diff --git a/findutils-4.4.2-fts-remount.patch b/findutils-4.4.2-fts-remount.patch deleted file mode 100644 index 6327852..0000000 --- a/findutils-4.4.2-fts-remount.patch +++ /dev/null @@ -1,27 +0,0 @@ -This patch is already applied on gnulib upstream git. - -Index: findutils-4.4.2/gnulib/lib/fts.c -=================================================================== ---- findutils-4.4.2.orig/gnulib/lib/fts.c -+++ findutils-4.4.2/gnulib/lib/fts.c -@@ -974,6 +974,20 @@ fts_build (register FTS *sp, int type) - opening it. */ - if (cur->fts_info == FTS_NSOK) - cur->fts_info = fts_stat(sp, cur, false); -+ else if (sp->fts_options & FTS_TIGHT_CYCLE_CHECK) { -+ /* Now read the stat info again after opening a directory to -+ * reveal eventual changes caused by a submount triggered by -+ * the traverse. But do it only for utilities which use -+ * FTS_TIGHT_CYCLE_CHECK. Therefore only find and du can -+ * benefit from this feature for now. -+ */ -+ LEAVE_DIR (sp, cur, "4"); -+ fts_stat (sp, cur, false); -+ if (! enter_dir (sp, cur)) { -+ __set_errno (ENOMEM); -+ return NULL; -+ } -+ } - - /* - * Nlinks is the number of possible entries of type directory in the diff --git a/findutils-4.4.2-selinux-gnulib.patch b/findutils-4.4.2-selinux-gnulib.patch deleted file mode 100644 index aaa1bb7..0000000 --- a/findutils-4.4.2-selinux-gnulib.patch +++ /dev/null @@ -1,1138 +0,0 @@ -Once the selinux-at module appears on the list within import-gnulib.config this -patch is no longer needed. - -Index: findutils-4.4.2/aclocal.m4 -=================================================================== ---- findutils-4.4.2.orig/aclocal.m4 -+++ findutils-4.4.2/aclocal.m4 -@@ -1039,6 +1039,8 @@ m4_include([gnulib/m4/rpmatch.m4]) - m4_include([gnulib/m4/same.m4]) - m4_include([gnulib/m4/save-cwd.m4]) - m4_include([gnulib/m4/savedir.m4]) -+m4_include([gnulib/m4/selinux-context-h.m4]) -+m4_include([gnulib/m4/selinux-selinux-h.m4]) - m4_include([gnulib/m4/setenv.m4]) - m4_include([gnulib/m4/ssize_t.m4]) - m4_include([gnulib/m4/st_dm_mode.m4]) -Index: findutils-4.4.2/gnulib/lib/Makefile.am -=================================================================== ---- findutils-4.4.2.orig/gnulib/lib/Makefile.am -+++ findutils-4.4.2/gnulib/lib/Makefile.am -@@ -1007,6 +1007,49 @@ EXTRA_libgnulib_a_SOURCES += savedir.c - - ## end gnulib module savedir - -+## begin gnulib module selinux-at -+ -+ -+EXTRA_DIST += selinux-at.c selinux-at.h -+ -+EXTRA_libgnulib_a_SOURCES += selinux-at.c -+ -+## end gnulib module selinux-at -+ -+## begin gnulib module selinux-h -+ -+libgnulib_a_SOURCES += se-context.in.h se-selinux.in.h -+ -+BUILT_SOURCES += selinux/selinux.h -+selinux/selinux.h: se-selinux.in.h -+ $(AM_V_at)$(MKDIR_P) selinux -+ $(AM_V_GEN)rm -f $@-t $@ && \ -+ { echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */' && \ -+ sed -e 's|@''INCLUDE_NEXT''@|$(INCLUDE_NEXT)|g' \ -+ -e 's|@''PRAGMA_SYSTEM_HEADER''@|@PRAGMA_SYSTEM_HEADER@|g' \ -+ -e 's|@''NEXT_SELINUX_SELINUX_H''@|$(NEXT_SELINUX_SELINUX_H)|g' \ -+ < $(srcdir)/se-selinux.in.h; \ -+ } > $@-t && \ -+ chmod a-x $@-t && \ -+ mv $@-t $@ -+MOSTLYCLEANFILES += selinux/selinux.h selinux/selinux.h-t -+ -+BUILT_SOURCES += $(SELINUX_CONTEXT_H) -+selinux/context.h: se-context.in.h -+ $(AM_V_at)$(MKDIR_P) selinux -+ $(AM_V_GEN)rm -f $@-t $@ && \ -+ cp $(srcdir)/se-context.in.h $@-t && \ -+ chmod a-x $@-t && \ -+ mv $@-t $@ -+MOSTLYCLEANFILES += selinux/context.h selinux/context.h-t -+MOSTLYCLEANDIRS += selinux -+ -+EXTRA_DIST += getfilecon.c -+ -+EXTRA_libgnulib_a_SOURCES += getfilecon.c -+ -+## end gnulib module selinux-h -+ - ## begin gnulib module setenv - - -Index: findutils-4.4.2/gnulib/lib/at-func.c -=================================================================== ---- findutils-4.4.2.orig/gnulib/lib/at-func.c -+++ findutils-4.4.2/gnulib/lib/at-func.c -@@ -1,5 +1,5 @@ - /* Define an at-style functions like fstatat, unlinkat, fchownat, etc. -- Copyright (C) 2006 Free Software Foundation, Inc. -+ Copyright (C) 2006, 2009 Free Software Foundation, Inc. - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by -@@ -16,62 +16,106 @@ - - /* written by Jim Meyering */ - --#define CALL_FUNC(F) \ -- (AT_FUNC_USE_F1_COND \ -+#include "dirname.h" /* solely for definition of IS_ABSOLUTE_FILE_NAME */ -+#include "openat.h" -+#include "openat-priv.h" -+#include "save-cwd.h" -+ -+#ifdef AT_FUNC_USE_F1_COND -+# define CALL_FUNC(F) \ -+ (flag == AT_FUNC_USE_F1_COND \ - ? AT_FUNC_F1 (F AT_FUNC_POST_FILE_ARGS) \ - : AT_FUNC_F2 (F AT_FUNC_POST_FILE_ARGS)) -- --/* Call AT_FUNC_F1 or AT_FUNC_F2 (testing AT_FUNC_USE_F1_COND to -- determine which) to operate on FILE, which is in the directory -- open on descriptor FD. If possible, do it without changing the -+# define VALIDATE_FLAG(F) \ -+ if (flag & ~AT_FUNC_USE_F1_COND) \ -+ { \ -+ errno = EINVAL; \ -+ return FUNC_FAIL; \ -+ } -+#else -+# define CALL_FUNC(F) (AT_FUNC_F1 (F AT_FUNC_POST_FILE_ARGS)) -+# define VALIDATE_FLAG(F) /* empty */ -+#endif -+ -+#ifdef AT_FUNC_RESULT -+# define FUNC_RESULT AT_FUNC_RESULT -+#else -+# define FUNC_RESULT int -+#endif -+ -+#ifdef AT_FUNC_FAIL -+# define FUNC_FAIL AT_FUNC_FAIL -+#else -+# define FUNC_FAIL -1 -+#endif -+ -+/* Call AT_FUNC_F1 to operate on FILE, which is in the directory -+ open on descriptor FD. If AT_FUNC_USE_F1_COND is defined to a value, -+ AT_FUNC_POST_FILE_PARAM_DECLS must inlude a parameter named flag; -+ call AT_FUNC_F2 if FLAG is 0 or fail if FLAG contains more bits than -+ AT_FUNC_USE_F1_COND. Return int and fail with -1 unless AT_FUNC_RESULT -+ or AT_FUNC_FAIL are defined. If possible, do it without changing the - working directory. Otherwise, resort to using save_cwd/fchdir, - then AT_FUNC_F?/restore_cwd. If either the save_cwd or the restore_cwd - fails, then give a diagnostic and exit nonzero. */ --int -+FUNC_RESULT - AT_FUNC_NAME (int fd, char const *file AT_FUNC_POST_FILE_PARAM_DECLS) - { -+ /* Be careful to choose names unlikely to conflict with -+ AT_FUNC_POST_FILE_PARAM_DECLS. */ - struct saved_cwd saved_cwd; - int saved_errno; -- int err; -+ FUNC_RESULT err; -+ -+ VALIDATE_FLAG (flag); - - if (fd == AT_FDCWD || IS_ABSOLUTE_FILE_NAME (file)) - return CALL_FUNC (file); - - { -- char buf[OPENAT_BUFFER_SIZE]; -- char *proc_file = openat_proc_name (buf, fd, file); -+ char proc_buf[OPENAT_BUFFER_SIZE]; -+ char *proc_file = openat_proc_name (proc_buf, fd, file); - if (proc_file) - { -- int proc_result = CALL_FUNC (proc_file); -- int proc_errno = errno; -- if (proc_file != buf) -- free (proc_file); -- /* If the syscall succeeds, or if it fails with an unexpected -- errno value, then return right away. Otherwise, fall through -- and resort to using save_cwd/restore_cwd. */ -- if (0 <= proc_result) -- return proc_result; -- if (! EXPECTED_ERRNO (proc_errno)) -- { -- errno = proc_errno; -- return proc_result; -- } -+ FUNC_RESULT proc_result = CALL_FUNC (proc_file); -+ int proc_errno = errno; -+ if (proc_file != proc_buf) -+ free (proc_file); -+ /* If the syscall succeeds, or if it fails with an unexpected -+ errno value, then return right away. Otherwise, fall through -+ and resort to using save_cwd/restore_cwd. */ -+ if (FUNC_FAIL != proc_result) -+ return proc_result; -+ if (! EXPECTED_ERRNO (proc_errno)) -+ { -+ errno = proc_errno; -+ return proc_result; -+ } - } - } - - if (save_cwd (&saved_cwd) != 0) - openat_save_fail (errno); -+ if (0 <= fd && fd == saved_cwd.desc) -+ { -+ /* If saving the working directory collides with the user's -+ requested fd, then the user's fd must have been closed to -+ begin with. */ -+ free_cwd (&saved_cwd); -+ errno = EBADF; -+ return FUNC_FAIL; -+ } - - if (fchdir (fd) != 0) - { - saved_errno = errno; - free_cwd (&saved_cwd); - errno = saved_errno; -- return -1; -+ return FUNC_FAIL; - } - - err = CALL_FUNC (file); -- saved_errno = (err < 0 ? errno : 0); -+ saved_errno = (err == FUNC_FAIL ? errno : 0); - - if (restore_cwd (&saved_cwd) != 0) - openat_restore_fail (errno); -@@ -83,3 +127,5 @@ AT_FUNC_NAME (int fd, char const *file A - return err; - } - #undef CALL_FUNC -+#undef FUNC_RESULT -+#undef FUNC_FAIL -Index: findutils-4.4.2/gnulib/lib/getfilecon.c -=================================================================== ---- /dev/null -+++ findutils-4.4.2/gnulib/lib/getfilecon.c -@@ -0,0 +1,87 @@ -+/* wrap getfilecon, lgetfilecon, and fgetfilecon -+ Copyright (C) 2009 Free Software Foundation, Inc. -+ -+ This program is free software; you can redistribute it and/or modify -+ it under the terms of the GNU General Public License as published by -+ the Free Software Foundation; either version 3, or (at your option) -+ any later version. -+ -+ This program is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ GNU General Public License for more details. -+ -+ You should have received a copy of the GNU General Public License -+ along with this program; if not, write to the Free Software Foundation, -+ Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ -+ -+/* written by Jim Meyering */ -+ -+#include -+ -+#include -+ -+#include -+#include -+#include -+ -+/* FIXME: remove this once there is an errno-gnu module -+ that guarantees the definition of ENODATA. */ -+#ifndef ENODATA -+# define ENODATA ENOTSUP -+#endif -+ -+#undef getfilecon -+#undef lgetfilecon -+#undef fgetfilecon -+int getfilecon (char const *file, security_context_t *con); -+int lgetfilecon (char const *file, security_context_t *con); -+int fgetfilecon (int fd, security_context_t *con); -+ -+/* getfilecon, lgetfilecon, and fgetfilecon can all misbehave, be it -+ via an old version of libselinux where these would return 0 and set the -+ result context to NULL, or via a modern kernel+lib operating