diff options
Diffstat (limited to 'coreutils')
-rw-r--r-- | coreutils/id.c | 34 | ||||
-rw-r--r-- | coreutils/ls.c | 94 |
2 files changed, 110 insertions, 18 deletions
diff --git a/coreutils/id.c b/coreutils/id.c index 9b2d60d..971e7cd 100644 --- a/coreutils/id.c +++ b/coreutils/id.c @@ -28,9 +28,13 @@ #include <getopt.h> #include <string.h> #include <sys/types.h> +#ifdef CONFIG_SELINUX +#include <proc_secure.h> +#include <flask_util.h> +#endif -#define NO_GROUP 1 -#define NO_USER 2 +#define JUST_USER 1 +#define JUST_GROUP 2 #define PRINT_REAL 4 #define NAME_NOT_NUMBER 8 @@ -40,10 +44,13 @@ extern int id_main(int argc, char **argv) long pwnam, grnam; int uid, gid; int flags; +#ifdef CONFIG_SELINUX + int is_flask_enabled_flag = is_flask_enabled(); +#endif flags = bb_getopt_ulflags(argc, argv, "ugrn"); - if (((flags & (NO_USER | NO_GROUP)) == (NO_USER | NO_GROUP)) + if (((flags & (JUST_USER | JUST_GROUP)) == (JUST_USER | JUST_GROUP)) || (argc > optind + 1) ) { bb_show_usage(); @@ -67,9 +74,9 @@ extern int id_main(int argc, char **argv) pwnam=my_getpwnam(user); grnam=my_getgrnam(group); - if (flags & (NO_GROUP | NO_USER)) { + if (flags & (JUST_GROUP | JUST_USER)) { char *s = group; - if (flags & NO_GROUP) { + if (flags & JUST_USER) { s = user; grnam = pwnam; } @@ -79,7 +86,24 @@ extern int id_main(int argc, char **argv) printf("%ld\n", grnam); } } else { +#ifdef CONFIG_SELINUX + printf("uid=%ld(%s) gid=%ld(%s)", pwnam, user, grnam, group); + if(is_flask_enabled_flag) + { + security_id_t mysid = getsecsid(); + char context[80]; + int len = sizeof(context); + context[0] = '\0'; + if(security_sid_to_context(mysid, context, &len)) + strcpy(context, "unknown"); + printf(" context=%s\n", context); + } + else + printf("\n"); +#else printf("uid=%ld(%s) gid=%ld(%s)\n", pwnam, user, grnam, group); +#endif + } bb_fflush_stdout_and_exit(0); diff --git a/coreutils/ls.c b/coreutils/ls.c index 4a49566..6245361 100644 --- a/coreutils/ls.c +++ b/coreutils/ls.c @@ -62,6 +62,11 @@ enum { #include <termios.h> #include <sys/ioctl.h> #include "busybox.h" +#ifdef CONFIG_SELINUX +#include <fs_secure.h> +#include <flask_util.h> +#include <ss.h> +#endif #ifdef CONFIG_FEATURE_LS_TIMESTAMPS #include <time.h> @@ -89,14 +94,15 @@ enum { #define LIST_NLINKS (1U<<3) #define LIST_ID_NAME (1U<<4) #define LIST_ID_NUMERIC (1U<<5) -#define LIST_SIZE (1U<<6) -#define LIST_DEV (1U<<7) -#define LIST_DATE_TIME (1U<<8) -#define LIST_FULLTIME (1U<<9) -#define LIST_FILENAME (1U<<10) -#define LIST_SYMLINK (1U<<11) -#define LIST_FILETYPE (1U<<12) -#define LIST_EXEC (1U<<13) +#define LIST_CONTEXT (1U<<6) +#define LIST_SIZE (1U<<7) +#define LIST_DEV (1U<<8) +#define LIST_DATE_TIME (1U<<9) +#define LIST_FULLTIME (1U<<10) +#define LIST_FILENAME (1U<<11) +#define LIST_SYMLINK (1U<<12) +#define LIST_FILETYPE (1U<<13) +#define LIST_EXEC (1U<<14) #define LIST_MASK ((LIST_EXEC << 1) - 1) @@ -179,6 +185,9 @@ struct dnode { /* the basic node */ char *name; /* the dir entry name */ char *fullname; /* the dir entry name */ struct stat dstat; /* the file stat info */ +#ifdef CONFIG_SELINUX + security_id_t sid; +#endif struct dnode *next; /* point at the next node */ }; typedef struct dnode dnode_t; @@ -189,6 +198,10 @@ static int list_single(struct dnode *); static unsigned int all_fmt; +#ifdef CONFIG_SELINUX +static int is_flask_enabled_flag; +#endif + #ifdef CONFIG_FEATURE_AUTOWIDTH static unsigned short terminal_width = TERMINAL_WIDTH; static unsigned short tabstops = COLUMN_GAP; @@ -203,26 +216,49 @@ static struct dnode *my_stat(char *fullname, char *name) { struct stat dstat; struct dnode *cur; +#ifdef CONFIG_SELINUX + security_id_t sid; +#endif + int rc; #ifdef CONFIG_FEATURE_LS_FOLLOWLINKS if (all_fmt & FOLLOW_LINKS) { - if (stat(fullname, &dstat)) { +#ifdef CONFIG_SELINUX + if(is_flask_enabled_flag) + rc = stat_secure(fullname, &dstat, &sid); + else +#endif + rc = stat(fullname, &dstat); + if(rc) + { bb_perror_msg("%s", fullname); status = EXIT_FAILURE; return 0; } } else #endif - if (lstat(fullname, &dstat)) { - bb_perror_msg("%s", fullname); - status = EXIT_FAILURE; - return 0; + { +#ifdef CONFIG_SELINUX + if(is_flask_enabled_flag) + rc = lstat_secure(fullname, &dstat, &sid); + else +#endif + rc = lstat(fullname, &dstat); + if(rc) + { + bb_perror_msg("%s", fullname); + status = EXIT_FAILURE; + return 0; + } } cur = (struct dnode *) xmalloc(sizeof(struct dnode)); cur->fullname = fullname; cur->name = name; cur->dstat = dstat; +#ifdef CONFIG_SELINUX + cur->sid = sid; +#endif return cur; } @@ -451,6 +487,9 @@ static void showfiles(struct dnode **dn, int nfiles) /* find the longest file name- use that as the column width */ for (i = 0; i < nfiles; i++) { int len = strlen(dn[i]->name) + +#ifdef CONFIG_SELINUX + ((all_fmt & LIST_CONTEXT) ? 33 : 0) + +#endif ((all_fmt & LIST_INO) ? 8 : 0) + ((all_fmt & LIST_BLOCKS) ? 5 : 0); if (column_width < len) @@ -695,6 +734,21 @@ static int list_single(struct dnode *dn) column += 13; break; #endif +#ifdef CONFIG_SELINUX + case LIST_CONTEXT: + { + char context[64]; + int len = sizeof(context); + if(security_sid_to_context(dn->sid, context, &len)) + { + strcpy(context, "unknown"); + len = 7; + } + printf("%-32s ", context); + column += MAX(33, len); + } + break; +#endif case LIST_FILENAME: #ifdef CONFIG_FEATURE_LS_COLOR errno = 0; @@ -774,6 +828,9 @@ static const char ls_opts[] = "1AaCdgilnsx" "h" #endif "k" +#ifdef CONFIG_SELINUX + "K" +#endif #ifdef CONFIG_FEATURE_AUTOWIDTH "T:w:" #endif @@ -834,7 +891,12 @@ static const unsigned opt_flags[] = { #ifdef CONFIG_FEATURE_HUMAN_READABLE LS_DISP_HR, /* h */ #endif +#ifndef CONFIG_SELINUX 0, /* k - ingored */ +#else + LIST_CONTEXT, /* k */ + LIST_MODEBITS|LIST_NLINKS|LIST_CONTEXT|LIST_SIZE|LIST_DATE_TIME, /* K */ +#endif }; @@ -849,6 +911,9 @@ extern int ls_main(int argc, char **argv) int opt; int oi, ac; char **av; +#ifdef CONFIG_SELINUX + is_flask_enabled_flag = is_flask_enabled(); +#endif #ifdef CONFIG_FEATURE_AUTOWIDTH struct winsize win = { 0, 0, 0, 0 }; @@ -911,6 +976,9 @@ extern int ls_main(int argc, char **argv) if (flags & TIME_MASK_TRIGGER) { all_fmt &= ~TIME_MASK; } + if (flags & LIST_CONTEXT) { + all_fmt |= STYLE_SINGLE; + } #ifdef CONFIG_FEATURE_HUMAN_READABLE if (opt == 'l') { all_fmt &= ~LS_DISP_HR; |