A patch from Takeharu KATO to update/fix SE-Linux support.

git-svn-id: svn://busybox.net/trunk/busybox@10238 69ca8d6d-28ef-0310-b511-8ec308f3f277
author: landley <landley@69ca8d6d-28ef-0310-b511-8ec308f3f277> 2005-05-03 06:25:50 +0000
committer: landley <landley@69ca8d6d-28ef-0310-b511-8ec308f3f277> 2005-05-03 06:25:50 +0000
commit: 406bbe0151d55bb191d8f65e9dfb4b281c3396e8 (patch)
tree: fe97ec71775deb1f3078c6db0cb8db554bc6b76f /coreutils
parent: 6e34669c94a04dd5462996b1fdf85f7cbba02351 (diff)
download: busybox-w32-406bbe0151d55bb191d8f65e9dfb4b281c3396e8.tar.gz
busybox-w32-406bbe0151d55bb191d8f65e9dfb4b281c3396e8.tar.bz2
busybox-w32-406bbe0151d55bb191d8f65e9dfb4b281c3396e8.zip
2 files changed, 41 insertions, 36 deletions
diff --git a/coreutils/id.c b/coreutils/id.c
index d5182b953..541c3d16b 100644
--- a/coreutils/id.c
+++ b/coreutils/id.c
@@ -32,8 +32,7 @@
 #include <sys/types.h>
 #ifdef CONFIG_SELINUX
-#include <proc_secure.h>
+#include <selinux/selinux.h>          /* for is_selinux_enabled() */
-#include <flask_util.h>
 #endif
 #define PRINT_REAL        1
@@ -61,9 +60,6 @@ extern int id_main(int argc, char **argv)
        gid_t gid;
        unsigned long flags;
        short status;
-#ifdef CONFIG_SELINUX
-        int is_flask_enabled_flag = is_flask_enabled();
-#endif
        bb_opt_complementaly = "u~g:g~u";
        flags = bb_getopt_ulflags(argc, argv, "rnug");
@@ -109,17 +105,26 @@ extern int id_main(int argc, char **argv)
        putchar(' ');
        /* my_getgrgid doesn't exit on failure here */
        status|=printf_full(gid, my_getgrgid(NULL, gid, 0), 'g');
 #ifdef CONFIG_SELINUX
-        if(is_flask_enabled_flag) {
+        if ( is_selinux_enabled() ) {
-                security_id_t mysid = getsecsid();
+                        security_context_t mysid;
-                char context[80];
+                        char context[80];
-                int len = sizeof(context);
+                        int len = sizeof(context);
-                context[0] = '\0';
-                if(security_sid_to_context(mysid, context, &len))
+                        getcon(&mysid);
-                        strcpy(context, "unknown");
+                        context[0] = '\0';
+                        if (mysid) {
+                                        len = strlen(mysid)+1;
+                                        safe_strncpy(context, mysid, len);
+                                        freecon(mysid);
+                        }else{
+                                        safe_strncpy(context, "unknown",8);
+                        }
                bb_printf(" context=%s", context);
        }
 #endif
        putchar('\n');
        bb_fflush_stdout_and_exit(status);
 }
diff --git a/coreutils/ls.c b/coreutils/ls.c
index 4e21454ce..92e150966 100644
--- a/coreutils/ls.c
+++ b/coreutils/ls.c
@@ -64,9 +64,7 @@ enum {
 #include <sys/sysmacros.h>     /* major() and minor() */
 #include "busybox.h"
 #ifdef CONFIG_SELINUX
-#include <fs_secure.h>
+#include <selinux/selinux.h>   /* for is_selinux_enabled() */
-#include <flask_util.h>
-#include <ss.h>
 #endif
 #ifdef CONFIG_FEATURE_LS_TIMESTAMPS
@@ -182,7 +180,7 @@ struct dnode {			/* the basic node */
        char *fullname;         /* the dir entry name */
        struct stat dstat;      /* the file stat info */
 #ifdef CONFIG_SELINUX
-        security_id_t sid;