on a file -+ from a disk whose attributes were set by a kernel from around 2006. -+ In that latter case, the functions return a length of 10 for the -+ "unlabeled" context. Map both failures to a return value of -1, and -+ set errno to ENOTSUP in the first case, and ENODATA in the latter. */ -+ -+static inline int -+map_to_failure (int ret, security_context_t *con) -+{ -+ if (ret == 0) -+ { -+ errno = ENOTSUP; -+ return -1; -+ } -+ -+ if (ret == 10 && strcmp (*con, "unlabeled") == 0) -+ { -+ freecon (*con); -+ errno = ENODATA; -+ return -1; -+ } -+ -+ return ret; -+} -+ -+int -+rpl_getfilecon (char const *file, security_context_t *con) -+{ -+ int ret = getfilecon (file, con); -+ return map_to_failure (ret, con); -+} -+ -+int -+rpl_lgetfilecon (char const *file, security_context_t *con) -+{ -+ int ret = lgetfilecon (file, con); -+ return map_to_failure (ret, con); -+} -+ -+int -+rpl_fgetfilecon (int fd, security_context_t *con) -+{ -+ int ret = fgetfilecon (fd, con); -+ return map_to_failure (ret, con); -+} -Index: findutils-4.4.2/gnulib/lib/openat.c -=================================================================== ---- findutils-4.4.2.orig/gnulib/lib/openat.c -+++ findutils-4.4.2/gnulib/lib/openat.c -@@ -1,5 +1,5 @@ - /* provide a replacement openat function -- Copyright (C) 2004, 2005, 2006, 2007 Free Software Foundation, Inc. -+ Copyright (C) 2004-2009 Free Software Foundation, Inc. - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by -@@ -22,13 +22,108 @@ - - #include - #include -+#include -+#include - - #include "dirname.h" /* solely for definition of IS_ABSOLUTE_FILE_NAME */ --#include "fcntl--.h" --#include "lstat.h" - #include "openat-priv.h" - #include "save-cwd.h" - -+#if HAVE_OPENAT -+ -+# undef openat -+ -+/* Like openat, but work around Solaris 9 bugs with trailing slash. */ -+int -+rpl_openat (int dfd, char const *filename, int flags, ...) -+{ -+ mode_t mode; -+ int fd; -+ -+ mode = 0; -+ if (flags & O_CREAT) -+ { -+ va_list arg; -+ va_start (arg, flags); -+ -+ /* We have to use PROMOTED_MODE_T instead of mode_t, otherwise GCC 4 -+ creates crashing code when 'mode_t' is smaller than 'int'. */ -+ mode = va_arg (arg, PROMOTED_MODE_T); -+ -+ va_end (arg); -+ } -+ -+#if OPEN_TRAILING_SLASH_BUG -+ /* If the filename ends in a slash and one of O_CREAT, O_WRONLY, O_RDWR -+ is specified, then fail. -+ Rationale: POSIX -+ says that -+ "A pathname that contains at least one non-slash character and that -+ ends with one or more trailing slashes shall be resolved as if a -+ single dot character ( '.' ) were appended to the pathname." -+ and -+ "The special filename dot shall refer to the directory specified by -+ its predecessor." -+ If the named file already exists as a directory, then -+ - if O_CREAT is specified, open() must fail because of the semantics -+ of O_CREAT, -+ - if O_WRONLY or O_RDWR is specified, open() must fail because POSIX -+ says that it -+ fails with errno = EISDIR in this case. -+ If the named file does not exist or does not name a directory, then -+ - if O_CREAT is specified, open() must fail since open() cannot create -+ directories, -+ - if O_WRONLY or O_RDWR is specified, open() must fail because the -+ file does not contain a '.' directory. */ -+ if (flags & (O_CREAT | O_WRONLY | O_RDWR)) -+ { -+ size_t len = strlen (filename); -+ if (len > 0 && filename[len - 1] == '/') -+ { -+ errno = EISDIR; -+ return -1; -+ } -+ } -+#endif -+ -+ fd = openat (dfd, filename, flags, mode); -+ -+#if OPEN_TRAILING_SLASH_BUG -+ /* If the filename ends in a slash and fd does not refer to a directory, -+ then fail. -+ Rationale: POSIX -+ says that -+ "A pathname that contains at least one non-slash character and that -+ ends with one or more trailing slashes shall be resolved as if a -+ single dot character ( '.' ) were appended to the pathname." -+ and -+ "The special filename dot shall refer to the directory specified by -+ its predecessor." -+ If the named file without the slash is not a directory, open() must fail -+ with ENOTDIR. */ -+ if (fd >= 0) -+ { -+ /* We know len is positive, since open did not fail with ENOENT. */ -+ size_t len = strlen (filename); -+ if (filename[len - 1] == '/') -+ { -+ struct stat statbuf; -+ -+ if (fstat (fd, &statbuf) >= 0 && !S_ISDIR (statbuf.st_mode)) -+ { -+ close (fd); -+ errno = ENOTDIR; -+ return -1; -+ } -+ } -+ } -+#endif -+ -+ return fd; -+} -+ -+#else /* !HAVE_OPENAT */ -+ - /* Replacement for Solaris' openat function. - - First, try to simulate it via open ("/proc/self/fd/FD/FILE"). -@@ -47,12 +142,9 @@ openat (int fd, char const *file, int fl - va_list arg; - va_start (arg, flags); - -- /* If mode_t is narrower than int, use the promoted type (int), -- not mode_t. Use sizeof to guess whether mode_t is narrower; -- we don't know of any practical counterexamples. */ -- mode = (sizeof (mode_t) < sizeof (int) -- ? va_arg (arg, int) -- : va_arg (arg, mode_t)); -+ /* We have to use PROMOTED_MODE_T instead of mode_t, otherwise GCC 4 -+ creates crashing code when 'mode_t' is smaller than 'int'. */ -+ mode = va_arg (arg, PROMOTED_MODE_T); - - va_end (arg); - } -@@ -73,7 +165,7 @@ openat (int fd, char const *file, int fl - - int - openat_permissive (int fd, char const *file, int flags, mode_t mode, -- int *cwd_errno) -+ int *cwd_errno) - { - struct saved_cwd saved_cwd; - int saved_errno; -@@ -88,18 +180,18 @@ openat_permissive (int fd, char const *f - char *proc_file = openat_proc_name (buf, fd, file); - if (proc_file) - { -- int open_result = open (proc_file, flags, mode); -- int open_errno = errno; -- if (proc_file != buf) -- free (proc_file); -- /* If the syscall succeeds, or if it fails with an unexpected -- errno value, then return right away. Otherwise, fall through -- and resort to using save_cwd/restore_cwd. */ -- if (0 <= open_result || ! EXPECTED_ERRNO (open_errno)) -- { -- errno = open_errno; -- return open_result; -- } -+ int open_result = open (proc_file, flags, mode); -+ int open_errno = errno; -+ if (proc_file != buf) -+ free (proc_file); -+ /* If the syscall succeeds, or if it fails with an unexpected -+ errno value, then return right away. Otherwise, fall through -+ and resort to using save_cwd/restore_cwd. */ -+ if (0 <= open_result || ! EXPECTED_ERRNO (open_errno)) -+ { -+ errno = open_errno; -+ return open_result; -+ } - } - } - -@@ -107,9 +199,18 @@ openat_permissive (int fd, char const *f - if (! save_ok) - { - if (! cwd_errno) -- openat_save_fail (errno); -+ openat_save_fail (errno); - *cwd_errno = errno; - } -+ if (0 <= fd && fd == saved_cwd.desc) -+ { -+ /* If saving the working directory collides with the user's -+ requested fd, then the user's fd must have been closed to -+ begin with. */ -+ free_cwd (&saved_cwd); -+ errno = EBADF; -+ return -1; -+ } - - err = fchdir (fd); - saved_errno = errno; -@@ -119,11 +220,17 @@ openat_permissive (int fd, char const *f - err = open (file, flags, mode); - saved_errno = errno; - if (save_ok && restore_cwd (&saved_cwd) != 0) -- { -- if (! cwd_errno) -- openat_restore_fail (errno); -- *cwd_errno = errno; -- } -+ { -+ if (! cwd_errno) -+ { -+ /* Don't write a message to just-created fd 2. */ -+ saved_errno = errno; -+ if (err == STDERR_FILENO) -+ close (err); -+ openat_restore_fail (saved_errno); -+ } -+ *cwd_errno = errno; -+ } - } - - free_cwd (&saved_cwd); -@@ -144,125 +251,15 @@ openat_needs_fchdir (void) - char buf[OPENAT_BUFFER_SIZE]; - char *proc_file = openat_proc_name (buf, fd, "."); - if (proc_file) -- { -- needs_fchdir = false; -- if (proc_file != buf) -- free (proc_file); -- } -+ { -+ needs_fchdir = false; -+ if (proc_file != buf) -+ free (proc_file); -+ } - close (fd); - } - - return needs_fchdir; - } - --#if !HAVE_FDOPENDIR -- --/* Replacement for Solaris' function by the same name. -- -- First, try to simulate it via opendir ("/proc/self/fd/FD"). Failing -- that, simulate it by doing save_cwd/fchdir/opendir(".")/restore_cwd. -- If either the save_cwd or the restore_cwd fails (relatively unlikely), -- then give a diagnostic and exit nonzero. -- Otherwise, this function works just like Solaris' fdopendir. -- -- W A R N I N G: -- Unlike the other fd-related functions here, this one -- effectively consumes its FD parameter. The caller should not -- close or otherwise manipulate FD if this function returns successfully. */ --DIR * --fdopendir (int fd) --{ -- struct saved_cwd saved_cwd; -- int saved_errno; -- DIR *dir; -- -- char buf[OPENAT_BUFFER_SIZE]; -- char *proc_file = openat_proc_name (buf, fd, "."); -- if (proc_file) -- { -- dir = opendir (proc_file); -- saved_errno = errno; -- } -- else -- { -- dir = NULL; -- saved_errno = EOPNOTSUPP; -- } -- -- /* If the syscall fails with an expected errno value, resort to -- save_cwd/restore_cwd. */ -- if (! dir && EXPECTED_ERRNO (saved_errno)) -- { -- if (save_cwd (&saved_cwd) != 0) -- openat_save_fail (errno); -- -- if (fchdir (fd) != 0) -- { -- dir = NULL; -- saved_errno = errno; -- } -- else -- { -- dir = opendir ("."); -- saved_errno = errno; -- -- if (restore_cwd (&saved_cwd) != 0) -- openat_restore_fail (errno); -- } -- -- free_cwd (&saved_cwd); -- } -- -- if (dir) -- close (fd); -- if (proc_file != buf) -- free (proc_file); -- errno = saved_errno; -- return dir; --} -- --#endif -- --/* Replacement for Solaris' function by the same name. -- -- First, try to simulate it via l?stat ("/proc/self/fd/FD/FILE"). -- Failing that, simulate it via save_cwd/fchdir/(stat|lstat)/restore_cwd. -- If either the save_cwd or the restore_cwd fails (relatively unlikely), -- then give a diagnostic and exit nonzero. -- Otherwise, this function works just like Solaris' fstatat. */ -- --#define AT_FUNC_NAME fstatat --#define AT_FUNC_F1 