From d6d436937f03a5d5948206d48145e08b355280a032d8f6007a4af88c4056b11a Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Fri, 12 Mar 2010 15:45:17 +0000 Subject: [PATCH] Accepting request 34356 from Base:System Copy from Base:System/findutils based on submit request 34356 from user prusnak OBS-URL: https://build.opensuse.org/request/show/34356 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/findutils?expand=0&rev=17 --- findutils-4.4.0.tar.bz2 | 3 - findutils-4.4.2-autofs.patch | 88 ++ findutils-4.4.2-fts-remount.patch | 27 + findutils-4.4.2-selinux-gnulib.patch | 1138 +++++++++++++++++ findutils-4.4.2-selinux.patch | 445 +++++++ ...4.0.diff => findutils-4.4.2-updatedb.patch | 74 +- findutils-4.4.2-xautofs.patch | 109 ++ findutils-4.4.2.tar.bz2 | 3 + findutils-null.diff | 11 - findutils-selinux.diff | 486 ------- findutils.changes | 26 +- findutils.spec | 146 ++- 12 files changed, 1916 insertions(+), 640 deletions(-) delete mode 100644 findutils-4.4.0.tar.bz2 create mode 100644 findutils-4.4.2-autofs.patch create mode 100644 findutils-4.4.2-fts-remount.patch create mode 100644 findutils-4.4.2-selinux-gnulib.patch create mode 100644 findutils-4.4.2-selinux.patch rename findutils-4.4.0.diff => findutils-4.4.2-updatedb.patch (63%) create mode 100644 findutils-4.4.2-xautofs.patch create mode 100644 findutils-4.4.2.tar.bz2 delete mode 100644 findutils-null.diff delete mode 100644 findutils-selinux.diff diff --git a/findutils-4.4.0.tar.bz2 b/findutils-4.4.0.tar.bz2 deleted file mode 100644 index 8e1084a..0000000 --- a/findutils-4.4.0.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:dd1dd2ffb38b28d00ab360ada03613ef07643c1f0e207ab2a00f362b7c160e19 -size 1436805 diff --git a/findutils-4.4.2-autofs.patch b/findutils-4.4.2-autofs.patch new file mode 100644 index 0000000..6529ca3 --- /dev/null +++ b/findutils-4.4.2-autofs.patch @@ -0,0 +1,88 @@ +Index: findutils-4.4.2/find/fstype.c +=================================================================== +--- findutils-4.4.2.orig/find/fstype.c ++++ findutils-4.4.2/find/fstype.c +@@ -205,7 +205,72 @@ must_read_fs_list(bool need_fs_type) + return entries; + } + ++/* Return the device number from MOUNT_OPTIONS, if possible. ++ Otherwise return (dev_t) -1. Taken from 'mountlist' module ++ from gnulib. */ ++static dev_t ++dev_from_mount_options (char const *mount_options) ++{ ++ /* GNU/Linux allows file system implementations to define their own ++ meaning for "dev=" mount options, so don't trust the meaning ++ here. */ ++# ifndef __linux__ ++ ++ static char const dev_pattern[] = ",dev="; ++ char const *devopt = strstr (mount_options, dev_pattern); ++ ++ if (devopt) ++ { ++ char const *optval = devopt + sizeof dev_pattern - 1; ++ char *optvalend; ++ unsigned long int dev; ++ errno = 0; ++ dev = strtoul (optval, &optvalend, 16); ++ if (optval != optvalend ++ && (*optvalend == '\0' || *optvalend == ',') ++ && ! (dev == ULONG_MAX && errno == ERANGE) ++ && dev == (dev_t) dev) ++ return dev; ++ } ++ ++# endif ++ (void) mount_options; ++ return -1; ++} ++ ++/* Return true if the file described by STATP is on autofs file system ++ and call set_fstype_devno () if the autofs file system is matched. */ ++static bool ++filesystem_check_autofs (const struct stat *statp) ++{ ++ FILE *fp; ++ struct mntent *mnt; ++ struct mount_entry entry; ++ bool match = false; ++ ++ /* open /proc/mounts because autofs is not listed in /etc/mtab */ ++ fp = setmntent ("/proc/mounts", "r"); ++ if (fp == NULL) ++ return false; + ++ while ((mnt = getmntent (fp))) ++ { ++ if (0 != strcmp ("autofs", mnt->mnt_type)) ++ continue; ++ ++ entry.me_mountdir = mnt->mnt_dir; ++ entry.me_dev = dev_from_mount_options (mnt->mnt_opts); ++ set_fstype_devno (&entry); ++ if (entry.me_dev == statp->st_dev) ++ { ++ match = true; ++ break; ++ } ++ } ++ ++ endmntent (fp); ++ return match; ++} + + /* Return a newly allocated string naming the type of file system that the + file PATH, described by STATP, is on. +@@ -244,6 +309,10 @@ file_system_type_uncached (const struct + } + free_file_system_list(entries); + ++ /* check for autofs */ ++ if (type == NULL && filesystem_check_autofs (statp)) ++ type = xstrdup ("autofs"); ++ + /* Don't cache unknown values. */ + fstype_known = (type != NULL); + diff --git a/findutils-4.4.2-fts-remount.patch b/findutils-4.4.2-fts-remount.patch new file mode 100644 index 0000000..6327852 --- /dev/null +++ b/findutils-4.4.2-fts-remount.patch @@ -0,0 +1,27 @@ +This patch is already applied on gnulib upstream git. + +Index: findutils-4.4.2/gnulib/lib/fts.c +=================================================================== +--- findutils-4.4.2.orig/gnulib/lib/fts.c ++++ findutils-4.4.2/gnulib/lib/fts.c +@@ -974,6 +974,20 @@ fts_build (register FTS *sp, int type) + opening it. */ + if (cur->fts_info == FTS_NSOK) + cur->fts_info = fts_stat(sp, cur, false); ++ else if (sp->fts_options & FTS_TIGHT_CYCLE_CHECK) { ++ /* Now read the stat info again after opening a directory to ++ * reveal eventual changes caused by a submount triggered by ++ * the traverse. But do it only for utilities which use ++ * FTS_TIGHT_CYCLE_CHECK. Therefore only find and du can ++ * benefit from this feature for now. ++ */ ++ LEAVE_DIR (sp, cur, "4"); ++ fts_stat (sp, cur, false); ++ if (! enter_dir (sp, cur)) { ++ __set_errno (ENOMEM); ++ return NULL; ++ } ++ } + + /* + * Nlinks is the number of possible entries of type directory in the diff --git a/findutils-4.4.2-selinux-gnulib.patch b/findutils-4.4.2-selinux-gnulib.patch