File star-selinux.patch of Package star

Overview Repositories Revisions Requests Users Attributes Meta

File star-selinux.patch of Package star

--- conf/configure.in
+++ conf/configure.in
@@ -530,6 +530,15 @@
 
 AC_SUBST(may_linux_src_include)
 
+AC_CHECK_HEADERS(selinux/selinux.h)
+if test "$ac_cv_header_selinux_selinux_h" = yes; then
+  AC_CHECKING(for SELinux support)
+  AC_CHECK_LIB(selinux, is_selinux_enabled, lib_selinux="-lselinux -lattr")
+  ac_save_LIBS="$LIBS"
+  LIBS="$LIBS $lib_selinux"
+  AC_CHECK_FUNCS(is_selinux_enabled)
+fi
+
 AC_SUBST(largefile_cc_opt)
 
 AC_SUBST(lib_crypt)
@@ -545,5 +554,6 @@
 AC_SUBST(lib_gen)
 AC_SUBST(lib_pthread)
 AC_SUBST(lib_rt)
+AC_SUBST(lib_selinux)
 
 AC_OUTPUT(rules.cnf)
--- conf/rules.cnf.in
+++ conf/rules.cnf.in
@@ -17,6 +17,7 @@
 LIB_ACL= @lib_acl@		# Full (test/set) ACL users like star
 LIB_ACL_TEST= @lib_acl_test@	# Test only ACL users like libfind
 LIB_ATTR = @lib_attr@
+LIB_SELINUX = @lib_selinux@
 LIB_SECDB = @lib_secdb@
 LIB_GEN = @lib_gen@
 LIB_PTHREAD = @lib_pthread@
--- star/Makefile
+++ star/Makefile
@@ -25,6 +25,7 @@
 CPPOPTS +=	-DUSE_FIND
 CPPOPTS +=	-DUSE_ACL
 CPPOPTS +=	-DUSE_XATTR
+CPPOPTS +=	-DWITH_SELINUX
 CPPOPTS +=	-DUSE_FFLAGS
 CPPOPTS +=	-DCOPY_LINKS_DELAYED
 CPPOPTS +=	-DSTAR_FAT
@@ -48,7 +49,7 @@
 
 #LIBS=		-lunos
 #LIBS=		-lschily -lc /usr/local/lib/gcc-gnulib
-LIBS=		-ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL)
+LIBS=		-ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SELINUX) $(LIB_SOCKET) $(LIB_INTL)
 #
 #	Wenn -lfind, dann auch  $(LIB_INTL)
 #
--- star/extract.c
+++ star/extract.c
@@ -238,6 +238,16 @@
 		if (prblockno)
 			(void) tblocks();		/* set curblockno */
 
+#ifdef WITH_SELINUX
+		if (!to_stdout && selinux_enabled) {
+			if (setselinux(&finfo) == FALSE) {
+				errmsgno(EX_BAD,
+					"Can not setup security context for '%s'. Not created.\n",
+					finfo.f_name);
+			}
+		}
+#endif
+
 		if (is_volhdr(&finfo)) {
 			if (!get_volhdr(&finfo, vhname)) {
 				excomerrno(EX_BAD,
--- star/pax.mk
+++ star/pax.mk
@@ -18,6 +18,7 @@
 CPPOPTS +=	-DUSE_FIND
 CPPOPTS +=	-DUSE_ACL
 CPPOPTS +=	-DUSE_XATTR
+CPPOPTS +=	-DWITH_SELINUX
 CPPOPTS +=	-DUSE_FFLAGS
 CPPOPTS +=	-DPAX
 CPPOPTS +=	-DSCHILY_PRINT
@@ -35,7 +36,7 @@
 HFILES=		star.h starsubs.h dirtime.h xtab.h xutimes.h \
 		movearch.h table.h props.h fifo.h diff.h \
 		checkerr.h dumpdate.h bitstring.h
-LIBS=		-ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL)
+LIBS=		-ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SELINUX) $(LIB_SOCKET) $(LIB_INTL)
 XMK_FILE=	spaxman.mk
 
 ###########################################################################
--- star/star.c
+++ star/star.c
@@ -39,6 +39,11 @@
 #include <schily/idcache.h>
 #include "fifo.h"	/* Needed for #undef FIFO */
 #include "dumpdate.h"
+
+#ifdef WITH_SELINUX
+int selinux_enabled=0;
+#endif
+
 #ifdef	USE_FIND
 #include <schily/walk.h>
 #include <schily/find.h>
@@ -387,6 +392,11 @@
 #endif
 			comerr("Panic cannot set back effective uid.\n");
 	}
+
+#ifdef WITH_SELINUX
+	selinux_enabled = is_selinux_enabled() > 0;
+#endif
+
 	my_uid = geteuid();
 	/*
 	 * WARNING: We now are no more able to open a new remote connection
--- star/starsubs.h
+++ star/starsubs.h
@@ -304,6 +304,11 @@
 extern	BOOL	get_xattr	__PR((register FINFO *info));
 extern	BOOL	set_xattr	__PR((register FINFO *info));
 extern	void	free_xattr	__PR((star_xattr_t **xattr));
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+extern	BOOL	setselinux	__PR((register FINFO *info));
+extern	int	selinux_enabled;
+#endif
 #endif
 
 /*
--- star/xattr.c
+++ star/xattr.c
@@ -196,6 +196,27 @@
 #endif  /* USE_XATTR */
 }
 
+#ifdef WITH_SELINUX
+EXPORT BOOL
+setselinux(info)
+	register FINFO *info;
+{
+#if defined(USE_XATTR) && defined(HAVE_SETXATTR) && defined(WITH_SELINUX)
+	if (info->f_xattr) {
+		star_xattr_t    *xap;
+		for (xap = info->f_xattr; xap->name != NULL; xap++) {
+			if (strcmp(xap->name, "security.selinux") == 0) {
+				if (setfscreatecon(xap->value)) {
+					return FALSE;
+				}
+			}
+		}
+	}
+#endif  /* USE_XATTR && WITH_SELINUX */
+	return TRUE;
+}
+#endif
+
 /* ARGSUSED */
 EXPORT BOOL
 set_xattr(info)
@@ -209,6 +230,10 @@
 		return (TRUE);
 
 	for (xap = info->f_xattr; xap->name != NULL; xap++) {
+#ifdef WITH_SELINUX
+		if (selinux_enabled && (strcmp(xap->name, "security.selinux") == 0))
+			continue;
+#endif
 		if (lsetxattr(info->f_name, xap->name, xap->value,
 		    xap->value_len, 0) != 0) {
 			if (!errhidden(E_SETXATTR, info->f_name)) {

Places

File star-selinux.patch of Package star

Places