lstat --#define AT_FUNC_F2 stat --#define AT_FUNC_USE_F1_COND flag == AT_SYMLINK_NOFOLLOW --#define AT_FUNC_POST_FILE_PARAM_DECLS , struct stat *st, int flag --#define AT_FUNC_POST_FILE_ARGS , st --#include "at-func.c" --#undef AT_FUNC_NAME --#undef AT_FUNC_F1 --#undef AT_FUNC_F2 --#undef AT_FUNC_USE_F1_COND --#undef AT_FUNC_POST_FILE_PARAM_DECLS --#undef AT_FUNC_POST_FILE_ARGS -- --/* Replacement for Solaris' function by the same name. -- -- First, try to simulate it via (unlink|rmdir) ("/proc/self/fd/FD/FILE"). -- Failing that, simulate it via save_cwd/fchdir/(unlink|rmdir)/restore_cwd. -- If either the save_cwd or the restore_cwd fails (relatively unlikely), -- then give a diagnostic and exit nonzero. -- Otherwise, this function works just like Solaris' unlinkat. */ -- --#define AT_FUNC_NAME unlinkat --#define AT_FUNC_F1 rmdir --#define AT_FUNC_F2 unlink --#define AT_FUNC_USE_F1_COND flag == AT_REMOVEDIR --#define AT_FUNC_POST_FILE_PARAM_DECLS , int flag --#define AT_FUNC_POST_FILE_ARGS /* empty */ --#include "at-func.c" --#undef AT_FUNC_NAME --#undef AT_FUNC_F1 --#undef AT_FUNC_F2 --#undef AT_FUNC_USE_F1_COND --#undef AT_FUNC_POST_FILE_PARAM_DECLS --#undef AT_FUNC_POST_FILE_ARGS -+#endif /* !HAVE_OPENAT */ -Index: findutils-4.4.2/gnulib/lib/openat.h -=================================================================== ---- findutils-4.4.2.orig/gnulib/lib/openat.h -+++ findutils-4.4.2/gnulib/lib/openat.h -@@ -1,5 +1,5 @@ - /* provide a replacement openat function -- Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc. -+ Copyright (C) 2004-2006, 2008-2009 Free Software Foundation, Inc. - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by -@@ -16,6 +16,9 @@ - - /* written by Jim Meyering */ - -+#ifndef _GL_HEADER_OPENAT -+#define _GL_HEADER_OPENAT -+ - #include - - #include -@@ -25,7 +28,7 @@ - #include - - #ifndef __attribute__ --# if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 8) || __STRICT_ANSI__ -+# if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 8) - # define __attribute__(x) /* empty */ - # endif - #endif -@@ -34,46 +37,10 @@ - # define ATTRIBUTE_NORETURN __attribute__ ((__noreturn__)) - #endif - --/* Work around a bug in Solaris 9 and 10: AT_FDCWD is positive. Its -- value exceeds INT_MAX, so its use as an int doesn't conform to the -- C standard, and GCC and Sun C complain in some cases. If the bug -- is present, undef AT_FDCWD here, so it can be redefined below. */ --#if 0 < AT_FDCWD && AT_FDCWD == 0xffd19553 --# undef AT_FDCWD --#endif -- --/* Use the same bit pattern as Solaris 9, but with the proper -- signedness. The bit pattern is important, in case this actually is -- Solaris with the above workaround. */ --#ifndef AT_FDCWD --# define AT_FDCWD (-3041965) --#endif -- --/* Use the same values as Solaris 9. This shouldn't matter, but -- there's no real reason to differ. */ --#ifndef AT_SYMLINK_NOFOLLOW --# define AT_SYMLINK_NOFOLLOW 4096 --# define AT_REMOVEDIR 1 --#endif -- --#ifdef __OPENAT_PREFIX -+#if !HAVE_OPENAT - --# undef openat --# define __OPENAT_CONCAT(x, y) x ## y --# define __OPENAT_XCONCAT(x, y) __OPENAT_CONCAT (x, y) --# define __OPENAT_ID(y) __OPENAT_XCONCAT (__OPENAT_PREFIX, y) --# define openat __OPENAT_ID (openat) --int openat (int fd, char const *file, int flags, /* mode_t mode */ ...); - int openat_permissive (int fd, char const *file, int flags, mode_t mode, - int *cwd_errno); --# if ! HAVE_FDOPENDIR --# define fdopendir __OPENAT_ID (fdopendir) --# endif --DIR *fdopendir (int fd); --# define fstatat __OPENAT_ID (fstatat) --int fstatat (int fd, char const *file, struct stat *st, int flag); --# define unlinkat __OPENAT_ID (unlinkat) --int unlinkat (int fd, char const *file, int flag); - bool openat_needs_fchdir (void); - - #else -@@ -84,19 +51,8 @@ bool openat_needs_fchdir (void); - - #endif - --#if HAVE_OPENAT && ! LSTAT_FOLLOWS_SLASHED_SYMLINK --int rpl_fstatat (int fd, char const *file, struct stat *st, int flag); --# if !COMPILING_FSTATAT --# undef fstatat --# define fstatat rpl_fstatat --# endif --#endif -- --int mkdirat (int fd, char const *file, mode_t mode); - void openat_restore_fail (int) ATTRIBUTE_NORETURN; - void openat_save_fail (int) ATTRIBUTE_NORETURN; --int fchmodat (int fd, char const *file, mode_t mode, int flag); --int fchownat (int fd, char const *file, uid_t owner, gid_t group, int flag); - - /* Using these function names makes application code - slightly more readable than it would be with -@@ -124,3 +80,35 @@ lchmodat (int fd, char const *file, mode - { - return fchmodat (fd, file, mode, AT_SYMLINK_NOFOLLOW); - } -+ -+static inline int -+statat (int fd, char const *name, struct stat *st) -+{ -+ return fstatat (fd, name, st, 0); -+} -+ -+static inline int -+lstatat (int fd, char const *name, struct stat *st) -+{ -+ return fstatat (fd, name, st, AT_SYMLINK_NOFOLLOW); -+} -+ -+#if GNULIB_FACCESSAT -+/* For now, there are no wrappers named laccessat or leuidaccessat, -+ since gnulib doesn't support faccessat(,AT_SYMLINK_NOFOLLOW) and -+ since access rights on symlinks are of limited utility. */ -+ -+static inline int -+accessat (int fd, char const *file, int mode) -+{ -+ return faccessat (fd, file, mode, 0); -+} -+ -+static inline int -+euidaccessat (int fd, char const *file, int mode) -+{ -+ return faccessat (fd, file, mode, AT_EACCESS); -+} -+#endif -+ -+#endif /* _GL_HEADER_OPENAT */ -Index: findutils-4.4.2/gnulib/lib/se-selinux.in.h -=================================================================== ---- /dev/null -+++ findutils-4.4.2/gnulib/lib/se-selinux.in.h -@@ -0,0 +1,73 @@ -+#ifndef _GL_SELINUX_SELINUX_H -+# define _GL_SELINUX_SELINUX_H -+ -+# if __GNUC__ >= 3 -+#pragma GCC system_header -+# endif -+ -+# if HAVE_SELINUX_SELINUX_H -+ -+#@INCLUDE_NEXT@ @NEXT_SELINUX_SELINUX_H@ -+ -+# else -+ -+# include -+# include -+ -+typedef unsigned short security_class_t; -+# define security_context_t char* -+# define is_selinux_enabled() 0 -+ -+static inline int getcon (security_context_t *con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline void freecon (security_context_t con _UNUSED_PARAMETER_) {} -+ -+ -+static inline int getfscreatecon (security_context_t *con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline int setfscreatecon (security_context_t con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline int matchpathcon (char const *file _UNUSED_PARAMETER_, -+ mode_t m _UNUSED_PARAMETER_, -+ security_context_t *con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline int getfilecon (char const *file _UNUSED_PARAMETER_, -+ security_context_t *con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline int lgetfilecon (char const *file _UNUSED_PARAMETER_, -+ security_context_t *con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline int fgetfilecon (int fd, -+ security_context_t *con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline int setfilecon (char const *file _UNUSED_PARAMETER_, -+ security_context_t con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline int lsetfilecon (char const *file _UNUSED_PARAMETER_, -+ security_context_t con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline int fsetfilecon (int fd _UNUSED_PARAMETER_, -+ security_context_t con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+ -+static inline int security_check_context -+ (security_context_t con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline int security_check_context_raw -+ (security_context_t con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline int setexeccon (security_context_t con _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline int security_compute_create -+ (security_context_t scon _UNUSED_PARAMETER_, -+ security_context_t tcon _UNUSED_PARAMETER_, -+ security_class_t tclass _UNUSED_PARAMETER_, -+ security_context_t *newcon _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+static inline int matchpathcon_init_prefix -+ (char const *path _UNUSED_PARAMETER_, -+ char const *prefix _UNUSED_PARAMETER_) -+ { errno = ENOTSUP; return -1; } -+ -+# endif -+#endif /* _GL_SELINUX_SELINUX_H */ -Index: findutils-4.4.2/gnulib/lib/selinux-at.c -=================================================================== ---- /dev/null -+++ findutils-4.4.2/gnulib/lib/selinux-at.c -@@ -0,0 +1,72 @@ -+/* openat-style fd-relative functions for SE Linux -+ Copyright (C) 2007, 2009 Free Software Foundation, Inc. -+ -+ This program is free software: you can redistribute it and/or modify -+ it under the terms of the GNU General Public License as published by -+ the Free Software Foundation, either version 3 of the License, or -+ (at your option) any later version. -+ -+ This program is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ GNU General Public License for more details. -+ -+ You should have received a copy of the GNU General Public License -+ along with this program. If not, see . */ -+ -+/* written by Jim Meyering */ -+ -+#include -+ -+#include "selinux-at.h" -+#include "openat.h" -+ -+#include -+#include -+#include -+#include -+ -+#include "dirname.h" /* solely for definition of IS_ABSOLUTE_FILE_NAME */ -+#include "save-cwd.h" -+ -+#include "openat-priv.h" -+ -+#define AT_FUNC_NAME getfileconat -+#define AT_FUNC_F1 getfilecon -+#define AT_FUNC_POST_FILE_PARAM_DECLS , security_context_t *con -+#define AT_FUNC_POST_FILE_ARGS , con -+#include "at-func.c" -+#undef AT_FUNC_NAME -+#undef AT_FUNC_F1 -+#undef AT_FUNC_POST_FILE_PARAM_DECLS -+#undef AT_FUNC_POST_FILE_ARGS -+ -+#define AT_FUNC_NAME lgetfileconat -+#define AT_FUNC_F1 lgetfilecon -+#define AT_FUNC_POST_FILE_PARAM_DECLS , security_context_t *con -+#define AT_FUNC_POST_FILE_ARGS , con -+#include "at-func.c" -+#undef AT_FUNC_NAME -+#undef AT_FUNC_F1 -+#undef AT_FUNC_POST_FILE_PARAM_DECLS -+#undef AT_FUNC_POST_FILE_ARGS -+ -+#define AT_FUNC_NAME setfileconat -+#define AT_FUNC_F1 setfilecon -+#define AT_FUNC_POST_FILE_PARAM_DECLS , security_context_t con -+#define AT_FUNC_POST_FILE_ARGS , con -+#include "at-func.c" -+#undef AT_FUNC_NAME -+#undef AT_FUNC_F1 -+#undef AT_FUNC_POST_FILE_PARAM_DECLS -+#undef AT_FUNC_POST_FILE_ARGS -+ -+#define AT_FUNC_NAME lsetfileconat -+#define AT_FUNC_F1 lsetfilecon -+#define AT_FUNC_POST_FILE_PARAM_DECLS , security_context_t con -+#define AT_FUNC_POST_FILE_ARGS , con -+#include "at-func.c" -+#undef AT_FUNC_NAME -+#undef AT_FUNC_F1 -+#undef AT_FUNC_POST_FILE_PARAM_DECLS -+#undef AT_FUNC_POST_FILE_ARGS -Index: findutils-4.4.2/gnulib/lib/selinux-at.h -=================================================================== ---- /dev/null -+++ findutils-4.4.2/gnulib/lib/selinux-at.h -@@ -0,0 +1,52 @@ -+/* Prototypes for openat-style fd-relative SELinux functions -+ Copyright (C) 2007, 2009 Free Software Foundation, Inc. -+ -+ This program is free software: you can redistribute it and/or modify -+ it under the terms of the GNU General Public License as published by -+ the Free Software Foundation, either version 3 of the License, or -+ (at your option) any later version. -+ -+ This program is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ GNU General Public License for more details. -+ -+ You should have received a copy of the GNU General Public License -+ along with this program. If not, see . */ -+ -+#include -+#include -+ -+/* These are the dir-fd-relative variants of the functions without the -+ "at" suffix. For example, getfileconat (AT_FDCWD, file, &c) is usually -+ equivalent to getfilecon (file, &c). The emulation is accomplished -+ by first attempting getfilecon ("/proc/self/fd/DIR_FD/FILE", &c). -+ Failing that, simulate it via save_cwd/fchdir/getfilecon/restore_cwd. -+ If either the save_cwd or the restore_cwd fails (relatively unlikely), -+ then give a diagnostic and exit nonzero. */ -+ -+/* dir-fd-relative getfilecon. Set *CON to the SELinux security context -+ of the file specified by DIR_FD and FILE and return the length of *CON. -+ DIR_FD and FILE are interpreted as for fstatat[*]. A non-NULL *CON -+ must be freed with freecon. Upon error, set *CON to NULL, set errno -+ and return -1. -+ [*] with flags=0 here, with flags=AT_SYMLINK_NOFOLLOW for lgetfileconat */ -+int getfileconat (int dir_fd, char const *file, security_context_t *con); -+ -+/* dir-fd-relative lgetfilecon. This function is just like getfileconat, -+ except when DIR_FD and FILE specify a symlink: lgetfileconat operates on -+ the symlink, while getfileconat operates on the referent of the symlink. */ -+int lgetfileconat (int dir_fd, char const *file, security_context_t *con); -+ -+/* dir-fd-relative setfilecon. Set the SELinux security context of -+ the file specified by DIR_FD and FILE to CON. DIR_FD and FILE are -+ interpreted as for fstatat[*]. Upon success, return 0. -+ Otherwise, return -1 and set errno. */ -+int setfileconat (int dir_fd, char const *file, security_context_t con); -+ -+/* dir-fd-relative lsetfilecon. This function is just like setfileconat, -+ except that rather than dereferencing a symlink, this function affects it. */ -+/* dir-fd-relative lsetfilecon. This function is just like setfileconat, -+ except when DIR_FD and FILE specify a symlink: lsetfileconat operates on -+ the symlink, while setfileconat operates on the referent of the symlink. */ -+int lsetfileconat (int dir_fd, char const *file, security_context_t con); -Index: findutils-4.4.2/gnulib/m4/gnulib-comp.m4 -=================================================================== ---- findutils-4.4.2.orig/gnulib/m4/gnulib-comp.m4 -+++ findutils-4.4.2/gnulib/m4/gnulib-comp.m4 -@@ -165,6 +165,11 @@ AC_DEFUN([gl_INIT], - gl_SAME - gl_SAVE_CWD - gl_SAVEDIR -+ AC_CHECK_HEADERS([selinux/flask.h]) -+ AC_LIBOBJ([selinux-at]) -+ gl_HEADERS_SELINUX_SELINUX_H -+ gl_HEADERS_SELINUX_CONTEXT_H -+ AC_REQUIRE([AC_C_INLINE]) - gl_FUNC_SETENV - gl_FUNC_UNSETENV - gt_TYPE_SSIZE_T -@@ -425,6 +430,7 @@ AC_DEFUN([gl_FILE_LIST], [ - lib/getdate.h - lib/getdate.y - lib/getdelim.c -+ lib/getfilecon.c - lib/getline.c - lib/getopt.c - lib/getopt.in.h -@@ -506,6 +512,10 @@ AC_DEFUN([gl_FILE_LIST], [ - lib/save-cwd.h - lib/savedir.c - lib/savedir.h -+ lib/se-context.in.h -+ lib/se-selinux.in.h -+ lib/selinux-at.c -+ lib/selinux-at.h - lib/setenv.c - lib/setenv.h - lib/stat-macros.h -@@ -688,6 +698,8 @@ AC_DEFUN([gl_FILE_LIST], [ - m4/same.m4 - m4/save-cwd.m4 - m4/savedir.m4 -+ m4/selinux-context-h.m4 -+ m4/selinux-selinux-h.m4 - m4/setenv.m4 - m4/size_max.m4 - m4/ssize_t.m4 -Index: findutils-4.4.2/gnulib/m4/selinux-context-h.m4 -=================================================================== ---- /dev/null -+++ findutils-4.4.2/gnulib/m4/selinux-context-h.m4 -@@ -0,0 +1,16 @@ -+# serial 1 -*- Autoconf -*- -+# Copyright (C) 2006, 2007 Free Software Foundation, Inc. -+# This file is free software; the Free Software Foundation -+# gives unlimited permission to copy and/or distribute it, -+# with or without modifications, as long as this notice is preserved. -+ -+# From Jim Meyering -+# Provide , if necessary. -+ -+AC_DEFUN([gl_HEADERS_SELINUX_CONTEXT_H], -+[ -+ AC_CHECK_HEADERS([selinux/context.h], -+ [SELINUX_CONTEXT_H=], -+ [SELINUX_CONTEXT_H=selinux/context.h]) -+ AC_SUBST([SELINUX_CONTEXT_H]) -+]) -Index: findutils-4.4.2/gnulib/m4/selinux-selinux-h.m4 -=================================================================== ---- /dev/null -+++ findutils-4.4.2/gnulib/m4/selinux-selinux-h.m4 -@@ -0,0 +1,57 @@ -+# serial 3 -*- Autoconf -*- -+# Copyright (C) 2006, 2007, 2009 Free Software Foundation, Inc. -+# This file is free software; the Free Software Foundation -+# gives unlimited permission to copy and/or distribute it, -+# with or without modifications, as long as this notice is preserved. -+ -+# From Jim Meyering -+# Provide , if necessary. -+# If it is already present, provide wrapper functions to guard against -+# misbehavior from getfilecon, lgetfilecon, and fgetfilecon. -+ -+AC_DEFUN([gl_HEADERS_SELINUX_SELINUX_H], -+[ -+ AC_REQUIRE([gl_LIBSELINUX]) -+ AC_CHECK_HEADERS([selinux/selinux.h]) -+ -+ if test "$ac_cv_header_selinux_selinux_h" = yes; then -+ # We do have , so do compile getfilecon.c -+ # and arrange to use its wrappers. -+ AC_LIBOBJ([getfilecon]) -+ gl_CHECK_NEXT_HEADERS([selinux/selinux.h]) -+ AC_DEFINE([getfilecon], [rpl_getfilecon], -+ [Always use our getfilecon wrapper.]) -+ AC_DEFINE([lgetfilecon], [rpl_lgetfilecon], -+ [Always use our lgetfilecon wrapper.]) -+ AC_DEFINE([fgetfilecon], [rpl_fgetfilecon], -+ [Always use our fgetfilecon wrapper.]) -+ fi -+ -+ case "$ac_cv_search_setfilecon:$ac_cv_header_selinux_selinux_h" in -+ no:*) # already warned -+ ;; -+ *:no) -+ AC_MSG_WARN([libselinux was found but selinux/selinux.h is missing.]) -+ AC_MSG_WARN([AC_PACKAGE_NAME will be compiled without SELinux support.]) -+ esac -+]) -+ -+AC_DEFUN([gl_LIBSELINUX], -+[ -+ AC_REQUIRE([AC_CANONICAL_HOST]) -+ AC_REQUIRE([AC_CANONICAL_BUILD]) -+ LIB_SELINUX= -+ gl_save_LIBS=$LIBS -+ AC_SEARCH_LIBS([setfilecon], [selinux], -+ [test "$ac_cv_search_setfilecon" = "none required" || -+ LIB_SELINUX=$ac_cv_search_setfilecon]) -+ AC_SUBST([LIB_SELINUX]) -+ LIBS=$gl_save_LIBS -+ -+ # Warn if SELinux is found but libselinux is absent; -+ if test "$ac_cv_search_setfilecon" = no && -+ test "$host" = "$build" && test -d /selinux; then -+ AC_MSG_WARN([This system supports SELinux but libselinux is missing.]) -+ AC_MSG_WARN([AC_PACKAGE_NAME will be compiled without SELinux support.]) -+ fi -+]) diff --git a/findutils-4.4.2-selinux.patch b/findutils-4.4.2-selinux.patch deleted file mode 100644 index 948fefe..0000000 --- a/findutils-4.4.2-selinux.patch +++ /dev/null @@ -1,445 +0,0 @@ -Index: findutils-4.4.2/NEWS -=================================================================== ---- findutils-4.4.2.orig/NEWS -+++ findutils-4.4.2/NEWS -@@ -1,5 +1,11 @@ - GNU findutils NEWS - User visible changes. -*- outline -*- (allout) - -+* Major changes in release 4.4.2, 2009-11-26 -+ -+** Functional Enhancements to find -+ -+patch #4848: Patch - Support for SELinux -+ - * Major changes in release 4.4.2, 2009-05-16 - - ** Bug Fixes -Index: findutils-4.4.2/doc/find.texi -=================================================================== ---- findutils-4.4.2.orig/doc/find.texi -+++ findutils-4.4.2/doc/find.texi -@@ -1242,6 +1242,14 @@ situation. - - @end deffn - -+@deffn Test -context pattern -+True if file's SELinux context matches the pattern @var{pattern}. -+The pattern uses shell glob matching. -+ -+This predicate is supported only on @code{find} versions compiled with -+SELinux support and only when SELinux is enabled. -+@end deffn -+ - @node Contents - @section Contents - -@@ -1737,6 +1745,7 @@ from the novel you are reading. - * Size Directives:: - * Location Directives:: - * Time Directives:: -+* Other Directives:: - * Formatting Flags:: - @end menu - -@@ -1894,6 +1903,14 @@ File's last modification time in the for - (@pxref{Time Formats}). - @end table - -+@node Other Directives -+@subsubsection Other Directives -+ -+@table @code -+@item %Z -+File's SELinux context, or empty string if the file has no SELinux context. -+@end table -+ - @node Time Formats - @subsection Time Formats - -Index: findutils-4.4.2/find/Makefile.am -=================================================================== ---- findutils-4.4.2.orig/find/Makefile.am -+++ findutils-4.4.2/find/Makefile.am -@@ -26,7 +26,7 @@ endif - - EXTRA_DIST = defs.h $(man_MANS) - INCLUDES = -I../gnulib/lib -I$(top_srcdir)/lib -I$(top_srcdir)/gnulib/lib -I../intl -DLOCALEDIR=\"$(localedir)\" --LDADD = ./libfindtools.a ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@ @LIB_CLOCK_GETTIME@ @FINDLIBS@ -+LDADD = ./libfindtools.a ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@ @LIB_CLOCK_GETTIME@ @FINDLIBS@ @LIB_SELINUX@ - man_MANS = find.1 - SUBDIRS = . testsuite - -Index: findutils-4.4.2/find/defs.h -=================================================================== ---- findutils-4.4.2.orig/find/defs.h -+++ findutils-4.4.2/find/defs.h -@@ -48,6 +48,7 @@ Please stop compiling the program now - #include /* for bool/boolean */ - #include /* for uintmax_t */ - #include /* S_ISUID etc. */ -+#include - - - -@@ -315,6 +316,7 @@ struct predicate - struct samefile_file_id samefileid; /* samefile */ - mode_t type; /* type */ - struct format_val printf_vec; /* printf fprintf fprint ls fls print0 fprint0 print */ -+ security_context_t scontext; /* security context */ - } args; - - /* The next predicate in the user input sequence, -@@ -459,6 +461,7 @@ PREDICATEFUNCTION pred_used; - PREDICATEFUNCTION pred_user; - PREDICATEFUNCTION pred_writable; - PREDICATEFUNCTION pred_xtype; -+PREDICATEFUNCTION pred_context; - - - -@@ -604,6 +607,9 @@ struct options - */ - int regex_options; - -+ /* function used to get file context */ -+ int (*x_getfilecon) (int, const char *, security_context_t *); -+ - /* Optimisation level. One is the default. - */ - unsigned short optimisation_level; -Index: findutils-4.4.2/find/find.1 -=================================================================== ---- findutils-4.4.2.orig/find/find.1 -+++ findutils-4.4.2/find/find.1 -@@ -936,6 +936,8 @@ if \fIc\fR is `l'. In other words, for - checks the type of the file that - .B \-type - does not check. -+.IP "\-context \fIpattern\fR" -+(SELinux only) Security context of the file matches glob \fIpattern\fR. - - .SS ACTIONS - .IP "\-delete\fR" -@@ -1357,6 +1359,8 @@ File's type (like in - U=unknown type (shouldn't happen) - .IP %Y - File's type (like %y), plus follow symlinks: L=loop, N=nonexistent -+.IP %Z -+(SELinux only) file's security context. - .PP - A `%' character followed by any other character is discarded, but the - other character is printed (don't rely on this, as further format -Index: findutils-4.4.2/find/parser.c -=================================================================== ---- findutils-4.4.2.orig/find/parser.c -+++ findutils-4.4.2/find/parser.c -@@ -53,6 +53,8 @@ - #include - #include - -+#include "selinux-at.h" -+ - #if ENABLE_NLS - # include - # define _(Text) gettext (Text) -@@ -156,6 +158,7 @@ static boolean parse_noignore_race PARAM - static boolean parse_warn PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); - static boolean parse_xtype PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); - static boolean parse_quit PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); -+static boolean parse_context PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); - - boolean parse_print PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); - -@@ -252,6 +255,7 @@ static struct parser_table const parse_t - PARSE_TEST ("cmin", cmin), /* GNU */ - PARSE_TEST ("cnewer", cnewer), /* GNU */ - {ARG_TEST, "ctime", parse_time, pred_ctime}, /* POSIX */ -+ PARSE_TEST ("context", context), /* GNU */ - PARSE_POSOPT ("daystart", daystart), /* GNU */ - PARSE_ACTION ("delete", delete), /* GNU, Mac OS, FreeBSD */ - PARSE_OPTION ("d", d), /* Mac OS X, FreeBSD, NetBSD, OpenBSD, but deprecated in favour of -depth */ -@@ -349,6 +353,86 @@ static struct parser_table const parse_t - static const char *first_nonoption_arg = NULL; - static const struct parser_table *noop = NULL; - -+static int -+fallback_getfilecon (int fd, const char *name, security_context_t *p, -+ int prev_rv) -+{ -+ /* Our original getfilecon () call failed. Perhaps we can't follow a -+ * symbolic link. If that might be the problem, lgetfilecon () the link. -+ * Otherwise, admit defeat. */ -+ switch (errno) -+ { -+ case ENOENT: -+ case ENOTDIR: -+#ifdef DEBUG_STAT -+ fprintf (stderr, "fallback_getfilecon(): getfilecon(%s) failed; falling " -+ "back on lgetfilecon()\n", name); -+#endif -+ return lgetfileconat (fd, name, p); -+ -+ case EACCES: -+ case EIO: -+ case ELOOP: -+ case ENAMETOOLONG: -+#ifdef EOVERFLOW -+ case EOVERFLOW: /* EOVERFLOW is not #defined on UNICOS. */ -+#endif -+ default: -+ return prev_rv; -+ } -+} -+ -+/* optionh_getfilecon () implements the getfilecon operation when the -+ * -H option is in effect. -+ * -+ * If the item to be examined is a command-line argument, we follow -+ * symbolic links. If the getfilecon () call fails on the command-line -+ * item, we fall back on the properties of the symbolic link. -+ * -+ * If the item to be examined is not a command-line argument, we -+ * examine the link itself. */ -+int -+optionh_getfilecon (int fd, const char *name, security_context_t *p) -+{ -+ int rv; -+ if (0 == state.curdepth) -+ { -+ /* This file is from the command line; dereference the link (if it is -+ a link). */ -+ rv = getfileconat (fd, name, p); -+ if (0 == rv) -+ return 0; /* success */ -+ else -+ return fallback_getfilecon (fd, name, p, rv); -+ } -+ else -+ { -+ /* Not a file on the command line; do not dereference the link. */ -+ return lgetfileconat (fd, name, p); -+ } -+} -+ -+/* optionl_getfilecon () implements the getfilecon operation when the -+ * -L option is in effect. That option makes us examine the thing the -+ * symbolic link points to, not the symbolic link itself. */ -+int -+optionl_getfilecon (int fd, const char *name, security_context_t *p) -+{ -+ int rv = getfileconat (fd, name, p); -+ if (0 == rv) -+ return 0; /* normal case. */ -+ else -+ return fallback_getfilecon (fd, name, p, rv); -+} -+ -+/* optionp_getfilecon () implements the stat operation when the -P -+ * option is in effect (this is also the default). That option makes -+ * us examine the symbolic link itself, not the thing it points to. */ -+int -+optionp_getfilecon (int fd, const char *name, security_context_t *p) -+{ -+ return lgetfileconat (fd, name, p); -+} - - void - check_option_combinations(const struct predicate *p) -@@ -452,11 +536,13 @@ set_follow_state(enum SymlinkOption opt) - { - case SYMLINK_ALWAYS_DEREF: /* -L */ - options.xstat = optionl_stat; -+ options.x_getfilecon = optionl_getfilecon; - options.no_leaf_check = true; - break; - - case SYMLINK_NEVER_DEREF: /* -P (default) */ - options.xstat = optionp_stat; -+ options.x_getfilecon = optionp_getfilecon; - /* Can't turn no_leaf_check off because the user might have specified - * -noleaf anyway - */ -@@ -464,6 +550,7 @@ set_follow_state(enum SymlinkOption opt) - - case SYMLINK_DEREF_ARGSONLY: /* -H */ - options.xstat = optionh_stat; -+ options.x_getfilecon = optionh_getfilecon; - options.no_leaf_check = true; - } - } -@@ -1129,8 +1216,10 @@ tests (N can be +N or -N or N): -amin N - -nouser -nogroup -path PATTERN -perm [+-]MODE -regex PATTERN\n\ - -readable -writable -executable\n\ - -wholename PATTERN -size N[bcwkMG] -true -type [bcdpflsD] -uid N\n\ -- -used N -user NAME -xtype [bcdpfls]\n")); -+ -used N -user NAME -xtype [bcdpfls]")); - puts (_("\ -+ -context CONTEXT\n")); -+ puts (_("\n\ - actions: -delete -print0 -printf FORMAT -fprintf FILE FORMAT -print \n\ - -fprint0 FILE -fprint FILE -ls -fls FILE -prune -quit\n\ - -exec COMMAND ; -exec COMMAND {} + -ok COMMAND ;\n\ -@@ -2520,6 +2609,11 @@ parse_version (const struct parser_table - printf("LEAF_OPTIMISATION "); - ++features; - #endif -+ if (0 < is_selinux_enabled ()) -+ { -+ printf ("SELINUX "); -+ ++features; -+ } - - flags = 0; - if (is_fts_enabled(&flags)) -@@ -2555,6 +2649,31 @@ parse_version (const struct parser_table - } - - static boolean -+parse_context (const struct parser_table* entry, char **argv, int *arg_ptr) -+{ -+ struct predicate *our_pred; -+ -+ if ((argv == NULL) || (argv[*arg_ptr] == NULL)) -+ return false; -+ -+ if (is_selinux_enabled () <= 0) -+ { -+ error (1, 0, _("invalid predicate -context: SELinux is not enabled.")); -+ return false; -+ } -+ our_pred = insert_primary (entry); -+ our_pred->est_success_rate = 0.01f; -+ our_pred->need_stat = false; -+#ifdef DEBUG -+ our_pred->p_name = find_pred_name (pred_context); -+#endif /*DEBUG*/ -+ our_pred->args.scontext = argv[*arg_ptr]; -+ -+ (*arg_ptr)++; -+ return true; -+} -+ -+static boolean - parse_xdev (const struct parser_table* entry, char **argv, int *arg_ptr) - { - options.stay_on_filesystem = true; -@@ -2815,7 +2934,7 @@ insert_fprintf (struct format_val *vec, - if (*scan2 == '.') - for (scan2++; ISDIGIT (*scan2); scan2++) - /* Do nothing. */ ; -- if (strchr ("abcdDfFgGhHiklmMnpPsStuUyY", *scan2)) -+ if (strchr ("abcdDfFgGhHiklmMnpPsStuUyYZ", *scan2)) - { - segmentp = make_segment (segmentp, format, scan2 - format, - KIND_FORMAT, *scan2, 0, -@@ -2945,6 +3064,11 @@ make_segment (struct segment **segment, - *fmt++ = 's'; - break; - -+ case 'Z': /* SELinux security context */ -+ mycost = NeedsAccessInfo; -+ *fmt++ = 's'; -+ break; -+ - case 'H': /* ARGV element file was found under */ - *fmt++ = 's'; - break; -Index: findutils-4.4.2/find/pred.c -=================================================================== ---- findutils-4.4.2.orig/find/pred.c -+++ findutils-4.4.2/find/pred.c -@@ -48,6 +48,8 @@ - #include "error.h" - #include "verify.h" - -+#include -+ - #if ENABLE_NLS - # include - # define _(Text) gettext (Text) -@@ -230,6 +232,7 @@ struct pred_assoc pred_table[] = - {pred_user, "user "}, - {pred_writable, "writable "}, - {pred_xtype, "xtype "}, -+ {pred_context, "context"}, - {0, "none "} - }; - #endif -@@ -1054,6 +1057,30 @@ do_fprintf(struct format_val *dest, - mode_to_filetype(stat_buf->st_mode & S_IFMT)); - } - break; -+ -+ case 'Z': /* SELinux security context */ -+ { -+ security_context_t scontext; -+ int rv = (*options.x_getfilecon) (state.cwd_dir_fd, state.rel_pathname, -+ &scontext); -+ if (rv < 0) -+ { -+ /* If getfilecon fails, there will in the general case -+ still be some text to print. We just make %Z expand -+ to an empty string. */ -+ checked_fprintf (dest, segment->text, ""); -+ -+ error (0, errno, "getfilecon: %s", -+ safely_quote_err_filename (0, pathname)); -+ state.exit_status = 1; -+ } -+ else -+ { -+ checked_fprintf (dest, segment->text, scontext); -+ freecon (scontext); -+ } -+ } -+ break; - } - /* end of KIND_FORMAT case */ - break; -@@ -1844,6 +1871,26 @@ pred_xtype (const char *pathname, struct - */ - return (pred_type (pathname, &sbuf, pred_ptr)); - } -+ -+ -+boolean -+pred_context (const char *pathname, struct stat *stat_buf, -+ struct predicate *pred_ptr) -+{ -+ security_context_t scontext; -+ int rv = (*options.x_getfilecon) (state.cwd_dir_fd, state.rel_pathname, -+ &scontext); -+ if (rv < 0) -+ { -+ error (0, errno, "getfilecon: %s", safely_quote_err_filename (0, pathname)); -+ return false; -+ } -+ -+ rv = (fnmatch (pred_ptr->args.scontext, scontext, 0) == 0); -+ freecon (scontext); -+ return rv; -+} -+ - - /* 1) fork to get a child; parent remembers the child pid - 2) child execs the command requested -Index: findutils-4.4.2/find/tree.c -=================================================================== ---- findutils-4.4.2.orig/find/tree.c -+++ findutils-4.4.2/find/tree.c -@@ -904,6 +904,7 @@ static struct pred_cost_lookup costlooku - { pred_cmin , NeedsStatInfo, }, - { pred_cnewer , NeedsStatInfo, }, - { pred_comma , NeedsNothing, }, -+ { pred_context , NeedsAccessInfo }, - { pred_ctime , NeedsStatInfo, }, - { pred_delete , NeedsSyncDiskHit }, - { pred_empty , NeedsStatInfo }, -@@ -1434,6 +1435,7 @@ get_new_pred (const struct parser_table - last_pred->need_stat = true; - last_pred->need_type = true; - last_pred->args.str = NULL; -+ last_pred->args.scontext = NULL; - last_pred->pred_next = NULL; - last_pred->pred_left = NULL; - last_pred->pred_right = NULL; diff --git a/findutils-4.4.2-updatedb.patch b/findutils-4.4.2-updatedb.patch index ee16427..54bf247 100644 --- a/findutils-4.4.2-updatedb.patch +++ b/findutils-4.4.2-updatedb.patch @@ -1,8 +1,7 @@ -Index: doc/find.texi -=================================================================== ---- doc/find.texi.orig -+++ doc/find.texi -@@ -3364,7 +3364,7 @@ Default is none. +diff -aur findutils-4.5.10.orig/doc/find.texi findutils-4.5.10/doc/find.texi +--- findutils-4.5.10.orig/doc/find.texi 2012-01-16 15:29:59.649039029 -0500 ++++ findutils-4.5.10/doc/find.texi 2012-01-16 15:45:10.098656840 -0500 +@@ -3482,7 +3482,7 @@ @item --prunepaths='@var{path}@dots{}' Directories to omit from the database, which would otherwise be included. The environment variable @code{PRUNEPATHS} also sets this @@ -11,21 +10,20 @@ Index: doc/find.texi used as regular expressions (with @code{find ... -regex}, so you need to specify these paths in the same way that @code{find} will encounter them. This means for example that the paths must not include trailing -Index: locate/updatedb.1 -=================================================================== ---- locate/updatedb.1.orig -+++ locate/updatedb.1 -@@ -75,8 +75,7 @@ Default is \fInfs NFS proc\fP. +diff -aur findutils-4.5.10.orig/locate/updatedb.1 findutils-4.5.10/locate/updatedb.1 +--- findutils-4.5.10.orig/locate/updatedb.1 2012-01-16 15:31:03.240244029 -0500 ++++ findutils-4.5.10/locate/updatedb.1 2012-01-16 15:45:37.745311211 -0500 +@@ -75,8 +75,7 @@ .TP .B \-\-output=\fIdbfile\fP The database file to build. -Default is system-dependent. In Debian GNU/Linux, the default -is /var/cache/locate/locatedb. -+Default is /var/lib/locatedb. ++Default is /var/lib/locatedb. .TP .B \-\-localuser=\fIuser\fP The user to search non-network directories as, using \fBsu\fP(1). -@@ -85,7 +84,7 @@ You can also use the environment variabl +@@ -85,7 +84,7 @@ .TP .B \-\-netuser=\fIuser\fP The user to search network directories as, using \fBsu\fP(1). @@ -34,20 +32,19 @@ Index: locate/updatedb.1 You can also use the environment variable \fBNETUSER\fP to set this user. .TP .B \-\-old\-format -Index: locate/updatedb.sh -=================================================================== ---- locate/updatedb.sh.orig -+++ locate/updatedb.sh -@@ -158,7 +158,7 @@ select_shell() { +diff -aur findutils-4.5.10.orig/locate/updatedb.sh findutils-4.5.10/locate/updatedb.sh +--- findutils-4.5.10.orig/locate/updatedb.sh 2012-01-16 15:32:52.071883446 -0500 ++++ findutils-4.5.10/locate/updatedb.sh 2012-01-16 15:45:56.037082532 -0500 +@@ -158,7 +158,7 @@ : ${NETPATHS=} # Directories to not put in the database, which would otherwise be. -: ${PRUNEPATHS="/tmp /usr/tmp /var/tmp /afs /amd /sfs /proc"} +: ${PRUNEPATHS="/tmp /usr/tmp /var/tmp /afs /amd /sfs /proc /var/spool"} - # Trailing slashes result in regex items that are never matched, which - # is not what the user will expect. Therefore we now reject such -@@ -188,7 +188,7 @@ fi + # Trailing slashes result in regex items that are never matched, which + # is not what the user will expect. Therefore we now reject such +@@ -188,7 +188,7 @@ export TMPDIR # The user to search network directories as. @@ -56,7 +53,7 @@ Index: locate/updatedb.sh # The directory containing the subprograms. if test -n "$LIBEXECDIR" ; then -@@ -228,11 +228,10 @@ done +@@ -228,10 +228,10 @@ PATH=/bin:/usr/bin:${BINDIR}; export PATH @@ -65,40 +62,37 @@ Index: locate/updatedb.sh if test -n "$PRUNEFS"; then -prunefs_exp=`echo $PRUNEFS |sed -e 's/\([^ ][^ ]*\)/-o -fstype \1/g' \ -- -e 's/-o //' -e 's/$/ -o/'` -+prunefs_exp=`echo $PRUNEFS |sed -e 's/\([^ ][^ ]*\)/-fstype \1 -o/g'` ++prunefs_exp=`echo $PRUNEFS |sed -e 's/\([^ ][^ ]*\)/-fstype \1 -o/g' \ + -e 's/-o //' -e 's/$/ -o/'` else prunefs_exp='' - fi -@@ -252,13 +251,12 @@ if test -n "$SEARCHPATHS"; then - # : A1 +@@ -253,12 +253,13 @@ su $LOCALUSER `select_shell $LOCALUSER` -c \ "$find $SEARCHPATHS $FINDOPTIONS \ -- \\( $prunefs_exp \ + \\( $prunefs_exp \ - -type d -regex '$PRUNEREGEX' \\) -prune -o $print_option" + -type d \\( $prunefs_exp -regex '$PRUNEREGEX' \\) -prune \ + -o $print_option" else # : A2 $find $SEARCHPATHS $FINDOPTIONS \ -- \( $prunefs_exp \ + \( $prunefs_exp \ - -type d -regex "$PRUNEREGEX" \) -prune -o $print_option + -type d \( $prunefs_exp -regex "$PRUNEREGEX" \) -prune -o $print_option fi fi -@@ -321,13 +319,13 @@ if test -n "$SEARCHPATHS"; then - # : A5 +@@ -322,12 +323,14 @@ su $LOCALUSER `select_shell $LOCALUSER` -c \ "$find $SEARCHPATHS $FINDOPTIONS \ -- \( $prunefs_exp \ + \( $prunefs_exp \ - -type d -regex '$PRUNEREGEX' \) -prune -o $print_option" || exit $? + -type d \( $prunefs_exp -regex '$PRUNEREGEX' \) -prune \ + -o $print_option" || exit $? else # : A6 $find $SEARCHPATHS $FINDOPTIONS \ -- \( $prunefs_exp \ + \( $prunefs_exp \ - -type d -regex "$PRUNEREGEX" \) -prune -o $print_option || exit $? + -type d \( $prunefs_exp -regex "$PRUNEREGEX" \) -prune \ + -o $print_option || exit $? diff --git a/findutils-4.4.2-xautofs.patch b/findutils-4.4.2-xautofs.patch index 06ee7f5..3223bbc 100644 --- a/findutils-4.4.2-xautofs.patch +++ b/findutils-4.4.2-xautofs.patch @@ -1,8 +1,7 @@ -Index: findutils-4.4.2/doc/find.texi -=================================================================== ---- findutils-4.4.2.orig/doc/find.texi -+++ findutils-4.4.2/doc/find.texi -@@ -1413,6 +1413,10 @@ them. +diff -aur findutils-4.5.10.orig/doc/find.texi findutils-4.5.10/doc/find.texi +--- findutils-4.5.10.orig/doc/find.texi 2012-01-16 15:29:59.649039029 -0500 ++++ findutils-4.5.10/doc/find.texi 2012-01-16 15:54:30.683648566 -0500 +@@ -1440,6 +1440,10 @@ There are two ways to avoid searching certain filesystems. One way is to tell @code{find} to only search one filesystem: @@ -13,25 +12,23 @@ Index: findutils-4.4.2/doc/find.texi @deffn Option -xdev @deffnx Option -mount Don't descend directories on other filesystems. These options are -Index: findutils-4.4.2/find/defs.h -=================================================================== ---- findutils-4.4.2.orig/find/defs.h -+++ findutils-4.4.2/find/defs.h -@@ -550,6 +550,9 @@ struct options +diff -aur findutils-4.5.10.orig/find/defs.h findutils-4.5.10/find/defs.h +--- findutils-4.5.10.orig/find/defs.h 2011-04-03 18:53:11.000000000 -0400 ++++ findutils-4.5.10/find/defs.h 2012-01-16 15:56:13.473363517 -0500 +@@ -561,6 +561,9 @@ /* If true, don't cross filesystem boundaries. */ - boolean stay_on_filesystem; - -+ /* If true, don't descend directories on autofs filesystems. */ -+ boolean bypass_autofs; + bool stay_on_filesystem; + ++ /* If true, don't descend directores on autofs filesystems */ ++ bool bypass_autofs; + - /* If true, we ignore the problem where we find that a directory entry + /* If true, we ignore the problem where we find that a directory entry * no longer exists by the time we get around to processing it. */ -Index: findutils-4.4.2/find/find.1 -=================================================================== ---- findutils-4.4.2.orig/find/find.1 -+++ findutils-4.4.2/find/find.1 -@@ -451,6 +451,9 @@ if standard input is a tty, and to +diff -aur findutils-4.5.10.orig/find/find.1 findutils-4.5.10/find/find.1 +--- findutils-4.5.10.orig/find/find.1 2011-04-03 18:53:11.000000000 -0400 ++++ findutils-4.5.10/find/find.1 2012-01-16 15:57:07.003694295 -0500 +@@ -460,6 +460,9 @@ .B \-nowarn otherwise. @@ -41,11 +38,10 @@ Index: findutils-4.4.2/find/find.1 .IP \-xdev Don't descend