jengelh/schily
SHA256
1
0
Fork 0
forked from pool/schily
Code Pull Requests Activity
2588b7d48a
schily/schily-2018-05-25_star_selinux.patch

231 lines
8.5 KiB
Diff
Raw Normal View History

move patch formulae to in-patch descriptions OBS-URL: https://build.opensuse.org/package/show/utilities/schily?expand=0&rev=28
2018-06-06 17:05:07 +02:00
From: Kristyna Streitova <kstreitova@suse.com>
Date: Wed, 06 Jun 2018 14:51:57 +0000
X-Upstream: PATCH-FIX-UPSTREAM
Implement selinux
Accepting request 614590 from home:kstreitova:branches:utilities - add patches from the star package * schily-2018-05-25_star_configuration.patch * schily-2018-05-25_star_no_fsync.patch * schily-2018-05-25_star_lock.patch * schily-2018-05-25_star_detect_gzip_failures.patch * schily-2018-05-25_star_bufferoverflow.patch * schily-2018-05-25_star_use_ssh_by_default.patch * schily-2018-05-25_star_selinux.patch - add missing BuildRequires for star: * autoconf (because of selinux patch) * libacl-devel * libattr-devel * libselinux-devel * libtool - install README-FIRST (as schily-rmt) documentation - add noreplace for %_sysconfdir/default/rmt and %_sysconfdir/default/star - move srmt from sbindir to bindir - do not ship star_sym and suntar OBS-URL: https://build.opensuse.org/request/show/614590 OBS-URL: https://build.opensuse.org/package/show/utilities/schily?expand=0&rev=27
2018-06-06 16:57:44 +02:00
Index: schily-2018-05-25/autoconf/rules.cnf.in
===================================================================
--- schily-2018-05-25.orig/autoconf/rules.cnf.in
+++ schily-2018-05-25/autoconf/rules.cnf.in
@@ -38,6 +38,7 @@ LIB_GEN= @lib_gen@
LIB_ELF= @lib_elf@
LIB_PTHREAD= @lib_pthread@
LIB_RT= @lib_rt@
+LIB_SELINUX = @lib_selinux@
LIB_DL= @lib_dl@
LIB_DIR= @lib_dir@
LIB_CAP= @lib_cap@
Index: schily-2018-05-25/star/cpio.mk
===================================================================
--- schily-2018-05-25.orig/star/cpio.mk
+++ schily-2018-05-25/star/cpio.mk
@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND
CPPOPTS += -DUSE_ACL
CPPOPTS += -DUSE_XATTR
CPPOPTS += -DUSE_FFLAGS
+CPPOPTS += -DWITH_SELINUX
CPPOPTS += -DSCHILY_PRINT
CFILES= cpio.c header.c cpiohdr.c xheader.c xattr.c \
list.c extract.c create.c append.c diff.c restore.c \
@@ -34,7 +35,7 @@ CFILES= cpio.c header.c cpiohdr.c xhead
HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \
movearch.h table.h props.h fifo.h diff.h \
checkerr.h dumpdate.h bitstring.h pathname.h
-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP)
+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP) $(LIB_SELINUX)
XMK_FILE= scpioman.mk
###########################################################################
Index: schily-2018-05-25/star/extract.c
===================================================================
--- schily-2018-05-25.orig/star/extract.c
+++ schily-2018-05-25/star/extract.c
@@ -261,6 +261,17 @@ extern struct WALK walkstate;
continue;
}
#endif
+
+#ifdef WITH_SELINUX
+ if (!to_stdout && selinux_enabled) {
+ if (setselinux(&finfo) == FALSE) {
+ errmsgno(EX_BAD,
+ "Can not setup security context for '%s'. Not created.\n",
+ finfo.f_name);
+ }
+ }
+#endif
+
if (finfo.f_flags & F_BAD_META) {
if (!void_bad(&finfo))
break;
Index: schily-2018-05-25/star/gnutar.mk
===================================================================
--- schily-2018-05-25.orig/star/gnutar.mk
+++ schily-2018-05-25/star/gnutar.mk
@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND
CPPOPTS += -DUSE_ACL
CPPOPTS += -DUSE_XATTR
CPPOPTS += -DUSE_FFLAGS
+CPPOPTS += -DWITH_SELINUX
CPPOPTS += -DSCHILY_PRINT
CFILES= gnutar.c header.c cpiohdr.c xheader.c xattr.c \
list.c extract.c create.c append.c diff.c restore.c \
@@ -34,7 +35,7 @@ CFILES= gnutar.c header.c cpiohdr.c xhe
HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \
movearch.h table.h props.h fifo.h diff.h \
checkerr.h dumpdate.h bitstring.h pathname.h
-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP)
+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP) $(LIB_SELINUX)
XMK_FILE= gnutarman.mk
###########################################################################
Index: schily-2018-05-25/star/pax.mk
===================================================================
--- schily-2018-05-25.orig/star/pax.mk
+++ schily-2018-05-25/star/pax.mk
@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND
CPPOPTS += -DUSE_ACL
CPPOPTS += -DUSE_XATTR
CPPOPTS += -DUSE_FFLAGS
+CPPOPTS += -DWITH_SELINUX
CPPOPTS += -DPAX
CPPOPTS += -DSCHILY_PRINT
CFILES= pax.c header.c cpiohdr.c xheader.c xattr.c \
@@ -35,7 +36,7 @@ CFILES= pax.c header.c cpiohdr.c xheade
HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \
movearch.h table.h props.h fifo.h diff.h \
checkerr.h dumpdate.h bitstring.h pathname.h
-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP)
+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP) $(LIB_SELINUX)
XMK_FILE= spaxman.mk
###########################################################################
Index: schily-2018-05-25/star/star.c
===================================================================
--- schily-2018-05-25.orig/star/star.c
+++ schily-2018-05-25/star/star.c
@@ -51,6 +51,10 @@ static UConst char sccsid[] =
#include "starsubs.h"
#include "checkerr.h"
+#ifdef WITH_SELINUX
+int selinux_enabled=0;
+#endif
+
EXPORT int main __PR((int ac, char **av));
LOCAL void star_create __PR((int ac, char *const *av));
LOCAL void checkdumptype __PR((GINFO *gp));
@@ -443,6 +447,10 @@ main(ac, av)
comerr("Panic cannot set back effective uid.\n");
}
my_uid = geteuid();
+
+#ifdef WITH_SELINUX
+ selinux_enabled=is_selinux_enabled()>0;
+#endif
/*
* WARNING: We now are no more able to open a new remote connection
* unless we have been called by root.