new file mode 100644 index 0000000..aaa1bb7 --- /dev/null +++ b/findutils-4.4.2-selinux-gnulib.patch @@ -0,0 +1,1138 @@ +Once the selinux-at module appears on the list within import-gnulib.config this +patch is no longer needed. + +Index: findutils-4.4.2/aclocal.m4 +=================================================================== +--- findutils-4.4.2.orig/aclocal.m4 ++++ findutils-4.4.2/aclocal.m4 +@@ -1039,6 +1039,8 @@ m4_include([gnulib/m4/rpmatch.m4]) + m4_include([gnulib/m4/same.m4]) + m4_include([gnulib/m4/save-cwd.m4]) + m4_include([gnulib/m4/savedir.m4]) ++m4_include([gnulib/m4/selinux-context-h.m4]) ++m4_include([gnulib/m4/selinux-selinux-h.m4]) + m4_include([gnulib/m4/setenv.m4]) + m4_include([gnulib/m4/ssize_t.m4]) + m4_include([gnulib/m4/st_dm_mode.m4]) +Index: findutils-4.4.2/gnulib/lib/Makefile.am +=================================================================== +--- findutils-4.4.2.orig/gnulib/lib/Makefile.am ++++ findutils-4.4.2/gnulib/lib/Makefile.am +@@ -1007,6 +1007,49 @@ EXTRA_libgnulib_a_SOURCES += savedir.c + + ## end gnulib module savedir + ++## begin gnulib module selinux-at ++ ++ ++EXTRA_DIST += selinux-at.c selinux-at.h ++ ++EXTRA_libgnulib_a_SOURCES += selinux-at.c ++ ++## end gnulib module selinux-at ++ ++## begin gnulib module selinux-h ++ ++libgnulib_a_SOURCES += se-context.in.h se-selinux.in.h ++ ++BUILT_SOURCES += selinux/selinux.h ++selinux/selinux.h: se-selinux.in.h ++ $(AM_V_at)$(MKDIR_P) selinux ++ $(AM_V_GEN)rm -f $@-t $@ && \ ++ { echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */' && \ ++ sed -e 's|@''INCLUDE_NEXT''@|$(INCLUDE_NEXT)|g' \ ++ -e 's|@''PRAGMA_SYSTEM_HEADER''@|@PRAGMA_SYSTEM_HEADER@|g' \ ++ -e 's|@''NEXT_SELINUX_SELINUX_H''@|$(NEXT_SELINUX_SELINUX_H)|g' \ ++ < $(srcdir)/se-selinux.in.h; \ ++ } > $@-t && \ ++ chmod a-x $@-t && \ ++ mv $@-t $@ ++MOSTLYCLEANFILES += selinux/selinux.h selinux/selinux.h-t ++ ++BUILT_SOURCES += $(SELINUX_CONTEXT_H) ++selinux/context.h: se-context.in.h ++ $(AM_V_at)$(MKDIR_P) selinux ++ $(AM_V_GEN)rm -f $@-t $@ && \ ++ cp $(srcdir)/se-context.in.h $@-t && \ ++ chmod a-x $@-t && \ ++ mv $@-t $@ ++MOSTLYCLEANFILES += selinux/context.h selinux/context.h-t ++MOSTLYCLEANDIRS += selinux ++ ++EXTRA_DIST += getfilecon.c ++ ++EXTRA_libgnulib_a_SOURCES += getfilecon.c ++ ++## end gnulib module selinux-h ++ + ## begin gnulib module setenv + + +Index: findutils-4.4.2/gnulib/lib/at-func.c +=================================================================== +--- findutils-4.4.2.orig/gnulib/lib/at-func.c ++++ findutils-4.4.2/gnulib/lib/at-func.c +@@ -1,5 +1,5 @@ + /* Define an at-style functions like fstatat, unlinkat, fchownat, etc. +- Copyright (C) 2006 Free Software Foundation, Inc. ++ Copyright (C) 2006, 2009 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +@@ -16,62 +16,106 @@ + + /* written by Jim Meyering */ + +-#define CALL_FUNC(F) \ +- (AT_FUNC_USE_F1_COND \ ++#include "dirname.h" /* solely for definition of IS_ABSOLUTE_FILE_NAME */ ++#include "openat.h" ++#include "openat-priv.h" ++#include "save-cwd.h" ++ ++#ifdef AT_FUNC_USE_F1_COND ++# define CALL_FUNC(F) \ ++ (flag == AT_FUNC_USE_F1_COND \ + ? AT_FUNC_F1 (F AT_FUNC_POST_FILE_ARGS) \ + : AT_FUNC_F2 (F AT_FUNC_POST_FILE_ARGS)) +- +-/* Call AT_FUNC_F1 or AT_FUNC_F2 (testing AT_FUNC_USE_F1_COND to +- determine which) to operate on FILE, which is in the directory +- open on descriptor FD. If possible, do it without changing the ++# define VALIDATE_FLAG(F) \ ++ if (flag & ~AT_FUNC_USE_F1_COND) \ ++ { \ ++ errno = EINVAL; \ ++ return FUNC_FAIL; \ ++ } ++#else ++# define CALL_FUNC(F) (AT_FUNC_F1 (F AT_FUNC_POST_FILE_ARGS)) ++# define VALIDATE_FLAG(F) /* empty */ ++#endif ++ ++#ifdef AT_FUNC_RESULT ++# define FUNC_RESULT AT_FUNC_RESULT ++#else ++# define FUNC_RESULT int ++#endif ++ ++#ifdef AT_FUNC_FAIL ++# define FUNC_FAIL AT_FUNC_FAIL ++#else ++# define FUNC_FAIL -1 ++#endif ++ ++/* Call AT_FUNC_F1 to operate on FILE, which is in the directory ++ open on descriptor FD. If AT_FUNC_USE_F1_COND is defined to a value, ++ AT_FUNC_POST_FILE_PARAM_DECLS must inlude a parameter named flag; ++ call AT_FUNC_F2 if FLAG is 0 or fail if FLAG contains more bits than ++ AT_FUNC_USE_F1_COND. Return int and fail with -1 unless AT_FUNC_RESULT ++ or AT_FUNC_FAIL are defined. If possible, do it without changing the + working directory. Otherwise, resort to using save_cwd/fchdir, + then AT_FUNC_F?/restore_cwd. If either the save_cwd or the restore_cwd + fails, then give a diagnostic and exit nonzero. */ +-int ++FUNC_RESULT + AT_FUNC_NAME (int fd, char const *file AT_FUNC_POST_FILE_PARAM_DECLS) + { ++ /* Be careful to choose names unlikely to conflict with ++ AT_FUNC_POST_FILE_PARAM_DECLS. */ + struct saved_cwd saved_cwd; + int saved_errno; +- int err; ++ FUNC_RESULT err; ++ ++ VALIDATE_FLAG (flag); + + if (fd == AT_FDCWD || IS_ABSOLUTE_FILE_NAME (file)) + return CALL_FUNC (file); + + { +- char buf[OPENAT_BUFFER_SIZE]; +- char *proc_file = openat_proc_name (buf, fd, file); ++ char proc_buf[OPENAT_BUFFER_SIZE]; ++ char *proc_file = openat_proc_name (proc_buf, fd, file); + if (proc_file) + { +- int proc_result = CALL_FUNC (proc_file); +- int proc_errno = errno; +- if (proc_file != buf) +- free (proc_file); +- /* If the syscall succeeds, or if it fails with an unexpected +- errno value, then return right away. Otherwise, fall through +- and resort to using save_cwd/restore_cwd. */ +- if (0 <= proc_result) +- return proc_result; +- if (! EXPECTED_ERRNO (proc_errno)) +- { +- errno = proc_errno; +- return proc_result; +- } ++ FUNC_RESULT proc_result = CALL_FUNC (proc_file); ++ int proc_errno = errno; ++ if (proc_file != proc_buf) ++ free (proc_file); ++ /* If the syscall succeeds, or if it fails with an unexpected ++ errno value, then return right away. Otherwise, fall through ++ and resort to using save_cwd/restore_cwd. */ ++ if (FUNC_FAIL != proc_result) ++ return proc_result; ++ if (! EXPECTED_ERRNO (proc_errno)) ++ { ++ errno = proc_errno; ++ return proc_result; ++ } + } + } + + if (save_cwd (&saved_cwd) != 0) + openat_save_fail (errno); ++ if (0 <= fd && fd == saved_cwd.desc) ++ { ++ /* If saving the working directory collides with the user's ++ requested fd, then the user's fd must have been closed to ++ begin with. */ ++ free_cwd (&saved_cwd); ++ errno = EBADF; ++ return FUNC_FAIL; ++ } + + if (fchdir (fd) != 0) + { + saved_errno = errno; + free_cwd (&saved_cwd); + errno = saved_errno; +- return -1; ++ return FUNC_FAIL; + } + + err = CALL_FUNC (file); +- saved_errno = (err < 0 ? errno : 0); ++ saved_errno = (err == FUNC_FAIL ? errno : 0); + + if (restore_cwd (&saved_cwd) != 0) + openat_restore_fail (errno); +@@ -83,3 +127,5 @@ AT_FUNC_NAME (int fd, char const *file A + return err; + } + #undef CALL_FUNC ++#undef FUNC_RESULT ++#undef FUNC_FAIL +Index: findutils-4.4.2/gnulib/lib/getfilecon.c +=================================================================== +--- /dev/null ++++ findutils-4.4.2/gnulib/lib/getfilecon.c +@@ -0,0 +1,87 @@ ++/* wrap getfilecon, lgetfilecon, and fgetfilecon ++ Copyright (C) 2009 Free Software Foundation, Inc. ++ ++ This program is free software; you can redistribute it and/or modify ++ it under the terms of the GNU General Public License as published by ++ the Free Software Foundation; either version 3, or (at your option) ++ any later version. ++ ++ This program is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ GNU General Public License for more details. ++ ++ You should have received a copy of the GNU General Public License ++ along with this program; if not, write to the Free Software Foundation, ++ Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ ++ ++/* written by Jim Meyering */ ++ ++#include ++ ++#include ++ ++#include ++#include ++#include ++ ++/* FIXME: remove this once there is an errno-gnu module ++ that guarantees the definition of ENODATA. */ ++#ifndef ENODATA ++# define ENODATA ENOTSUP ++#endif ++ ++#undef getfilecon ++#undef lgetfilecon ++#undef fgetfilecon ++int getfilecon (char const *file, security_context_t *con); ++int lgetfilecon (char const *file, security_context_t *con); ++int fgetfilecon (int fd, security_context_t *con); ++ ++/* getfilecon, lgetfilecon, and fgetfilecon can all misbehave, be it ++ via an old version of libselinux where these would return 0 and set the ++ result context to NULL, or via a modern kernel+lib operating on a file ++ from a disk whose attributes were set by a kernel from around 2006. ++ In that latter case, the functions return a length of 10 for the ++ "unlabeled" context. Map both failures to a return value of -1, and ++ set errno to ENOTSUP in the first case, and ENODATA in the latter. */ ++ ++static inline int ++map_to_failure (int ret, security_context_t *con) ++{ ++ if (ret == 0) ++ { ++ errno = ENOTSUP; ++ return -1; ++ } ++ ++ if (ret == 10 && strcmp (*con, "unlabeled") == 0) ++ { ++ freecon (*con); ++ errno = ENODATA; ++ return -1; ++ } ++ ++ return ret; ++} ++ ++int ++rpl_getfilecon (char const *file, security_context_t *con) ++{ ++ int ret = getfilecon (file, con); ++ return map_to_failure (ret, con); ++} ++ ++int ++rpl_lgetfilecon (char const *file, security_context_t *con) ++{ ++ int ret = lgetfilecon (file, con); ++ return map_to_failure (ret, con); ++} ++ ++int ++rpl_fgetfilecon (int fd, security_context_t *con) ++{ ++ int ret = fgetfilecon (fd, con); ++ return map_to_failure (ret, con); ++} +Index: findutils-4.4.2/gnulib/lib/openat.c +=================================================================== +--- findutils-4.4.2.orig/gnulib/lib/openat.c ++++ findutils-4.4.2/gnulib/lib/openat.c +@@ -1,5 +1,5 @@ + /* provide a replacement openat function +- Copyright (C) 2004, 2005, 2006, 2007 Free Software Foundation, Inc. ++ Copyright (C) 2004-2009 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +@@ -22,13 +22,108 @@ + + #include + #include ++#include ++#include + + #include "dirname.h" /* solely for definition of IS_ABSOLUTE_FILE_NAME */ +-#include "fcntl--.h" +-#include "lstat.h" + #include "openat-priv.h" + #include "save-cwd.h" + ++#if HAVE_OPENAT ++ ++# undef openat ++ ++/* Like openat, but work around Solaris 9 bugs with trailing slash. */ ++int ++rpl_openat (int dfd, char const *filename, int flags, ...) ++{ ++ mode_t mode; ++ int fd; ++ ++ mode = 0; ++ if (flags & O_CREAT) ++ { ++ va_list arg; ++ va_start (arg, flags); ++ ++ /* We have to use PROMOTED_MODE_T instead of mode_t, otherwise GCC 4 ++ creates crashing code when 'mode_t' is smaller than 'int'. */ ++ mode = va_arg (arg, PROMOTED_MODE_T); ++ ++ va_end (arg); ++ } ++ ++#if OPEN_TRAILING_SLASH_BUG ++ /* If the filename ends in a slash and one of O_CREAT, O_WRONLY, O_RDWR ++ is specified, then fail. ++ Rationale: POSIX ++ says that ++ "A pathname that contains at least one non-slash character and that ++ ends with one or more trailing slashes shall be resolved as if a ++ single dot character ( '.' ) were appended to the pathname." ++ and ++ "The special filename dot shall refer to the directory