* [PATCH 1/6] busybox -- SELinux option support for coreutils @ 2007-02-08 6:54 Yuichi Nakamura [not found] ` <200702082332.43175.vda.linux@googlemail.com> 0 siblings, 1 reply; 2+ messages in thread From: Yuichi Nakamura @ 2007-02-08 6:54 UTC (permalink / raw) To: busybox, selinux; +Cc: russell, rob, busybox, vda.linux, ynakam [-- Attachment #1: Type: text/plain, Size: 132 bytes --] [1/6] busybox-coreutils-common-01.patch - usage.h for SELinux options Signed-off-by: Yuichi Nakamura <ynakam@hitachisoft.jp> [-- Attachment #2: busybox-coreutils-common-01.patch --] [-- Type: application/octet-stream, Size: 4206 bytes --] Index: include/usage.h =================================================================== --- include/usage.h (revision 17803) +++ include/usage.h (working copy) @@ -388,13 +388,15 @@ "Copy SOURCE to DEST, or multiple SOURCE(s) to DIRECTORY" \ "\n\nOptions:\n" \ " -a Same as -dpR\n" \ + USAGE_SELINUX(" -c Preserves security context\n") \ " -d,-P Preserve links\n" \ " -H,-L Dereference all symlinks (implied by default)\n" \ " -p Preserve file attributes if possible\n" \ " -f Force, overwrite\n" \ " -i Interactive, prompt before overwrite\n" \ " -R,-r Copy directories recursively\n" \ - " -l,-s Create (sym)links" + " -l,-s Create (sym)links\n" \ + USAGE_SELINUX(" -Z CONTEXT\tset security context of copy to CONTEXT") #define cpio_trivial_usage \ "-[dimtuv][F cpiofile]" @@ -1299,9 +1301,8 @@ #define id_full_usage \ "Print information for USERNAME or the current user" \ "\n\nOptions:\n" \ - USE_SELINUX( \ - " -c Prints only the security context\n") \ - " -g Prints only the group ID\n" \ + USAGE_SELINUX(" -Z prints only the security context\n") \ + " -g Prints only the group ID\n" \ " -u Prints only the user ID\n" \ " -n Print a name instead of a number\n" \ " -r Prints the real user ID instead of the effective ID" @@ -1519,7 +1520,9 @@ " -m Set permission modes\n" \ " -o Set ownership\n" \ " -p Preserve date\n" \ - " -s Strip symbol tables" + " -s Strip symbol tables\n" \ + USAGE_SELINUX(" -P preserve security context\n") \ + USAGE_SELINUX(" Z CONTEXT set security context of copy to CONTEXT") #define ip_trivial_usage \ "[OPTIONS] {address | link | route | tunnel | rule} {COMMAND}" @@ -1829,7 +1832,9 @@ USE_SELINUX( \ "\n -k Print security context") \ USE_SELINUX( \ - "\n -K Print security context in long format") + "\n -K Print security context in long format") \ + USE_SELINUX( \ + "\n -Z Print security context and permission") #define lsattr_trivial_usage \ "[-Radlv] [files...]" @@ -1974,7 +1979,9 @@ "Create the DIRECTORY(ies) if they do not already exist" \ "\n\nOptions:\n" \ " -m Set permission mode (as in chmod), not rwxrwxrwx - umask\n" \ - " -p No error if existing, make parent directories as needed" + " -p No error if existing, make parent directories as needed\n" \ + USAGE_SELINUX(" -Z set security context") + #define mkdir_example_usage \ "$ mkdir /tmp/foo\n" \ "$ mkdir /tmp/foo\n" \ @@ -2019,7 +2026,8 @@ #define mkfifo_full_usage \ "Create a named pipe (identical to 'mknod name p')" \ "\n\nOptions:\n" \ - " -m Create the pipe using the specified mode (default a=rw)" + " -m Create the pipe using the specified mode (default a=rw)\n" \ + USAGE_SELINUX(" -Z set security context") #define mkfs_minix_trivial_usage \ "[-c | -l filename] [-nXX] [-iXX] /dev/name [blocks]" @@ -2041,7 +2049,9 @@ "\n\nTYPEs include:\n" \ " b: Make a block (buffered) device\n" \ " c or u: Make a character (un-buffered) device\n" \ - " p: Make a