+ }
-+ }
-+#endif
- parse_entry = find_parser (predicate_name);
- if (parse_entry == NULL)
- {
-@@ -1807,7 +1914,7 @@
+@@ -1807,7 +1903,7 @@
static void
process_dir (char *pathname, char *name, int pathlen, struct stat *statp, char *parent)
{
@@ -329,21 +225,152 @@
boolean subdirs_unreliable; /* if true, cannot use dir link count as subdir limif (if false, it may STILL be unreliable) */
int idx; /* Which entry are we on? */
struct stat stat_buf;
---- findutils-4.2.27/find/util.c.selinux 2005-07-01 23:45:18.000000000 +0200
-+++ findutils-4.2.27/find/util.c 2006-01-12 07:36:19.000000000 +0100
-@@ -78,6 +78,9 @@
- last_pred->need_stat = true;
- last_pred->need_type = true;
- last_pred->args.str = NULL;
+diff -ur --exclude '*.o' --exclude '*~' --exclude '*.selinux' findutils-4.2.27/find/find.1 findutils/find/find.1
+--- findutils-4.2.27/find/find.1 2005-12-05 18:05:02.000000000 +0100
++++ findutils/find/find.1 2006-01-30 21:46:01.000000000 +0100
+@@ -483,6 +483,8 @@
+ link to a file of type \fIc\fR; if the \-L option has been given, true
+ if \fIc\fR is `l'. In other words, for symbolic links, \-xtype checks
+ the type of the file that \-type does not check.
++.IP "\-context \fIpattern\fR"
++(SELinux only) Security context of the file matches glob \fIpattern\fR.
+
+ .SS ACTIONS
+ .IP "\-delete\fR"
+@@ -785,6 +787,8 @@
+ File's type (like in ls \-l), U=unknown type (shouldn't happen)
+ .IP %Y
+ File's type (like %y), plus follow symlinks: L=loop, N=nonexistent
++.IP %Z
++(SELinux only) file's security context.
+ .PP
+ A `%' character followed by any other character is discarded (but the
+ other character is printed).
+diff -ur --exclude '*.o' --exclude '*~' --exclude '*.selinux' findutils-4.2.27/find/Makefile.am findutils/find/Makefile.am
+--- findutils-4.2.27/find/Makefile.am 2005-07-03 18:07:08.000000000 +0200
++++ findutils/find/Makefile.am 2006-01-30 21:46:39.000000000 +0100
+@@ -6,7 +6,7 @@
+ find_SOURCES = find.c fstype.c parser.c pred.c tree.c util.c version.c
+ EXTRA_DIST = defs.h $(man_MANS)
+ INCLUDES = -I../gnulib/lib -I$(top_srcdir)/lib -I$(top_srcdir)/gnulib/lib -I../intl -DLOCALEDIR=\"$(localedir)\"
+-LDADD = ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@
++LDADD = ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@ @LIBSELINUX@
+ man_MANS = find.1
+ SUBDIRS = testsuite
+
+diff -ur --exclude '*.o' --exclude '*~' --exclude '*.selinux' findutils-4.2.27/find/parser.c findutils/find/parser.c
+--- findutils-4.2.27/find/parser.c 2005-12-04 03:07:52.000000000 +0100
++++ findutils/find/parser.c 2006-01-30 21:14:46.000000000 +0100
+@@ -47,6 +47,10 @@
+ /* We need <unistd.h> for isatty(). */
+ #include <unistd.h>
+
+#ifdef WITH_SELINUX
-+ last_pred->args.scontext = NULL;
++#include <selinux/selinux.h>
+#endif
- last_pred->pred_next = NULL;
- last_pred->pred_left = NULL;
- last_pred->pred_right = NULL;
---- findutils-4.2.27/find/pred.c.selinux 2005-11-30 07:17:15.000000000 +0100
-+++ findutils-4.2.27/find/pred.c 2006-01-12 07:36:28.000000000 +0100
-@@ -38,6 +38,14 @@
++
+ #if ENABLE_NLS
+ # include <libintl.h>
+ # define _(Text) gettext (Text)
+@@ -147,6 +151,9 @@
+ static boolean parse_warn PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
+ static boolean parse_xtype PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