directories on other filesystems. -Index: findutils-4.4.2/find/ftsfind.c -=================================================================== ---- findutils-4.4.2.orig/find/ftsfind.c -+++ findutils-4.4.2/find/ftsfind.c -@@ -525,6 +525,12 @@ consider_visiting(FTS *p, FTSENT *ent) +diff -aur findutils-4.5.10.orig/find/ftsfind.c findutils-4.5.10/find/ftsfind.c +--- findutils-4.5.10.orig/find/ftsfind.c 2011-04-03 18:53:11.000000000 -0400 ++++ findutils-4.5.10/find/ftsfind.c 2012-01-16 16:00:05.103467741 -0500 +@@ -485,6 +485,12 @@ } } @@ -57,20 +53,19 @@ Index: findutils-4.4.2/find/ftsfind.c + if ( (ent->fts_info == FTS_D) && !options.do_dir_first ) { - /* this is the preorder visit, but user said -depth */ -Index: findutils-4.4.2/find/parser.c -=================================================================== ---- findutils-4.4.2.orig/find/parser.c -+++ findutils-4.4.2/find/parser.c -@@ -150,6 +150,7 @@ static boolean parse_user PARAM - static boolean parse_version PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); - static boolean parse_wholename PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); - static boolean parse_xdev PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); -+static boolean parse_xautofs PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); - static boolean parse_ignore_race PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); - static boolean parse_noignore_race PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); - static boolean parse_warn PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); -@@ -320,6 +321,7 @@ static struct parser_table const parse_t + /* this is the preorder visit, but user said -depth */ +diff -aur findutils-4.5.10.orig/find/parser.c findutils-4.5.10/find/parser.c +--- findutils-4.5.10.orig/find/parser.c 2011-04-03 18:53:11.000000000 -0400 ++++ findutils-4.5.10/find/parser.c 2012-01-16 16:05:32.208378367 -0500 +@@ -151,6 +151,7 @@ + static bool parse_version (const struct parser_table*, char *argv[], int *arg_ptr); + static bool parse_wholename (const struct parser_table*, char *argv[], int *arg_ptr); + static bool parse_xdev (const struct parser_table*, char *argv[], int *arg_ptr); ++static bool parse_xautofs (const struct parser_table*, char *argv[], int *arg_ptr); + static bool parse_ignore_race (const struct parser_table*, char *argv[], int *arg_ptr); + static bool parse_noignore_race (const struct parser_table*, char *argv[], int *arg_ptr); + static bool parse_warn (const struct parser_table*, char *argv[], int *arg_ptr); +@@ -325,6 +326,7 @@ PARSE_TEST_NP ("wholename", wholename), /* GNU, replaced -path, but anyway -path will soon be in POSIX */ {ARG_TEST, "writable", parse_accesscheck, pred_writable}, /* GNU, 4.3.0+ */ PARSE_OPTION ("xdev", xdev), /* POSIX */ @@ -78,11 +73,11 @@ Index: findutils-4.4.2/find/parser.c PARSE_TEST ("xtype", xtype), /* GNU */ #ifdef UNIMPLEMENTED_UNIX /* It's pretty ugly for find to know about archive formats. -@@ -2560,6 +2562,16 @@ parse_xdev (const struct parser_table* e +@@ -2800,6 +2802,16 @@ } - static boolean -+parse_xautofs (const struct parser_table* entry, char **argv, int *arg_ptr) + static bool ++parse_xautofs(const struct parser_table* entry, char **argv, int *arg_ptr) +{ + (void) argv; + (void) arg_ptr; @@ -91,15 +86,14 @@ Index: findutils-4.4.2/find/parser.c + return true; +} + -+static boolean ++static bool parse_ignore_race (const struct parser_table* entry, char **argv, int *arg_ptr) { options.ignore_readdir_race = true; -Index: findutils-4.4.2/find/util.c -=================================================================== ---- findutils-4.4.2.orig/find/util.c -+++ findutils-4.4.2/find/util.c -@@ -933,6 +933,7 @@ set_option_defaults(struct options *p) +diff -aur findutils-4.5.10.orig/find/util.c findutils-4.5.10/find/util.c +--- findutils-4.5.10.orig/find/util.c 2011-04-03 18:53:11.000000000 -0400 ++++ findutils-4.5.10/find/util.c 2012-01-16 16:06:17.309814520 -0500 +@@ -1006,6 +1006,7 @@ p->full_days = false; p->stay_on_filesystem = false; diff --git a/findutils-4.4.2.tar.bz2 b/findutils-4.4.2.tar.bz2 deleted file mode 100644 index 0d291e8..0000000 --- a/findutils-4.4.2.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:62ff724e2de32788fa527df69c631ad34c6dfbbd5430b6b6dc410662a6d206d6 -size 1506634 diff --git a/findutils-prune_unknown.patch b/findutils-4.5.10-prune_unknown.patch similarity index 59% rename from findutils-prune_unknown.patch rename to findutils-4.5.10-prune_unknown.patch index 73a80e7..3d1ee89 100644 --- a/findutils-prune_unknown.patch +++ b/findutils-4.5.10-prune_unknown.patch @@ -1,8 +1,6 @@ -Index: locate/updatedb.sh -=================================================================== ---- locate/updatedb.sh.orig 2010-04-01 12:46:24.000000000 +0200 -+++ locate/updatedb.sh 2010-04-01 12:47:09.919511262 +0200 -@@ -228,7 +228,7 @@ done +--- locate/updatedb.sh.orig 2012-01-16 19:04:21.074917128 -0500 ++++ locate/updatedb.sh 2012-01-16 19:05:02.438400012 -0500 +@@ -228,7 +228,7 @@ PATH=/bin:/usr/bin:${BINDIR}; export PATH @@ -10,4 +8,4 @@ Index: locate/updatedb.sh +: ${PRUNEFS="nfs NFS proc afs smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs sysfs shfs cifs 9P unknown"} if test -n "$PRUNEFS"; then - prunefs_exp=`echo $PRUNEFS |sed -e 's/\([^ ][^ ]*\)/-fstype \1 -o/g'` + prunefs_exp=`echo $PRUNEFS |sed -e 's/\([^ ][^ ]*\)/-fstype \1 -o/g' \ diff --git a/findutils-updatedb_ignore_nfsv4.patch b/findutils-4.5.10-updatedb_ignore_nfsv4.patch similarity index 60% rename from findutils-updatedb_ignore_nfsv4.patch rename to findutils-4.5.10-updatedb_ignore_nfsv4.patch index 3c7d9c4..d36b14a 100644 --- a/findutils-updatedb_ignore_nfsv4.patch +++ b/findutils-4.5.10-updatedb_ignore_nfsv4.patch @@ -1,8 +1,6 @@ -Index: locate/updatedb.sh -=================================================================== ---- locate/updatedb.sh.orig 2010-08-23 12:27:24.000000000 +0200 -+++ locate/updatedb.sh 2010-08-23 12:29:20.495699371 +0200 -@@ -228,7 +228,7 @@ done +--- locate/updatedb.sh.orig 2012-01-16 19:06:44.632122416 -0500 ++++ locate/updatedb.sh 2012-01-16 19:07:19.338688523 -0500 +@@ -228,7 +228,7 @@ PATH=/bin:/usr/bin:${BINDIR}; export PATH @@ -10,4 +8,4 @@ Index: locate/updatedb.sh +: ${PRUNEFS="nfs nfs4 NFS proc afs smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs sysfs shfs cifs 9P unknown"} if test -n "$PRUNEFS"; then - prunefs_exp=`echo $PRUNEFS |sed -e 's/\([^ ][^ ]*\)/-fstype \1 -o/g'` + prunefs_exp=`echo $PRUNEFS |sed -e 's/\([^ ][^ ]*\)/-fstype \1 -o/g' \ diff --git a/findutils-4.5.10-use_proc_mounts.patch b/findutils-4.5.10-use_proc_mounts.patch new file mode 100644 index 0000000..f6010b4 --- /dev/null +++ b/findutils-4.5.10-use_proc_mounts.patch @@ -0,0 +1,14 @@ +--- gnulib/lib/mountlist.c.orig 2012-01-16 15:24:39.982035415 -0500 ++++ gnulib/lib/mountlist.c 2012-01-16 15:26:14.587852681 -0500 +@@ -71,6 +71,11 @@ + # endif + #endif + ++#if defined __linux__ ++# undef MOUNTED ++# define MOUNTED "/proc/mounts" ++#endif ++ + #ifdef MOUNTED_GETMNTINFO /* 4.4BSD. */ + # include + #endif diff --git a/findutils-4.5.10.tar.bz2 b/findutils-4.5.10.tar.bz2 new file mode 100644 index 0000000..e81c7a7 --- /dev/null +++ b/findutils-4.5.10.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1032d93042aee8eed7e8cd33b4043b7eede3c308985730ea8f704b63e6f73c37 +size 1917284 diff --git a/findutils-use_proc_mounts.patch b/findutils-use_proc_mounts.patch deleted file mode 100644 index 88d4f53..0000000 --- a/findutils-use_proc_mounts.patch +++ /dev/null @@ -1,25 +0,0 @@ -Index: gnulib/lib/mountlist.c -=================================================================== ---- gnulib/lib/mountlist.c.orig 2007-12-02 12:57:51.000000000 +0100 -+++ gnulib/lib/mountlist.c 2010-11-17 13:08:32.133380836 +0100 -@@ -60,7 +60,7 @@ - # include - # if !defined MOUNTED - # if defined _PATH_MOUNTED /* GNU libc */ --# define MOUNTED _PATH_MOUNTED -+# define MOUNTED _PATH_MOUNTED - # endif - # if defined MNT_MNTTAB /* HP-UX. */ - # define MOUNTED MNT_MNTTAB -@@ -71,6 +71,11 @@ - # endif - #endif - -+#if defined __linux__ -+# undef MOUNTED -+# define MOUNTED "/proc/mounts" -+#endif -+ - #ifdef MOUNTED_GETMNTINFO /* 4.4BSD. */ - # include - #endif diff --git a/findutils.changes b/findutils.changes index dc29594..5809e97 100644 --- a/findutils.changes +++ b/findutils.changes @@ -1,3 +1,184 @@ +------------------------------------------------------------------- +Tue Jan 17 02:40:55 UTC 2012 - tabraham@novell.com + +- removed patches deprecated by this release + - findutils-4.4.2-selinux.patch + - findutils-4.4.2-selinux-gnulib.patch + - findutils-4.4.2-fts-remount.patch +- refreshed other patches as required + +- Update to 4.5.10 + + doc: The manual now includes a small number of references to + further reading on security. + + fixed bug #30608: Automagic dependency on selinux. The configure + script now provides a --without-selinux option. + + fixed bug #29949: find -execdir does not change working directory + + fixed bug #31359: test-strstr unit test fails on alpha. + + fixed bug #30777: find -exec echo TURNIP{} \+ is accepted but + TURNIP is eaten + + fixed bug #30180: error message from incorrect -size option is off + + fixed bug #29828: test suite deadlock on FreeBSD + + updated translations - Finnish, Italian, Danish, Slovenian, + German, Estonian, French, Japanese and Danish + +- Update to 4.5.9 + + fixed bug #29593: Make import-gnulib.sh work under a POSIX shell. + + fixed bug #29511: fails to build on kfreebsd-* + + fixed bug #27563: -L breaks -execdir + + fixed bug #19593: -execdir .... {} + has suboptimal performance + (see below) + + updated translation - Chinese (simplified) + + The find program will once again build argument lists longer + than 1 with "-execdir ...