named pipe. MAJOR and MINOR are ignored for named pipes" + " p: Make a named pipe. MAJOR and MINOR are ignored for named pipes\n" \ + USAGE_SELINUX(" -Z set security context") + #define mknod_example_usage \ "$ mknod /dev/fd0 b 2 0\n" \ "$ mknod -m 644 /tmp/pipe p\n" @@ -2901,6 +2911,7 @@ " -f Display filesystem status\n" \ " -L,-l Dereference links\n" \ " -t Display info in terse form" \ + USAGE_SELINUX(" -Z print security context\n") \ USE_FEATURE_STAT_FORMAT( \ "\n\nValid format sequences for files:\n" \ " %a Access rights in octal\n" \ @@ -2935,6 +2946,7 @@ " %c Total file nodes in file system\n" \ " %d Free file nodes in file system\n" \ " %f Free blocks in file system\n" \ + USAGE_SELINUX(" %C Security context in SELinux\n") \ " %i File System ID in hex\n" \ " %l Maximum length of filenames\n" \ " %n File name\n" \ ^ permalink raw reply [flat|nested] 2+ messages in thread
[parent not found: <200702082332.43175.vda.linux@googlemail.com>]
* Re: [busybox:00365] Re: [PATCH 1/6] busybox -- SELinux option support for coreutils [not found] ` <200702082332.43175.vda.linux@googlemail.com> @ 2007-02-09 9:47 ` Yuichi Nakamura 0 siblings, 0 replies; 2+ messages in thread From: Yuichi Nakamura @ 2007-02-09 9:47 UTC (permalink / raw) To: busybox, busybox; +Cc: ynakam, Denis Vlasenko, selinux, russell, rob [-- Attachment #1: Type: text/plain, Size: 1550 bytes --] Thank you for comments. On Thu, 8 Feb 2007 23:32:43 +0100 Denis Vlasenko wrote: > On Thursday 08 February 2007 07:54, Yuichi Nakamura wrote: > > > > [1/6] busybox-coreutils-common-01.patch > > - usage.h for SELinux options > > > > Signed-off-by: Yuichi Nakamura <ynakam@hitachisoft.jp> > > > @@ -1299,9 +1301,8 @@ > #define id_full_usage \ > "Print information for USERNAME or the current user" \ > "\n\nOptions:\n" \ > - USE_SELINUX( \ > - " -c Prints only the security context\n") \ > - " -g Prints only the group ID\n" \ > + USAGE_SELINUX(" -Z prints only the security context\n") \ > + " -g Prints only the group ID\n" \ > > Well I can fix occasional problems but this is a bitt too much. > I would prefer more careful formatting, like > > USAGE_SELINUX( \ > " -Z prints only the security context\n" \ > ) \ > " -g Prints only the group ID\n" \ > > This helps to avoid misformatting in help texts. > > The rest of this patch needs similar reformatting. Fixed. > -- > vda > We were porting SELinux option based on coreutils in Fedora Core6, but Stephen recommended to check upstream coreutils. So I have checked upstream coreutils and found some SELinux option has been changed. I have changed following: * Removed -Z option from cp * Added -Z and --preserve-context option to install About cp, -c option is dropped in upstream and "--preserve=context" is used instead. However, cp in BusyBox does not have long options, so our patch still has -c option. Yuichi Nakamura [-- Attachment #2: busybox-coreutils-common-01.v2.patch --] [-- Type: application/octet-stream, Size: 4171 bytes --] Index: include/usage.h =================================================================== --- include/usage.h (revision 17803) +++ include/usage.h (working copy) @@ -388,13 +388,16 @@ "Copy SOURCE to DEST, or multiple SOURCE(s) to DIRECTORY" \ "\n\nOptions:\n" \ " -a Same as -dpR\n" \ + USAGE_SELINUX( \ + " -c Preserves security context\n" \ + ) \ " -d,-P Preserve links\n" \ " -H,-L Dereference all symlinks (implied by default)\n" \ " -p Preserve file attributes if possible\n" \ " -f Force, overwrite\n" \ " -i Interactive, prompt