diff options
author | Rob Landley | 2005-05-03 06:25:50 +0000 |
---|---|---|
committer | Rob Landley | 2005-05-03 06:25:50 +0000 |
commit | 60158cb93eb0b3207dd1084cdf5bdd9226bd9e89 (patch) | |
tree | fe97ec71775deb1f3078c6db0cb8db554bc6b76f /coreutils | |
parent | 988a78c61cffe91b005d37f0b7d6e2cb2c5ea713 (diff) | |
download | busybox-60158cb93eb0b3207dd1084cdf5bdd9226bd9e89.zip busybox-60158cb93eb0b3207dd1084cdf5bdd9226bd9e89.tar.gz |
A patch from Takeharu KATO to update/fix SE-Linux support.
Diffstat (limited to 'coreutils')
-rw-r--r-- | coreutils/id.c | 29 | ||||
-rw-r--r-- | coreutils/ls.c | 48 |
2 files changed, 41 insertions, 36 deletions
diff --git a/coreutils/id.c b/coreutils/id.c index d5182b9..541c3d1 100644 --- a/coreutils/id.c +++ b/coreutils/id.c @@ -32,8 +32,7 @@ #include <sys/types.h> #ifdef CONFIG_SELINUX -#include <proc_secure.h> -#include <flask_util.h> +#include <selinux/selinux.h> /* for is_selinux_enabled() */ #endif #define PRINT_REAL 1 @@ -61,9 +60,6 @@ extern int id_main(int argc, char **argv) gid_t gid; unsigned long flags; short status; -#ifdef CONFIG_SELINUX - int is_flask_enabled_flag = is_flask_enabled(); -#endif bb_opt_complementaly = "u~g:g~u"; flags = bb_getopt_ulflags(argc, argv, "rnug"); @@ -109,17 +105,26 @@ extern int id_main(int argc, char **argv) putchar(' '); /* my_getgrgid doesn't exit on failure here */ status|=printf_full(gid, my_getgrgid(NULL, gid, 0), 'g'); + #ifdef CONFIG_SELINUX - if(is_flask_enabled_flag) { - security_id_t mysid = getsecsid(); - char context[80]; - int len = sizeof(context); - context[0] = '\0'; - if(security_sid_to_context(mysid, context, &len)) - strcpy(context, "unknown"); + if ( is_selinux_enabled() ) { + security_context_t mysid; + char context[80]; + int len = sizeof(context); + + getcon(&mysid); + context[0] = '\0'; + if (mysid) { + len = strlen(mysid)+1; + safe_strncpy(context, mysid, len); + freecon(mysid); + }else{ + safe_strncpy(context, "unknown",8); + } bb_printf(" context=%s", context); } #endif + putchar('\n'); bb_fflush_stdout_and_exit(status); } diff --git a/coreutils/ls.c b/coreutils/ls.c index 4e21454..92e1509 100644 --- a/coreutils/ls.c +++ b/coreutils/ls.c @@ -64,9 +64,7 @@ enum { #include <sys/sysmacros.h> /* major() and minor() */ #include "busybox.h" #ifdef CONFIG_SELINUX -#include <fs_secure.h> -#include <flask_util.h> -#include <ss.h> +#include <selinux/selinux.h> /* for is_selinux_enabled() */ #endif #ifdef CONFIG_FEATURE_LS_TIMESTAMPS @@ -182,7 +180,7 @@ struct dnode { /* the basic node */ char *fullname; /* the dir entry name */ struct stat dstat; /* the file stat info */ #ifdef CONFIG_SELINUX - security_id_t sid; + security_context_t sid; #endif struct dnode *next; /* point at the next node */ }; @@ -195,7 +193,7 @@ static int list_single(struct dnode *); static unsigned int all_fmt; #ifdef CONFIG_SELINUX -static int is_flask_enabled_flag; +static int selinux_enabled= 0; #endif #ifdef CONFIG_FEATURE_AUTOWIDTH @@ -213,18 +211,19 @@ static struct dnode *my_stat(char *fullname, char *name) struct stat dstat; struct dnode *cur; #ifdef CONFIG_SELINUX - security_id_t sid; + security_context_t sid=NULL; #endif int rc; #ifdef CONFIG_FEATURE_LS_FOLLOWLINKS if (all_fmt & FOLLOW_LINKS) { #ifdef CONFIG_SELINUX - if(is_flask_enabled_flag) - rc = stat_secure(fullname, &dstat, &sid); - else + if (is_selinux_enabled()) { + rc=0; /* Set the number which means success before hand. */ + rc = getfilecon(fullname,&sid); + } #endif - rc = stat(fullname, &dstat); + rc = stat(fullname, &dstat); if(rc) { bb_perror_msg("%s", fullname); @@ -235,11 +234,12 @@ static struct dnode *my_stat(char *fullname, char *name) #endif { #ifdef CONFIG_SELINUX - if(is_flask_enabled_flag) - rc = lstat_secure(fullname, &dstat, &sid); - else + if (is_selinux_enabled()) { + rc=0; /* Set the number which means success before hand. */ + rc = lgetfilecon(fullname,&sid); + } #endif - rc = lstat(fullname, &dstat); + rc = lstat(fullname, &dstat); if(rc) { bb_perror_msg("%s", fullname); @@ -736,12 +736,16 @@ static int list_single(struct dnode *dn) #ifdef CONFIG_SELINUX case LIST_CONTEXT: { - char context[64]; - int len = sizeof(context); - if(security_sid_to_context(dn->sid, context, &len)) - { - strcpy(context, "unknown"); - len = 7; + char context[80]; + int len; + + if (dn->sid) { + /* I assume sid initilized with NULL */ + len = strlen(dn->sid)+1; + safe_strncpy(context, dn->sid, len); + freecon(dn->sid); + }else { + safe_strncpy(context, "unknown",8); } printf("%-32s ", context); column += MAX(33, len); @@ -963,10 +967,6 @@ extern int ls_main(int argc, char **argv) char *terminal_width_str = NULL; #endif -#ifdef CONFIG_SELINUX - is_flask_enabled_flag = is_flask_enabled(); -#endif - all_fmt = LIST_SHORT | DISP_NORMAL | STYLE_AUTO #ifdef CONFIG_FEATURE_LS_TIMESTAMPS | TIME_MOD |