specified by ++ its predecessor." ++ If the named file already exists as a directory, then ++ - if O_CREAT is specified, open() must fail because of the semantics ++ of O_CREAT, ++ - if O_WRONLY or O_RDWR is specified, open() must fail because POSIX ++ says that it ++ fails with errno = EISDIR in this case. ++ If the named file does not exist or does not name a directory, then ++ - if O_CREAT is specified, open() must fail since open() cannot create ++ directories, ++ - if O_WRONLY or O_RDWR is specified, open() must fail because the ++ file does not contain a '.' directory. */ ++ if (flags & (O_CREAT | O_WRONLY | O_RDWR)) ++ { ++ size_t len = strlen (filename); ++ if (len > 0 && filename[len - 1] == '/') ++ { ++ errno = EISDIR; ++ return -1; ++ } ++ } ++#endif ++ ++ fd = openat (dfd, filename, flags, mode); ++ ++#if OPEN_TRAILING_SLASH_BUG ++ /* If the filename ends in a slash and fd does not refer to a directory, ++ then fail. ++ Rationale: POSIX ++ says that ++ "A pathname that contains at least one non-slash character and that ++ ends with one or more trailing slashes shall be resolved as if a ++ single dot character ( '.' ) were appended to the pathname." ++ and ++ "The special filename dot shall refer to the directory specified by ++ its predecessor." ++ If the named file without the slash is not a directory, open() must fail ++ with ENOTDIR. */ ++ if (fd >= 0) ++ { ++ /* We know len is positive, since open did not fail with ENOENT. */ ++ size_t len = strlen (filename); ++ if (filename[len - 1] == '/') ++ { ++ struct stat statbuf; ++ ++ if (fstat (fd, &statbuf) >= 0 && !S_ISDIR (statbuf.st_mode)) ++ { ++ close (fd); ++ errno = ENOTDIR; ++ return -1; ++ } ++ } ++ } ++#endif ++ ++ return fd; ++} ++ ++#else /* !HAVE_OPENAT */ ++ + /* Replacement for Solaris' openat function. + + First, try to simulate it via open ("/proc/self/fd/FD/FILE"). +@@ -47,12 +142,9 @@ openat (int fd, char const *file, int fl + va_list arg; + va_start (arg, flags); + +- /* If mode_t is narrower than int, use the promoted type (int), +- not mode_t. Use sizeof to guess whether mode_t is narrower; +- we don't know of any practical counterexamples. */ +- mode = (sizeof (mode_t) < sizeof (int) +- ? va_arg (arg, int) +- : va_arg (arg, mode_t)); ++ /* We have to use PROMOTED_MODE_T instead of mode_t, otherwise GCC 4 ++ creates crashing code when 'mode_t' is smaller than 'int'. */ ++ mode = va_arg (arg, PROMOTED_MODE_T); + + va_end (arg); + } +@@ -73,7 +165,7 @@ openat (int fd, char const *file, int fl + + int + openat_permissive (int fd, char const *file, int flags, mode_t mode, +- int *cwd_errno) ++ int *cwd_errno) + { + struct saved_cwd saved_cwd; + int saved_errno; +@@ -88,18 +180,18 @@ openat_permissive (int fd, char const *f + char *proc_file = openat_proc_name (buf, fd, file); + if (proc_file) + { +- int open_result = open (proc_file, flags, mode); +- int open_errno = errno; +- if (proc_file != buf) +- free (proc_file); +- /* If the syscall succeeds, or if it fails with an unexpected +- errno value, then return right away. Otherwise, fall through +- and resort to using save_cwd/restore_cwd. */ +- if (0 <= open_result || ! EXPECTED_ERRNO (open_errno)) +- { +- errno = open_errno; +- return open_result; +- } ++ int open_result = open (proc_file, flags, mode); ++ int open_errno = errno; ++ if (proc_file != buf) ++ free (proc_file); ++ /* If the syscall succeeds, or if it fails with an unexpected ++ errno value, then return right away. Otherwise, fall through ++ and resort to using save_cwd/restore_cwd. */ ++ if (0 <= open_result || ! EXPECTED_ERRNO (open_errno)) ++ { ++ errno = open_errno; ++ return open_result; ++ } + } + } + +@@ -107,9 +199,18 @@ openat_permissive (int fd, char const *f + if (! save_ok) + { + if (! cwd_errno) +- openat_save_fail (errno); ++ openat_save_fail (errno); + *cwd_errno = errno; + } ++ if (0 <= fd && fd == saved_cwd.desc) ++ { ++ /* If saving the working directory collides with the user's ++ requested fd, then the user's fd must have been closed to ++ begin with. */ ++ free_cwd (&saved_cwd); ++ errno = EBADF; ++ return -1; ++ } + + err = fchdir (fd); + saved_errno = errno; +@@ -119,11 +220,17 @@ openat_permissive (int fd, char const *f + err = open (file, flags, mode); + saved_errno = errno; + if (save_ok && restore_cwd (&saved_cwd) != 0) +- { +- if (! cwd_errno) +- openat_restore_fail (errno); +- *cwd_errno = errno; +- } ++ { ++ if (! cwd_errno) ++ { ++ /* Don't write a message to just-created fd 2. */ ++ saved_errno = errno; ++ if (err == STDERR_FILENO) ++ close (err); ++ openat_restore_fail (saved_errno); ++ } ++ *cwd_errno = errno; ++ } + } + + free_cwd (&saved_cwd); +@@ -144,125 +251,15 @@ openat_needs_fchdir (void) + char buf[OPENAT_BUFFER_SIZE]; + char *proc_file = openat_proc_name (buf, fd, "."); + if (proc_file) +- { +- needs_fchdir = false; +- if (proc_file != buf) +- free (proc_file); +- } ++ { ++ needs_fchdir = false; ++ if (proc_file != buf) ++ free (proc_file); ++ } + close (fd); + } + + return needs_fchdir; + } + +-#if !HAVE_FDOPENDIR +- +-/* Replacement for Solaris' function by the same name. +- +- First, try to simulate it via opendir ("/proc/self/fd/FD"). Failing +- that, simulate it by doing save_cwd/fchdir/opendir(".")