+ static boolean parse_quit PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
++#ifdef WITH_SELINUX
++static boolean parse_context PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
++#endif
+
+
+
+@@ -217,6 +224,9 @@
+ PARSE_TEST ("cmin", cmin), /* GNU */
+ PARSE_TEST ("cnewer", cnewer), /* GNU */
+ PARSE_TEST ("ctime", ctime),
++#ifdef WITH_SELINUX
++ PARSE_TEST ("context", context), /* GNU */
++#endif
+ PARSE_POSOPT ("daystart", daystart), /* GNU */
+ PARSE_ACTION ("delete", delete), /* GNU, Mac OS, FreeBSD */
+ PARSE_OPTION ("d", d), /* Mac OS X, FreeBSD, NetBSD, OpenBSD, but deprecated in favour of -depth */
+@@ -802,8 +812,12 @@
+ puts (_("\
+ -nouser -nogroup -path PATTERN -perm [+-]MODE -regex PATTERN\n\
+ -wholename PATTERN -size N[bcwkMG] -true -type [bcdpflsD] -uid N\n\
+- -used N -user NAME -xtype [bcdpfls]\n"));
++ -used N -user NAME -xtype [bcdpfls]"));
++#ifdef WITH_SELINUX
+ puts (_("\
++ -context CONTEXT\n"));
++#endif
++ puts (_("\n\
+ actions: -delete -print0 -printf FORMAT -fprintf FILE FORMAT -print \n\
+ -fprint0 FILE -fprint FILE -ls -fls FILE -prune -quit\n\
+ -exec COMMAND ; -exec COMMAND {} + -ok COMMAND ;\n\
+@@ -1716,6 +1730,10 @@
+ printf("LEAF_OPTIMISATION ");
+ ++features;
+ #endif
++#if defined(WITH_SELINUX)
++ printf("SELINUX ");
++ ++features;
++#endif
+ if (0 == features)
+ {
+ /* For the moment, leave this as English in case someone wants
+@@ -1727,6 +1745,32 @@
+ exit (0);
+ }
+
++#ifdef WITH_SELINUX
++static boolean
++parse_context (const struct parser_table* entry, char **argv, int *arg_ptr)
++{
++ struct predicate *our_pred;
++
++ if ((argv == NULL) || (argv[*arg_ptr] == NULL))
++ return false;
++
++ if (is_selinux_enabled() <= 0)
++ {
++ error (1, 0, _("invalid predicate -context: SELinux is not enabled."));
++ return false;
++ }
++ our_pred = insert_primary (entry);
++ our_pred->need_stat = false;
++#ifdef DEBUG
++ our_pred->p_name = find_pred_name (pred_context);
++#endif /*DEBUG*/
++ our_pred->args.scontext = argv[*arg_ptr];
++
++ (*arg_ptr)++;
++ return true;
++}
++#endif /* WITH_SELINUX */
++
+ static boolean
+ parse_xdev (const struct parser_table* entry, char **argv, int *arg_ptr)
+ {
+@@ -1964,7 +2008,7 @@
+ if (*scan2 == '.')
+ for (scan2++; ISDIGIT (*scan2); scan2++)
+ /* Do nothing. */ ;
+- if (strchr ("abcdDfFgGhHiklmMnpPstuUyY", *scan2))
++ if (strchr ("abcdDfFgGhHiklmMnpPstuUyYZ", *scan2))
+ {
+ segmentp = make_segment (segmentp, format, scan2 - format,
+ (int) *scan2);
+@@ -2046,6 +2090,7 @@
+ case 'H': /* ARGV element file was found under */
+ case 'p': /* pathname */
+ case 'P': /* pathname with ARGV element stripped */
++ case 'Z': /* SELinux security context */
+ *fmt++ = 's';
+ break;
+
+diff -ur --exclude '*.o' --exclude '*~' --exclude '*.selinux' findutils-4.2.27/find/pred.c findutils/find/pred.c
+--- findutils-4.2.27/find/pred.c 2005-11-30 07:17:15.000000000 +0100
++++ findutils/find/pred.c 2006-01-30 21:13:18.000000000 +0100
+@@ -38,6 +38,10 @@
#include "buildcmd.h"
#include "yesno.h"
@@ -351,58 +378,48 @@
+#include <selinux/selinux.h>
+#endif /*WITH_SELINUX*/
+
-+#ifndef FNM_CASEFOLD
-+#define FNM_CASEFOLD (1<<4)
-+#endif /*FNM_CASEFOLD*/
-+
#if ENABLE_NLS
# include <libintl.h>
# define _(Text) gettext (Text)
-@@ -83,7 +91,6 @@
-
-
-
--
- /* Get or fake the disk device blocksize.