+        security_context_t sid;
 #endif
        struct dnode *next;     /* point at the next node */
 };
@@ -195,7 +193,7 @@ static int list_single(struct dnode *);
 static unsigned int all_fmt;
 #ifdef CONFIG_SELINUX
-static int is_flask_enabled_flag;
+static int selinux_enabled= 0;
 #endif
 #ifdef CONFIG_FEATURE_AUTOWIDTH
@@ -213,18 +211,19 @@ static struct dnode *my_stat(char *fullname, char *name)
        struct stat dstat;
        struct dnode *cur;
 #ifdef CONFIG_SELINUX
-        security_id_t sid;
+        security_context_t sid=NULL;
 #endif
        int rc;
 #ifdef CONFIG_FEATURE_LS_FOLLOWLINKS
        if (all_fmt & FOLLOW_LINKS) {
 #ifdef CONFIG_SELINUX
-                if(is_flask_enabled_flag)
+                if (is_selinux_enabled())  {
-                        rc = stat_secure(fullname, &dstat, &sid);
+                  rc=0; /*  Set the number which means success before hand.  */
-                else
+                  rc = getfilecon(fullname,&sid);
+                }
 #endif
-                        rc = stat(fullname, &dstat);
+                  rc = stat(fullname, &dstat);
                if(rc)
                {
                        bb_perror_msg("%s", fullname);
@@ -235,11 +234,12 @@ static struct dnode *my_stat(char *fullname, char *name)
 #endif
        {
 #ifdef CONFIG_SELINUX
-                if(is_flask_enabled_flag)
+                if  (is_selinux_enabled())  {
-                        rc = lstat_secure(fullname, &dstat, &sid);
+                  rc=0; /*  Set the number which means success before hand.  */
-                else
+                  rc = lgetfilecon(fullname,&sid);
+                }
 #endif
-                        rc = lstat(fullname, &dstat);
+                rc = lstat(fullname, &dstat);
                if(rc)
                {
                        bb_perror_msg("%s", fullname);
@@ -736,12 +736,16 @@ static int list_single(struct dnode *dn)
 #ifdef CONFIG_SELINUX
                case LIST_CONTEXT:
                        {
-                                char context[64];
+                                char context[80];
-                                int len = sizeof(context);
+                                int len;
-                                if(security_sid_to_context(dn->sid, context, &len))
+                        
-                                {
+                                if (dn->sid) {
-                                        strcpy(context, "unknown");
+                                  /*  I assume sid initilized with NULL  */
-                                        len = 7;
+                                  len = strlen(dn->sid)+1;
+                                  safe_strncpy(context, dn->sid, len);
+                                  freecon(dn->sid);
+                                }else {
+                                  safe_strncpy(context, "unknown",8);
                                }
                                printf("%-32s ", context);
                                column += MAX(33, len);
@@ -963,10 +967,6 @@ extern int ls_main(int argc, char **argv)
        char *terminal_width_str = NULL;
 #endif
-#ifdef CONFIG_SELINUX
-        is_flask_enabled_flag = is_flask_enabled();
-#endif
        all_fmt = LIST_SHORT | DISP_NORMAL | STYLE_AUTO
 #ifdef CONFIG_FEATURE_LS_TIMESTAMPS
                | TIME_MOD