/restore_cwd. +- If either the save_cwd or the restore_cwd fails (relatively unlikely), +- then give a diagnostic and exit nonzero. +- Otherwise, this function works just like Solaris' fdopendir. +- +- W A R N I N G: +- Unlike the other fd-related functions here, this one +- effectively consumes its FD parameter. The caller should not +- close or otherwise manipulate FD if this function returns successfully. */ +-DIR * +-fdopendir (int fd) +-{ +- struct saved_cwd saved_cwd; +- int saved_errno; +- DIR *dir; +- +- char buf[OPENAT_BUFFER_SIZE]; +- char *proc_file = openat_proc_name (buf, fd, "."); +- if (proc_file) +- { +- dir = opendir (proc_file); +- saved_errno = errno; +- } +- else +- { +- dir = NULL; +- saved_errno = EOPNOTSUPP; +- } +- +- /* If the syscall fails with an expected errno value, resort to +- save_cwd/restore_cwd. */ +- if (! dir && EXPECTED_ERRNO (saved_errno)) +- { +- if (save_cwd (&saved_cwd) != 0) +- openat_save_fail (errno); +- +- if (fchdir (fd) != 0) +- { +- dir = NULL; +- saved_errno = errno; +- } +- else +- { +- dir = opendir ("."); +- saved_errno = errno; +- +- if (restore_cwd (&saved_cwd) != 0) +- openat_restore_fail (errno); +- } +- +- free_cwd (&saved_cwd); +- } +- +- if (dir) +- close (fd); +- if (proc_file != buf) +- free (proc_file); +- errno = saved_errno; +- return dir; +-} +- +-#endif +- +-/* Replacement for Solaris' function by the same name. +- +- First, try to simulate it via l?stat ("/proc/self/fd/FD/FILE"). +- Failing that, simulate it via save_cwd/fchdir/(stat|lstat)/restore_cwd. +- If either the save_cwd or the restore_cwd fails (relatively unlikely), +- then give a diagnostic and exit nonzero. +- Otherwise, this function works just like Solaris' fstatat. */ +- +-#define AT_FUNC_NAME fstatat +-#define AT_FUNC_F1 lstat +-#define AT_FUNC_F2 stat +-#define AT_FUNC_USE_F1_COND flag == AT_SYMLINK_NOFOLLOW +-#define AT_FUNC_POST_FILE_PARAM_DECLS , struct stat *st, int flag +-#define AT_FUNC_POST_FILE_ARGS , st +-#include "at-func.c" +-#undef AT_FUNC_NAME +-#undef AT_FUNC_F1 +-#undef AT_FUNC_F2 +-#undef AT_FUNC_USE_F1_COND +-#undef AT_FUNC_POST_FILE_PARAM_DECLS +-#undef AT_FUNC_POST_FILE_ARGS +- +-/* Replacement for Solaris' function by the same name. +- +- First, try to simulate it via (unlink|rmdir) ("/proc/self/fd/FD/FILE"). +- Failing that, simulate it via save_cwd/fchdir/(unlink|rmdir)/restore_cwd. +- If either the save_cwd or the restore_cwd fails (relatively unlikely), +- then give a diagnostic and exit nonzero. +- Otherwise, this function works just like Solaris' unlinkat. */ +- +-#define AT_FUNC_NAME unlinkat +-#define AT_FUNC_F1 rmdir +-#define AT_FUNC_F2 unlink +-#define AT_FUNC_USE_F1_COND flag == AT_REMOVEDIR +-#define AT_FUNC_POST_FILE_PARAM_DECLS , int flag +-#define AT_FUNC_POST_FILE_ARGS /* empty */ +-#include "at-func.c" +-#undef AT_FUNC_NAME +-#undef AT_FUNC_F1 +-#undef AT_FUNC_F2 +-#undef AT_FUNC_USE_F1_COND +-#undef AT_FUNC_POST_FILE_PARAM_DECLS +-#undef AT_FUNC_POST_FILE_ARGS ++#endif /* !HAVE_OPENAT */ +Index: findutils-4.4.2/gnulib/lib/openat.h +=================================================================== +--- findutils-4.4.2.orig/gnulib/lib/openat.h ++++ findutils-4.4.2/gnulib/lib/openat.h +@@ -1,5 +1,5 @@ + /* provide a replacement openat function +- Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc. ++ Copyright (C) 2004-2006, 2008-2009 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +@@ -16,6 +16,9 @@ + + /* written by Jim Meyering */ + ++#ifndef _GL_HEADER_OPENAT ++#define _GL_HEADER_OPENAT ++ + #include + + #include +@@ -25,7 +28,7 @@ + #include + + #ifndef __attribute__ +-# if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 8) || __STRICT_ANSI__ ++# if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 8) + # define __attribute__(x) /* empty */ + # endif + #endif +@@ -34,46 +37,10 @@ + # define ATTRIBUTE_NORETURN __attribute__ ((__noreturn__)) + #endif + +-/* Work around a bug in Solaris 9 and 10: AT_FDCWD is positive. Its +- value exceeds INT_MAX, so its use as an int doesn't conform to the +- C standard, and GCC and Sun C complain in some cases. If the bug +- is present, undef AT_FDCWD here, so it can be redefined below. */ +-#if 0 < AT_FDCWD && AT_FDCWD == 0xffd19553 +-# undef AT_FDCWD +-#endif +- +-/* Use the same bit pattern as Solaris 9, but with the proper +- signedness. The bit pattern is important, in case this actually is +- Solaris with the above workaround. */ +-#ifndef AT_FDCWD +-# define AT_FDCWD (-3041965) +-#endif +- +-/* Use the same values as Solaris 9. This shouldn't matter, but +- there's no real reason to differ. */ +-#ifndef AT_SYMLINK_NOFOLLOW +-# define AT_SYMLINK_NOFOLLOW 4096 +-# define AT_REMOVEDIR 1 +-#endif +- +-#ifdef __OPENAT_PREFIX ++#if !HAVE_OPENAT + +-# undef openat +-# define __OPENAT_CONCAT(x, y) x ## y +-# define __OPENAT_XCONCAT(x, y) __OPENAT_CONCAT (x, y) +-# define __OPENAT_ID(y) __OPENAT_XCONCAT (__OPENAT_PREFIX, y) +-# define openat __OPENAT_ID (openat) +-int openat (int fd, char const *file, int flags, /* mode_t mode */ ...); + int openat_permissive (int fd, char const *file, int flags, mode_t mode, + int *cwd_errno); +-# if ! HAVE_FDOPENDIR +-# define fdopendir __OPENAT_ID (fdopendir) +-# endif +-DIR *fdopendir (int fd); +-# define fstatat __OPENAT_ID (fstatat) +-int fstatat (int fd, char const *file, struct stat *st, int flag); +-# define unlinkat __OPENAT_ID (unlinkat) +-int unlinkat (int fd, char const *file, int flag); + bool openat_needs_fchdir (void); + + #else +@@ -84,19 +51,8 @@ bool openat_needs_fchdir (void); + + #endif + +-#if HAVE_OPENAT && ! LSTAT_FOLLOWS_SLASHED_SYMLINK +-int rpl_fstatat (int fd, char const *file, struct stat *st, int flag); +-# if !COMPILING_FSTATAT +-# undef fstatat +-# define fstatat