Index: schily-2018-05-25/star/star_fat.mk
===================================================================
--- schily-2018-05-25.orig/star/star_fat.mk
+++ schily-2018-05-25/star/star_fat.mk
@@ -33,6 +33,7 @@ CPPOPTS += -DUSE_ICONV # Use iconv() fo
CPPOPTS += -DUSE_NLS # Include locale support
CPPOPTS += -DTEXT_DOMAIN=\"SCHILY_utils\"
CPPOPTS += -DSCHILY_PRINT
+CPPOPTS += -DWITH_SELINUX
CFILES= star_fat.c header.c cpiohdr.c xheader.c xattr.c \
list.c extract.c create.c append.c diff.c restore.c \
remove.c star_unix.c acl_unix.c acltext.c fflags.c \
@@ -55,7 +56,7 @@ HFILES= star.h starsubs.h dirtime.h xta
#
# LIB_CAP is needed for Linux capability support in librmt.
#
-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP)
+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP) $(LIB_SELINUX)
#
# Wenn -lfind, dann auch $(LIB_INTL)
#
Index: schily-2018-05-25/star/starsubs.h
===================================================================
--- schily-2018-05-25.orig/star/starsubs.h
+++ schily-2018-05-25/star/starsubs.h
@@ -322,6 +322,11 @@ extern void opt_xattr __PR((void));
extern BOOL get_xattr __PR((register FINFO *info));
extern BOOL set_xattr __PR((register FINFO *info));
extern void free_xattr __PR((star_xattr_t **xattr));
+# ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+extern BOOL setselinux __PR((register FINFO *info));
+extern int selinux_enabled;
+# endif
#endif
/*
Index: schily-2018-05-25/star/suntar.mk
===================================================================
--- schily-2018-05-25.orig/star/suntar.mk
+++ schily-2018-05-25/star/suntar.mk
@@ -19,6 +19,7 @@ CPPOPTS += -DUSE_FIND
CPPOPTS += -DUSE_ACL
CPPOPTS += -DUSE_XATTR
CPPOPTS += -DUSE_FFLAGS
+CPPOPTS += -DWITH_SELINUX
CPPOPTS += -DSCHILY_PRINT
CFILES= suntar.c header.c cpiohdr.c xheader.c xattr.c \
list.c extract.c create.c append.c diff.c restore.c \
@@ -34,7 +35,7 @@ CFILES= suntar.c header.c cpiohdr.c xhe
HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \
movearch.h table.h props.h fifo.h diff.h \
checkerr.h dumpdate.h bitstring.h pathname.h
-LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP)
+LIBS= -ldeflt -lrmt -lfind -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_INTL) $(LIB_CAP) $(LIB_SELINUX)
XMK_FILE= suntarman.mk
###########################################################################
Index: schily-2018-05-25/star/xattr.c
===================================================================
--- schily-2018-05-25.orig/star/xattr.c
+++ schily-2018-05-25/star/xattr.c
@@ -198,6 +198,27 @@ fail:
#endif /* USE_XATTR */
}
+#ifdef WITH_SELINUX
+EXPORT BOOL
+setselinux(info)
+ register FINFO *info;
+{
+#if defined(USE_XATTR) && defined(HAVE_SETXATTR) && defined(WITH_SELINUX)
+ if (info->f_xflags & XF_XATTR) {
+ star_xattr_t *xap;
+ for (xap = info->f_xattr; xap->name != NULL; xap++) {
+ if (strcmp(xap->name, "security.selinux") == 0) {
+ if (setfscreatecon(xap->value)) {
+ return FALSE;
+ }
+ }
+ }
+ }
+#endif /* USE_XATTR && WITH_SELINUX */
+ return TRUE;
+}
+#endif
+
/* ARGSUSED */
EXPORT BOOL
set_xattr(info)
@@ -211,6 +232,10 @@ set_xattr(info)
return (TRUE);
for (xap = info->f_xattr; xap->name != NULL; xap++) {
+#ifdef WITH_SELINUX
+ if (selinux_enabled && (strcmp(xap->name, "security.selinux") == 0))
+ continue;
+#endif
if (lsetxattr(info->f_name, xap->name, xap->value,
xap->value_len, 0) != 0) {
if (!errhidden(E_SETXATTR, info->f_name)) {
Copy Permalink