+". The upper limit of 1 argument for + execdir was introduced as a workaround in findutils-4.3.4. The + limit is now removed, but find still does not issue the maximum + possible number of arguments, since an exec will occur each time + find encounters a subdirectory (if at least one argument is + pending). + + You can now increase the parallelism of xargs in mid-run by + sending it SIGUSR1, and decrease the parallelism with SIGUSR2. + +- Update to 4.5.8 + + fixed bug #29460: -printf %Y fails in $CWD-dependent way + + fixed bug #27974: Use gnulib's xreadlinkat support + + fixed bug #29435: fd_is_cloexec does not work on Fedora buildhosts + + fixed bug #27221: symlink_loop check broken by FTS_CWDFD + + fixed bug #27213: avoid failed assertions for non-executable + directories. + + updated translations - Vietnamese, Czech, Dutch, Polish, Russian + +- Update to 4.5.7 + + If you use the -fstype FOO predicate and specify a filsystem + type FOO which is not known (e.g. present in /etc/mtab) at the + time find starts, that predicate is now equivalent to -false. + This substitution currently occurs at optimisation level 2 and + above. + +- Update to 4.5.6 + + patch #4848 - support for SELinux + + fixed bug #29089 - SELinux --context and %Z options + + fixed bug #28872: Mistake in "#safer" example in "Problems with + -exec and filenames" section of the Texinfo manual. + + fixed bug #28824: Corrected error message for "-ctime x". + Likewise for -gid, -inum, -links, -mmin, -cmin, -amin, + -uid, -used, -atime, -mtime, -ctime. + + fixed bug #27975: Infinite loop for -exec [..] {} +. + + fixed bug #27846: Assertion failure in xargs.c on AIX. + + fixed bug #27375: Open file descriptors leak into child processes. + + fixed bug #27017: find -D opt / -fstype ext3 -print , -quit coredumps + + fixed bug #27328: segfault if the initial exec for "find -exec" fails. + + fixed bug #26868: compilation error in pred.c on Solaris x86_64 + + fixed bug #24873: Duplicate fprint option corrupts output + + fixed bug #23920: warn about un-matchable -path arguments ending in /. + + fixed bug #19120: Patch to fix single quotes in man page find(1) + + fixed bug #26327: xargs man page is vague about the number of times + command is executed. + +- Update to 4.5.5 + + xargs now handles the case where the system's actual exec limits + are smaller than the value of ARG_MAX at compile time. Very few + platforms normally have this property, but it is possible to + configure sume Unix systems this way. + + fixed bug #25359 - files/testsuite/find.gnu/posix-h.exp test fail + + fixed bug #26587 - fix a typo in -execdir documentation (it says + -exec by mistake in the text) + + fixed bug #26537 - find -prune now makes sure it has valid stat() + information + + fixed bug #22708 - exit status 126 and 127 from the utility invoked + from xargs now makes xargs return 123, meaning that exit status + values 126 and 127 not unambiguously mean that the utility could + not be run or could not be found, respectively. + + doc: the -wholename option to find is no longer preferred over + -ipath + +- Update to 4.5.4 + + The ftsfind executable (which is built by default as "find") now + calls fts() in such a way that it avoids calling stat() on directory + entries, if it doesn't need the information. This can produce a + significant speedup on filesystems which don't populate the d_type + element of struct dirent, for example reiserfs. Anecdotal evidence + suggests this can speed updatedb up from about 30 minutes to 3-4 + minutes. + + The ftsfind executable also now avoids calling stat() functions to + discover the inode number of a file, if we already read this + information from the directory. This does provide a speed-up, but + only for a restricted set of commands such as "find . -inum 4001". + This fix is listed below as bug #24342 + + fixed bug #25764 - remove duplicate entry for 'proc' in updatedb's + $PRUNEFS + + fixed bug #25359 - find -H wrongly behaves like -L sometimes; this + bug affects only filesystems which populate d_type and affects + -type and -printf %y. This does not affect the default behavior of + find or find -P + + fixed bug #25144 - misleading error message when argument to + find -user is an unknown user or is missing + + fixed bug #25154 - allow compilation with C compilers that don't + allow declarations to follow statements + + fixed bug #24342 - -inum predicate should use dirent.d_ino instead + of stat.st_ino (this is a performance bug) + + updated translations - Bulgarian, German, Irish, Hungarian, + Lithuanian, Dutch, Polish, Slovenian, Swedish, Turkish, Ukranian, + Vietnamese + +- Update to 4.5.3 + + fixed bug #24283 - find -printf %TY causes NULL pointer dereference + + changes to gnulib's fts code should provide performance improvements + in find when processing very large directories (for example + directories containing significantly more than 10000 filenames). + Performance improvements may only exist for some find command + lines (performance testing was done for the fts implementation + itself but we haven't done the analogous performance tests in find). + + file type information is also passed back from fts to find, + saving calls to the stat system call for find command lines + which don't need the stat information. This provides a performance + improvement for common cases like find "find . -type d". + +- Update to 4.5.2 + + fixed bug #24169 - find would segfault if the -newerXY test was + not followed by any argument + + fixed bug #23996 - integer overflow on some platforms when + parsing "-used 3" + + New translation - Czech + + Updated translations - French, Indonesian + + doc: bug #23070 - corrected manpage description of find -perm /000 + (the change was already made by the manpage indicated the change + would happen "soon") + +- Update to 4.5.1 + + New translation - Lithuanian + + Updated translation - Chinese (simplified) + + doc: added a working example describing how to find the + shallowest instances of a given directoty name (or names) in a + directory hierarchy + + fixed bug #22662 - find -printf %AX appends nanoseconds in the + right place now + + fixed bug #23663 - crash in some locales for -print %AX (this + problem seems to have affected only the CVS code, and not any + public releases) + +- Update to 4.5.0 + + If POSIXLY_CORRECT environment variable is set, the system's + definition of "yes" and "no" responses are used to interpret + the response to questions from -ok and -okdir. The default is + still to use information from the findutils message translations. + + If xargs find that exec fails because the argument size limit it + calculated is larger than the system's actual maximum, it now + adapts by passing fewer arguments (as opposed to failing) + + The default optimization level for find is now -O2 instead of + -O0 meaning that a number of additional optimizations are + performed by default. Current optimizations at each level are: + + 0: Perform -name, -path, -iname, -ipath before other checks + 1: Expressions containing only cost-free tests are evaluated + before expressions which contain more costly tests + 2: Bring forward all tests that need to know the type of a file + but don't need to stat it + 3: All tests are ordered by their estimated cost + + Cost here is simply an estimate of how time consuming the I/O + operations needed to make a test are + + Various bug fixes (See NEWS) + ------------------------------------------------------------------- Thu Dec 1 15:47:34 UTC 2011 - coolo@suse.com diff --git a/findutils.spec b/findutils.spec index 686f9cb..f004d42 100644 --- a/findutils.spec +++ b/findutils.spec @@ -1,7 +1,7 @@ # # spec file for package findutils # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,33 +15,27 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + + Name: findutils Url: http://www.gnu.org/software/findutils/ License: GPL-3.0+ Group: Productivity/File utilities -Version: 4.4.2 +Version: 4.5.10 Release: 0 Summary: The GNU versions of find utilities (find and xargs) -# retreived from http://ftp.gnu.org/pub/gnu/findutils/findutils-4.4.2.tar.gz +# retrieved from http://alpha.gnu.org/pub/gnu/findutils/findutils-4.5.10.tar.gz Source: findutils-%{version}.tar.bz2 Source1: sysconfig.locate Source2: cron.daily.updatedb # Use /proc/mounts instead of /etc/mtab as autofs entries are only # listed in the kernels >= 2.6.32 -Patch0: findutils-use_proc_mounts.patch +Patch0: findutils-4.5.10-use_proc_mounts.patch # adds a new option -xautofs to find to not descend into directories on autofs file systems Patch1: findutils-4.4.2-xautofs.patch -# patch accepted by gnulib upstream - rhbz#538536 -Patch2: findutils-4.4.2-fts-remount.patch -# gnulib based SELinux patch adding a new search predicate -context and -# a new -printf conversion %Z -Patch3: findutils-4.4.2-selinux.patch -# once the selinux-at module appears on the list within import-gnulib.config -# the following patch will be no longer needed -Patch4: findutils-4.4.2-selinux-gnulib.patch -Patch5: findutils-4.4.2-updatedb.patch -Patch6: findutils-prune_unknown.patch -Patch7: findutils-updatedb_ignore_nfsv4.patch +Patch2: findutils-4.4.2-updatedb.patch +Patch3: findutils-4.5.10-prune_unknown.patch +Patch4: findutils-4.5.10-updatedb_ignore_nfsv4.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: automake %if 0%{?suse_version} > 1100 @@ -85,11 +79,8 @@ switching on the computer. %patch0 %patch1 -p1 %patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -%patch6 -%patch7 +%patch3 +%patch4 %build autoreconf