author	landley <landley@69ca8d6d-28ef-0310-b511-8ec308f3f277>	2005-05-03 06:25:50 +0000
committer	landley <landley@69ca8d6d-28ef-0310-b511-8ec308f3f277>	2005-05-03 06:25:50 +0000
commit	406bbe0151d55bb191d8f65e9dfb4b281c3396e8 (patch)
tree	fe97ec71775deb1f3078c6db0cb8db554bc6b76f /coreutils
parent	6e34669c94a04dd5462996b1fdf85f7cbba02351 (diff)
download	busybox-w32-406bbe0151d55bb191d8f65e9dfb4b281c3396e8.tar.gz busybox-w32-406bbe0151d55bb191d8f65e9dfb4b281c3396e8.tar.bz2 busybox-w32-406bbe0151d55bb191d8f65e9dfb4b281c3396e8.zip

diff --git a/coreutils/id.c b/coreutils/id.c index d5182b953..541c3d16b 100644 --- a/coreutils/id.c +++ b/coreutils/id.c
@@ -32,8 +32,7 @@
32	#include <sys/types.h>	32	#include <sys/types.h>
33		33
34	#ifdef CONFIG_SELINUX	34	#ifdef CONFIG_SELINUX
35	#include <proc_secure.h>	35	#include <selinux/selinux.h> /* for is_selinux_enabled() */
36	#include <flask_util.h>
37	#endif	36	#endif
38		37
39	#define PRINT_REAL 1	38	#define PRINT_REAL 1
@@ -61,9 +60,6 @@ extern int id_main(int argc, char **argv)
61	gid_t gid;	60	gid_t gid;
62	unsigned long flags;	61	unsigned long flags;
63	short status;	62	short status;
64	#ifdef CONFIG_SELINUX
65	int is_flask_enabled_flag = is_flask_enabled();
66	#endif
67		63
68	bb_opt_complementaly = "u~g:g~u";	64	bb_opt_complementaly = "u~g:g~u";
69	flags = bb_getopt_ulflags(argc, argv, "rnug");	65	flags = bb_getopt_ulflags(argc, argv, "rnug");
@@ -109,17 +105,26 @@ extern int id_main(int argc, char **argv)
109	putchar(' ');	105	putchar(' ');
110	/* my_getgrgid doesn't exit on failure here */	106	/* my_getgrgid doesn't exit on failure here */
111	status\|=printf_full(gid, my_getgrgid(NULL, gid, 0), 'g');	107	status\|=printf_full(gid, my_getgrgid(NULL, gid, 0), 'g');
		108
112	#ifdef CONFIG_SELINUX	109	#ifdef CONFIG_SELINUX
113	if(is_flask_enabled_flag) {	110	if ( is_selinux_enabled() ) {
114	security_id_t mysid = getsecsid();	111	security_context_t mysid;
115	char context[80];	112	char context[80];
116	int len = sizeof(context);	113	int len = sizeof(context);
117	context[0] = '\0';	114
118	if(security_sid_to_context(mysid, context, &len))	115	getcon(&mysid);
119	strcpy(context, "unknown");	116	context[0] = '\0';
		117	if (mysid) {
		118	len = strlen(mysid)+1;
		119	safe_strncpy(context, mysid, len);
		120	freecon(mysid);
		121	}else{
		122	safe_strncpy(context, "unknown",8);
		123	}
120	bb_printf(" context=%s", context);	124	bb_printf(" context=%s", context);
121	}	125	}
122	#endif	126	#endif
		127
123	putchar('\n');	128	putchar('\n');
124	bb_fflush_stdout_and_exit(status);	129	bb_fflush_stdout_and_exit(status);
125	}	130	}


diff --git a/coreutils/ls.c b/coreutils/ls.c index 4e21454ce..92e150966 100644 --- a/coreutils/ls.c +++ b/coreutils/ls.c
@@ -64,9 +64,7 @@ enum {
64	#include <sys/sysmacros.h> /* major() and minor() */	64	#include <sys/sysmacros.h> /* major() and minor() */
65	#include "busybox.h"	65	#include "busybox.h"
66	#ifdef CONFIG_SELINUX	66	#ifdef CONFIG_SELINUX
67	#include <fs_secure.h>	67	#include <selinux/selinux.h> /* for is_selinux_enabled() */
68	#include <flask_util.h>
69	#include <ss.h>
70	#endif	68	#endif
71		69
72	#ifdef CONFIG_FEATURE_LS_TIMESTAMPS	70	#ifdef CONFIG_FEATURE_LS_TIMESTAMPS
@@ -182,7 +180,7 @@ struct dnode { /* the basic node */
182	char fullname; / the dir entry name */	180	char fullname; / the dir entry name */