before overwrite\n" \ " -R,-r Copy directories recursively\n" \ - " -l,-s Create (sym)links" + " -l,-s Create (sym)links\n" #define cpio_trivial_usage \ "-[dimtuv][F cpiofile]" @@ -1299,9 +1302,10 @@ #define id_full_usage \ "Print information for USERNAME or the current user" \ "\n\nOptions:\n" \ - USE_SELINUX( \ - " -c Prints only the security context\n") \ - " -g Prints only the group ID\n" \ + USAGE_SELINUX( \ + " -Z prints only the security context\n" \ + ) \ + " -g Prints only the group ID\n" \ " -u Prints only the user ID\n" \ " -n Print a name instead of a number\n" \ " -r Prints the real user ID instead of the effective ID" @@ -1519,7 +1523,10 @@ " -m Set permission modes\n" \ " -o Set ownership\n" \ " -p Preserve date\n" \ - " -s Strip symbol tables" + " -s Strip symbol tables\n" \ + USAGE_SELINUX( \ + " Z Set security context of copy" \ + ) #define ip_trivial_usage \ "[OPTIONS] {address | link | route | tunnel | rule} {COMMAND}" @@ -1829,7 +1836,9 @@ USE_SELINUX( \ "\n -k Print security context") \ USE_SELINUX( \ - "\n -K Print security context in long format") + "\n -K Print security context in long format") \ + USE_SELINUX( \ + "\n -Z Print security context and permission") #define lsattr_trivial_usage \ "[-Radlv] [files...]" @@ -1974,7 +1983,11 @@ "Create the DIRECTORY(ies) if they do not already exist" \ "\n\nOptions:\n" \ " -m Set permission mode (as in chmod), not rwxrwxrwx - umask\n" \ - " -p No error if existing, make parent directories as needed" + " -p No error if existing, make parent directories as needed\n" \ + USAGE_SELINUX( \ + " -Z set security context" \ + ) + #define mkdir_example_usage \ "$ mkdir /tmp/foo\n" \ "$ mkdir /tmp/foo\n" \ @@ -2019,7 +2032,10 @@ #define mkfifo_full_usage \ "Create a named pipe (identical to 'mknod name p')" \ "\n\nOptions:\n" \ - " -m Create the pipe using the specified mode (default a=rw)" + " -m Create the pipe using the specified mode (default a=rw)\n" \ + USAGE_SELINUX( \ + " -Z set security context" \ + ) #define mkfs_minix_trivial_usage \ "[-c | -l filename] [-nXX] [-iXX] /dev/name [blocks]" @@ -2041,7 +2057,11 @@ "\n\nTYPEs include:\n" \ " b: Make a block (buffered) device\n" \ " c or u: Make a character (un-buffered) device\n" \ - " p: Make a named pipe. MAJOR and MINOR are ignored for named pipes" + " p: Make a named pipe. MAJOR and MINOR are ignored for named pipes\n" \ + USAGE_SELINUX( \ + " -Z set security context" \ + ) + #define mknod_example_usage \ "$ mknod /dev/fd0 b 2 0\n" \ "$ mknod -m 644 /tmp/pipe p\n" @@ -2901,6 +2921,9 @@ " -f Display filesystem status\n" \ " -L,-l Dereference links\n" \ " -t Display info in terse form" \ + USAGE_SELINUX( \ + " -Z print security context\n" \ + ) \ USE_FEATURE_STAT_FORMAT( \ "\n\nValid format sequences for files:\n" \ " %a Access rights in octal\n" \ @@ -2935,6 +2958,9 @@ " %c Total file nodes in file system\n" \ " %d Free file nodes in file system\n" \ " %f Free blocks in file system\n" \ + USAGE_SELINUX( \ + " %C Security context in SELinux\n" \ + ) \ " %i File System ID in hex\n" \ " %l Maximum length of filenames\n" \ " %n File name\n" \ ^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-02-09 9:46 UTC | newest] Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2007-02-08 6:54 [PATCH 1/6] busybox -- SELinux option support for coreutils Yuichi Nakamura [not found] ` <200702082332.43175.vda.linux@googlemail.com> 2007-02-09 9:47 ` [busybox:00365] " Yuichi Nakamura
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.