- Usually defined by sys/param.h (if at all). */
- #ifndef DEV_BSIZE
-@@ -215,6 +222,9 @@
+@@ -215,6 +219,9 @@
{pred_used, "used "},
{pred_user, "user "},
{pred_xtype, "xtype "},
+#ifdef WITH_SELINUX
-+ {pred_scontext, "context"},
++ {pred_context, "context"},
+#endif /*WITH_SELINUX*/
{0, "none "}
};
-@@ -903,6 +913,25 @@
+@@ -903,6 +910,27 @@
mode_to_filetype(stat_buf->st_mode & S_IFMT));
}
break;
++ case 'Z': /* SELinux security context */
+#ifdef WITH_SELINUX
-+ case 'Z': /* SELinux security context */
-+ {
-+ security_context_t scontext;
-+ int rv;
-+ rv = (*options.x_getfilecon)(state.rel_pathname, &scontext);
-+
-+ if ( rv < 0 ) {
-+ (void) fprintf(stderr, "getfileconf(%s): %s",
-+ pathname, strerror(errno));
-+ (void) fflush(stderr);
-+ }
-+ else {
-+ (void) fprintf (fp, segment->text, scontext);
-+ freecon(scontext);
-+ }
-+ }
-+ break ;
++ {
++ security_context_t scontext;
++ int rv;
++ rv = (*options.x_getfilecon) (state.rel_pathname, &scontext);
++
++ if (rv < 0)
++ {
++ fprintf (stderr, "getfilecon(%s): %s", pathname,
++ strerror(errno));
++ fflush (stderr);
++ }
++ else
++ {
++ fprintf (fp, segment->text, scontext);
++ freecon (scontext);
++ }
++ }
+#endif /* WITH_SELINUX */
++ break;
}
}
return true;
-@@ -1493,6 +1522,34 @@
+@@ -1493,6 +1521,33 @@
*/
return (pred_type (pathname, &sbuf, pred_ptr));
}
@@ -411,24 +428,23 @@
+#ifdef WITH_SELINUX
+
+boolean
-+pred_scontext ( pathname, stat_buf, pred_ptr )
-+ char *pathname;
-+ struct stat *stat_buf;
-+ struct predicate *pred_ptr;
++pred_context (char *pathname, struct stat *stat_buf,
++ struct predicate *pred_ptr)
+{
+ int rv;
+ security_context_t scontext;
+
-+ rv = (* options.x_getfilecon)(state.rel_pathname, &scontext);
++ rv = (*options.x_getfilecon) (state.rel_pathname, &scontext);
+
-+ if ( rv < 0 ) {
-+ (void) fprintf(stderr, "getfilecon(%s): %s\n", pathname, strerror(errno));
-+ (void) fflush(stderr);
-+ return ( false );
-+ }
++ if (rv < 0)
++ {
++ fprintf (stderr, "getfilecon(%s): %s\n", pathname, strerror(errno));
++ fflush (stderr);
++ return false;
++ }
+
-+ rv = (fnmatch(pred_ptr->args.scontext, scontext,0)==0);
-+ freecon(scontext);
++ rv = (fnmatch (pred_ptr->args.scontext, scontext, 0) == 0);
++ freecon (scontext);
+ return rv;
+}
+
@@ -437,3 +453,16 @@
/* 1) fork to get a child; parent remembers the child pid
2) child execs the command requested
+diff -ur --exclude '*.o' --exclude '*~' --exclude '*.selinux' findutils-4.2.27/find/util.c findutils/find/util.c
+--- findutils-4.2.27/find/util.c 2005-07-01 23:45:18.000000000 +0200
++++ findutils/find/util.c 2006-01-27 14:38:43.000000000 +0100
+@@ -78,6 +78,9 @@
+ last_pred->need_stat = true;
+ last_pred->need_type = true;
+ last_pred->args.str = NULL;
++#ifdef WITH_SELINUX
++ last_pred->args.scontext = NULL;
++#endif
+ last_pred->pred_next = NULL;
+ last_pred->pred_left = NULL;
+ last_pred->pred_right = NULL;
Index: findutils.spec
===================================================================
RCS file: /cvs/dist/rpms/findutils/devel/findutils.spec,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -r1.42 -r1.43
--- findutils.spec 12 Jan 2006 07:10:14 -0000 1.42
+++ findutils.spec 30 Jan 2006 21:28:09 -0000 1.43
@@ -1,7 +1,7 @@
Summary: The GNU versions of find utilities (find and xargs).
Name: findutils
Version: 4.2.27
-Release: 2
+Release: 3
Epoch: 1
License: GPL
Group: Applications/File
@@ -71,6 +71,9 @@
%{_infodir}/find.info*
%changelog
+* Mon Jan 30 2006 Miloslav Trmac <mitr at redhat.com> - 1:4.2.27-3
+- Updated SELinux patch, --context is no longer valid (use -context)
+
* Thu Jan 12 2006 Miloslav Trmac <mitr at redhat.com> - 1:4.2.27-2
- Don't use uninitialized memory in -printf %%Z (#174485)
- Ship more documentation files
More information about the fedora-cvs-commits
mailing list