183	struct stat dstat; /* the file stat info */	181	struct stat dstat; /* the file stat info */
184	#ifdef CONFIG_SELINUX	182	#ifdef CONFIG_SELINUX
185	security_id_t sid;	183	security_context_t sid;
186	#endif	184	#endif
187	struct dnode next; / point at the next node */	185	struct dnode next; / point at the next node */
188	};	186	};
@@ -195,7 +193,7 @@ static int list_single(struct dnode *);
195	static unsigned int all_fmt;	193	static unsigned int all_fmt;
196		194
197	#ifdef CONFIG_SELINUX	195	#ifdef CONFIG_SELINUX
198	static int is_flask_enabled_flag;	196	static int selinux_enabled= 0;
199	#endif	197	#endif
200		198
201	#ifdef CONFIG_FEATURE_AUTOWIDTH	199	#ifdef CONFIG_FEATURE_AUTOWIDTH
@@ -213,18 +211,19 @@ static struct dnode my_stat(char fullname, char *name)
213	struct stat dstat;	211	struct stat dstat;
214	struct dnode *cur;	212	struct dnode *cur;
215	#ifdef CONFIG_SELINUX	213	#ifdef CONFIG_SELINUX
216	security_id_t sid;	214	security_context_t sid=NULL;
217	#endif	215	#endif
218	int rc;	216	int rc;
219		217
220	#ifdef CONFIG_FEATURE_LS_FOLLOWLINKS	218	#ifdef CONFIG_FEATURE_LS_FOLLOWLINKS
221	if (all_fmt & FOLLOW_LINKS) {	219	if (all_fmt & FOLLOW_LINKS) {
222	#ifdef CONFIG_SELINUX	220	#ifdef CONFIG_SELINUX
223	if(is_flask_enabled_flag)	221	if (is_selinux_enabled()) {
224	rc = stat_secure(fullname, &dstat, &sid);	222	rc=0; /* Set the number which means success before hand. */
225	else	223	rc = getfilecon(fullname,&sid);
		224	}
226	#endif	225	#endif
227	rc = stat(fullname, &dstat);	226	rc = stat(fullname, &dstat);
228	if(rc)	227	if(rc)
229	{	228	{
230	bb_perror_msg("%s", fullname);	229	bb_perror_msg("%s", fullname);
@@ -235,11 +234,12 @@ static struct dnode my_stat(char fullname, char *name)
235	#endif	234	#endif
236	{	235	{
237	#ifdef CONFIG_SELINUX	236	#ifdef CONFIG_SELINUX
238	if(is_flask_enabled_flag)	237	if (is_selinux_enabled()) {
239	rc = lstat_secure(fullname, &dstat, &sid);	238	rc=0; /* Set the number which means success before hand. */
240	else	239	rc = lgetfilecon(fullname,&sid);
		240	}
241	#endif	241	#endif
242	rc = lstat(fullname, &dstat);	242	rc = lstat(fullname, &dstat);
243	if(rc)	243	if(rc)
244	{	244	{
245	bb_perror_msg("%s", fullname);	245	bb_perror_msg("%s", fullname);
@@ -736,12 +736,16 @@ static int list_single(struct dnode *dn)
736	#ifdef CONFIG_SELINUX	736	#ifdef CONFIG_SELINUX
737	case LIST_CONTEXT:	737	case LIST_CONTEXT:
738	{	738	{
739	char context[64];	739	char context[80];
740	int len = sizeof(context);	740	int len;
741	if(security_sid_to_context(dn->sid, context, &len))	741
742	{	742	if (dn->sid) {
743	strcpy(context, "unknown");	743	/* I assume sid initilized with NULL */
744	len = 7;	744	len = strlen(dn->sid)+1;
		745	safe_strncpy(context, dn->sid, len);
		746	freecon(dn->sid);
		747	}else {
		748	safe_strncpy(context, "unknown",8);
745	}	749	}
746	printf("%-32s ", context);	750	printf("%-32s ", context);
747	column += MAX(33, len);	751	column += MAX(33, len);
@@ -963,10 +967,6 @@ extern int ls_main(int argc, char **argv)
963	char *terminal_width_str = NULL;	967	char *terminal_width_str = NULL;
964	#endif	968	#endif
965		969
966	#ifdef CONFIG_SELINUX
967	is_flask_enabled_flag = is_flask_enabled();
968	#endif
969
970	all_fmt = LIST_SHORT \| DISP_NORMAL \| STYLE_AUTO	970	all_fmt = LIST_SHORT \| DISP_NORMAL \| STYLE_AUTO
971	#ifdef CONFIG_FEATURE_LS_TIMESTAMPS	971	#ifdef CONFIG_FEATURE_LS_TIMESTAMPS
972	\| TIME_MOD	972	\| TIME_MOD