rpl_fstatat +-# endif +-#endif +- +-int mkdirat (int fd, char const *file, mode_t mode); + void openat_restore_fail (int) ATTRIBUTE_NORETURN; + void openat_save_fail (int) ATTRIBUTE_NORETURN; +-int fchmodat (int fd, char const *file, mode_t mode, int flag); +-int fchownat (int fd, char const *file, uid_t owner, gid_t group, int flag); + + /* Using these function names makes application code + slightly more readable than it would be with +@@ -124,3 +80,35 @@ lchmodat (int fd, char const *file, mode + { + return fchmodat (fd, file, mode, AT_SYMLINK_NOFOLLOW); + } ++ ++static inline int ++statat (int fd, char const *name, struct stat *st) ++{ ++ return fstatat (fd, name, st, 0); ++} ++ ++static inline int ++lstatat (int fd, char const *name, struct stat *st) ++{ ++ return fstatat (fd, name, st, AT_SYMLINK_NOFOLLOW); ++} ++ ++#if GNULIB_FACCESSAT ++/* For now, there are no wrappers named laccessat or leuidaccessat, ++ since gnulib doesn't support faccessat(,AT_SYMLINK_NOFOLLOW) and ++ since access rights on symlinks are of limited utility. */ ++ ++static inline int ++accessat (int fd, char const *file, int mode) ++{ ++ return faccessat (fd, file, mode, 0); ++} ++ ++static inline int ++euidaccessat (int fd, char const *file, int mode) ++{ ++ return faccessat (fd, file, mode, AT_EACCESS); ++} ++#endif ++ ++#endif /* _GL_HEADER_OPENAT */ +Index: findutils-4.4.2/gnulib/lib/se-selinux.in.h +=================================================================== +--- /dev/null ++++ findutils-4.4.2/gnulib/lib/se-selinux.in.h +@@ -0,0 +1,73 @@ ++#ifndef _GL_SELINUX_SELINUX_H ++# define _GL_SELINUX_SELINUX_H ++ ++# if __GNUC__ >= 3 ++#pragma GCC system_header ++# endif ++ ++# if HAVE_SELINUX_SELINUX_H ++ ++#@INCLUDE_NEXT@ @NEXT_SELINUX_SELINUX_H@ ++ ++# else ++ ++# include ++# include ++ ++typedef unsigned short security_class_t; ++# define security_context_t char* ++# define is_selinux_enabled() 0 ++ ++static inline int getcon (security_context_t *con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline void freecon (security_context_t con _UNUSED_PARAMETER_) {} ++ ++ ++static inline int getfscreatecon (security_context_t *con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline int setfscreatecon (security_context_t con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline int matchpathcon (char const *file _UNUSED_PARAMETER_, ++ mode_t m _UNUSED_PARAMETER_, ++ security_context_t *con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline int getfilecon (char const *file _UNUSED_PARAMETER_, ++ security_context_t *con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline int lgetfilecon (char const *file _UNUSED_PARAMETER_, ++ security_context_t *con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline int fgetfilecon (int fd, ++ security_context_t *con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline int setfilecon (char const *file _UNUSED_PARAMETER_, ++ security_context_t con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline int lsetfilecon (char const *file _UNUSED_PARAMETER_, ++ security_context_t con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline int fsetfilecon (int fd _UNUSED_PARAMETER_, ++ security_context_t con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++ ++static inline int security_check_context ++ (security_context_t con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline int security_check_context_raw ++ (security_context_t con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline int setexeccon (security_context_t con _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline int security_compute_create ++ (security_context_t scon _UNUSED_PARAMETER_, ++ security_context_t tcon _UNUSED_PARAMETER_, ++ security_class_t tclass _UNUSED_PARAMETER_, ++ security_context_t *newcon _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++static inline int matchpathcon_init_prefix ++ (char const *path _UNUSED_PARAMETER_, ++ char const *prefix _UNUSED_PARAMETER_) ++ { errno = ENOTSUP; return -1; } ++ ++# endif ++#endif /* _GL_SELINUX_SELINUX_H */ +Index: findutils-4.4.2/gnulib/lib/selinux-at.c +=================================================================== +--- /dev/null ++++ findutils-4.4.2/gnulib/lib/selinux-at.c +@@ -0,0 +1,72 @@ ++/* openat-style fd-relative functions for SE Linux ++ Copyright (C) 2007, 2009 Free Software Foundation, Inc. ++ ++ This program is free software: you can redistribute it and/or modify ++ it under the terms of the GNU General Public License as published by ++ the Free Software Foundation, either version 3 of the License, or ++ (at your option) any later version. ++ ++ This program is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ GNU General Public License for more details. ++ ++ You should have received a copy of the GNU General Public License ++ along with this program. If not, see . */ ++ ++/* written by Jim Meyering */ ++ ++#include ++ ++#include "selinux-at.h" ++#include "openat.h" ++ ++#include ++#include ++#include ++#include ++ ++#include "dirname.h" /* solely for definition of IS_ABSOLUTE_FILE_NAME */ ++#include "save-cwd.h" ++ ++#include "openat-priv.h" ++ ++#define AT_FUNC_NAME getfileconat ++#define AT_FUNC_F1 getfilecon ++#define AT_FUNC_POST_FILE_PARAM_DECLS , security_context_t *con ++#define AT_FUNC_POST_FILE_ARGS , con ++#include "at-func.c" ++#undef AT_FUNC_NAME ++#undef AT_FUNC_F1 ++#undef AT_FUNC_POST_FILE_PARAM_DECLS ++#undef AT_FUNC_POST_FILE_ARGS ++ ++#define AT_FUNC_NAME lgetfileconat ++#define AT_FUNC_F1 lgetfilecon ++#define AT_FUNC_POST_FILE_PARAM_DECLS , security_context_t *con ++#define AT_FUNC_POST_FILE_ARGS , con ++#include "at-func.c" ++#undef AT_FUNC_NAME ++#undef AT_FUNC_F1 ++#undef AT_FUNC_POST_FILE_PARAM_DECLS ++#undef AT_FUNC_POST_FILE_ARGS ++ ++#define AT_FUNC_NAME setfileconat ++#define AT_FUNC_F1 setfilecon ++#define AT_FUNC_POST_FILE_PARAM_DECLS , security_context_t con ++#define AT_FUNC_POST_FILE_ARGS , con ++#include "at-func.c" ++#undef AT_FUNC_NAME ++#undef AT_FUNC_F1 ++#undef AT_FUNC_POST_FILE_PARAM_DECLS ++#undef AT_FUNC_POST_FILE_ARGS ++ ++#define AT_FUNC_NAME lsetfileconat ++#define AT_FUNC_F1 lsetfilecon ++#define AT_FUNC_POST_FILE_PARAM_DECLS , security_context_t con ++#define AT_FUNC_POST_FILE_ARGS , con ++#include "at-func.c" ++#undef AT_FUNC_NAME ++#undef AT_FUNC_F1 ++#undef AT_FUNC_POST_FILE_PARAM_DECLS ++#undef AT_FUNC_POST_FILE_ARGS +Index: findutils-4.4.2/gnulib/lib/selinux-at.h +=================================================================== +--- /dev/null ++++ findutils-4.4.2/gnulib/lib/selinux-at.h +@@ -0,0 +1,52 @@ ++/* Prototypes for openat-style fd-relative SELinux functions ++ Copyright (C) 2007, 2009 Free Software Foundation, Inc. ++ ++ This program is free software: you can redistribute it and/or modify ++ it under the terms of the GNU General Public License as published by ++ the Free Software Foundation, either version 3 of the License, or ++ (at your option) any later version. ++ ++ This program is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ GNU General Public License for more details. ++ ++ You should have received a copy of the GNU General Public License ++ along with this program. If not, see . */ ++ ++#include ++#include ++ ++/* These are the dir-fd-relative variants of the functions without the ++ "at" suffix. For example, getfileconat (AT_FDCWD, file, &c) is usually ++ equivalent to getfilecon (file, &c). The emulation is accomplished ++ by first attempting getfilecon ("/proc/self/fd/DIR_FD/FILE", &c). ++ Failing that, simulate it via save_cwd/fchdir/getfilecon/restore_cwd. ++ If either the save_cwd or the restore_cwd fails (relatively unlikely), ++ then give a diagnostic and exit nonzero. */ ++ ++/* dir-fd-relative getfilecon. Set *CON to the SELinux security context ++ of the file specified by DIR_FD and FILE and return the length of *CON. ++ DIR_FD and FILE are interpreted as for fstatat[*]. A non-NULL *CON ++ must be freed with freecon. Upon error, set *CON to NULL, set errno ++ and return -1. ++ [*] with flags=0 here, with flags=AT_SYMLINK_NOFOLLOW for lgetfileconat */ ++int getfileconat (int dir_fd, char const *file, security_context_t *con); ++ ++/* dir-fd-relative lgetfilecon. This function is just like getfileconat, ++ except when DIR_FD and FILE specify a symlink: lgetfileconat operates on ++ the symlink, while getfileconat operates on the referent of the symlink. */ ++int lgetfileconat (int dir_fd, char const *file, security_context_t *con); ++ ++/* dir-fd-relative setfilecon. Set the SELinux security context of ++ the file specified by DIR_FD and FILE to CON. DIR_FD and FILE are ++ interpreted as for fstatat[*]. Upon success, return 0. ++ Otherwise, return -1 and set errno. */ ++int setfileconat (int dir_fd, char const *file, security_context_t con); ++ ++/* dir-fd-relative lsetfilecon. This function is just like setfileconat, ++ except that rather than dereferencing a symlink, this function affects it. */ ++/* dir-fd-relative lsetfilecon. This function is just like setfileconat, ++ except when DIR_FD and FILE specify a symlink: lsetfileconat operates on ++ the symlink, while setfileconat operates on the referent of the symlink. */ ++int lsetfileconat (int dir_fd, char const *file, security_context_t con); +Index: findutils-4.4.2/gnulib/m4/gnulib-comp.m4 +=================================================================== +--- findutils-4.4.2.orig/gnulib/m4/gnulib-comp.m4 ++++ findutils-4.4.2/gnulib/m4/gnulib-comp.m4 +@@ -165,6 +165,11 @@ AC_DEFUN([gl_INIT], + gl_SAME + gl_SAVE_CWD + gl_SAVEDIR ++ AC_CHECK_HEADERS([selinux/flask.h]) ++ AC_LIBOBJ([selinux-at]) ++ gl_HEADERS_SELINUX_SELINUX_H ++ gl_HEADERS_SELINUX_CONTEXT_H ++ AC_REQUIRE([AC_C_INLINE]) + gl_FUNC_SETENV + gl_FUNC_UNSETENV + gt_TYPE_SSIZE_T +@@ -425,6 +430,7 @@ AC_DEFUN([gl_FILE_LIST], [ + lib/getdate.h + lib/getdate.y + lib/getdelim.c ++ lib/getfilecon.c + lib/getline.c + lib/getopt.c + lib/getopt.in.h +@@ -506,6 +512,10 @@ AC_DEFUN([gl_FILE_LIST], [ + lib/save-cwd.h + lib/savedir.c + lib/savedir.h ++ lib/se-context.in.h ++ lib/se-selinux.in.h ++ lib/selinux-at.c ++ lib/selinux-at.h + lib/setenv.c + lib/setenv.h + lib/stat-macros.h +@@ -688,6 +698,8 @@ AC_DEFUN([gl_FILE_LIST], [ + m4/same.m4 + m4/save-cwd.m4 + m4/savedir.m4 ++ m4/selinux-context-h.m4 ++ m4/selinux-selinux-h.m4 + m4/setenv.m4 + m4/size_max.m4 + m4/ssize_t.m4 +Index: findutils-4.4.2/gnulib/m4/selinux-context-h.m4 +=================================================================== +--- /dev/null ++++ findutils-4.4.2/gnulib/m4/selinux-context-h.m4 +@@ -0,0 +1,16 @@ ++# serial 1 -*- Autoconf -*- ++# Copyright (C) 2006, 2007 Free Software Foundation, Inc. ++# This file is free software; the Free Software Foundation ++# gives unlimited permission to copy and/or distribute it, ++# with or without modifications, as long as this notice is preserved. ++ ++# From Jim Meyering ++# Provide , if necessary. ++ ++AC_DEFUN([gl_HEADERS_SELINUX_CONTEXT_H], ++[ ++ AC_CHECK_HEADERS([selinux/context.h], ++ [SELINUX_CONTEXT_H=], ++ [SELINUX_CONTEXT_H=selinux/context.h]) ++ AC_SUBST([SELINUX_CONTEXT_H]) ++]) +Index: findutils-4.4.2/gnulib/m4/selinux-selinux-h.m4 +=================================================================== +--- /dev/null ++++ findutils-4.4.2/gnulib/m4/selinux-selinux-h.m4 +@@ -0,0 +1,57 @@ ++# serial 3 -*- Autoconf -*- ++# Copyright (C) 2006, 2007, 2009 Free Software Foundation, Inc. ++# This file is free software; the Free Software Foundation ++# gives unlimited permission to copy and/or distribute it, ++# with or without modifications, as long as this notice is preserved. ++ ++# From Jim Meyering ++# Provide , if necessary. ++# If it is already present, provide wrapper functions to guard against ++# misbehavior from getfilecon, lgetfilecon, and fgetfilecon. ++ ++AC_DEFUN([gl_HEADERS_SELINUX_SELINUX_H], ++[ ++ AC_REQUIRE([gl_LIBSELINUX]) ++ AC_CHECK_HEADERS([selinux/selinux.h]) ++ ++ if test "$ac_cv_header_selinux_selinux_h" = yes; then ++ # We do have , so do compile getfilecon.c ++ # and arrange to use its wrappers. ++ AC_LIBOBJ([getfilecon]) ++ gl_CHECK_NEXT_HEADERS([selinux/selinux.h]) ++ AC_DEFINE([getfilecon], [rpl_getfilecon], ++ [Always use our getfilecon wrapper.]) ++ AC_DEFINE([lgetfilecon], [rpl_lgetfilecon], ++ [Always use our lgetfilecon wrapper.]) ++ AC_DEFINE([fgetfilecon], [rpl_fgetfilecon], ++ [Always use our fgetfilecon wrapper.]) ++ fi ++ ++ case "$ac_cv_search_setfilecon:$ac_cv_header_selinux_selinux_h" in ++ no:*) # already warned ++ ;; ++ *:no) ++ AC_MSG_WARN([libselinux was found but selinux/selinux.h is missing.]) ++ AC_MSG_WARN([AC_PACKAGE_NAME will be compiled without SELinux support.]) ++ esac ++]) ++ ++AC_DEFUN([gl_LIBSELINUX], ++[ ++ AC_REQUIRE([AC_CANONICAL_HOST]) ++ AC_REQUIRE([AC_CANONICAL_BUILD]) ++ LIB_SELINUX= ++ gl_save_LIBS=$LIBS ++ AC_SEARCH_LIBS([setfilecon], [selinux], ++ [test "$ac_cv_search_setfilecon" = "none required" || ++ LIB_SELINUX=$ac_cv_search_setfilecon]) ++ AC_SUBST([LIB_SELINUX]) ++ LIBS=$gl_save_LIBS ++ ++ # Warn if SELinux is found but libselinux is absent; ++ if test "$ac_cv_search_setfilecon" = no && ++ test "$host" = "$build" && test -d /selinux; then ++ AC_MSG_WARN([This system supports SELinux but libselinux is missing.]) ++ AC_MSG_WARN([AC_PACKAGE_NAME will be compiled without SELinux support.]) ++ fi ++]) diff --git a/findutils-4.4.2-selinux.patch b/findutils-4.4.2-selinux.patch new file mode 100644 index 0000000..948fefe --- /dev/null +++ b/findutils-4.4.2-selinux.patch @@ -0,0 +1,445 @@ +Index: findutils-4.4.2/NEWS +=================================================================== +--- findutils-4.4.2.orig/NEWS ++++ findutils-4.4.2/NEWS +@@ -1,5 +1,11 @@ + GNU findutils NEWS - User visible changes. -*- outline -*- (allout) + ++* Major changes in release 4.4.2, 2009-11-26 ++ ++** Functional Enhancements to find ++ ++patch #4848: Patch - Support for SELinux ++ + * Major changes in release 4.4.2, 2009-05-16 + + ** Bug Fixes +Index: findutils-4.4.2/doc/find.texi +=================================================================== +--- findutils-4.4.2.orig/doc/find.texi ++++ findutils-4.4.2/doc/find.texi +@@ -1242,6 +1242,14 @@ situation. + + @end deffn + ++@deffn Test -context pattern ++True if file's SELinux context matches the pattern @var{pattern}. ++The pattern uses shell glob matching. ++ ++This predicate is supported only on @code{find} versions compiled with ++SELinux support and only when SELinux is enabled. ++@end deffn ++ + @node Contents + @section Contents + +@@ -1737,6 +1745,7 @@ from the novel you are reading. + * Size Directives:: + * Location Directives:: + * Time Directives:: ++* Other Directives:: + * Formatting Flags:: + @end menu + +@@ -1894,6 +1903,14 @@ File's last modification time in the for + (@pxref{Time Formats}). + @end table + ++@node Other Directives ++@subsubsection Other Directives ++ ++@table @code ++@item %Z ++File's SELinux context, or empty string if the file has no SELinux context. ++@end table ++ + @node Time Formats + @subsection Time Formats + +Index: findutils-4.4.2/find/Makefile.am +=================================================================== +--- findutils-4.4.2.orig/find/Makefile.am ++++ findutils-4.4.2/find/Makefile.am +@@ -26,7 +26,7 @@ endif + + EXTRA_DIST = defs.h $(man_MANS) + INCLUDES = -I../gnulib/lib -I$(top_srcdir)/lib -I$(top_srcdir)/gnulib/lib -I../intl -DLOCALEDIR=\"$(localedir)\" +-LDADD = ./libfindtools.a ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@ @LIB_CLOCK_GETTIME@ @FINDLIBS@ ++LDADD = ./libfindtools.a ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@ @LIB_CLOCK_GETTIME@ @FINDLIBS@ @LIB_SELINUX@ + man_MANS = find.1 + SUBDIRS = . testsuite + +Index: findutils-4.4.2/find/defs.h +=================================================================== +--- findutils-4.4.2.orig/find/defs.h ++++ findutils-4.4.2/find/defs.h +@@ -48,6 +48,7 @@ Please stop compiling the program now + #include /* for bool/boolean */ + #include /* for uintmax_t */ + #include /* S_ISUID etc. */ ++#include + + + +@@ -315,6 +316,7 @@ struct predicate + struct samefile_file_id samefileid; /* samefile */ + mode_t type; /* type */ + struct format_val printf_vec; /* printf fprintf fprint ls fls print0 fprint0 print */ ++ security_context_t scontext; /* security context */ + } args; + + /* The next predicate in the user input sequence, +@@ -459,6 +461,7 @@ PREDICATEFUNCTION pred_used; + PREDICATEFUNCTION pred_user; + PREDICATEFUNCTION pred_writable; + PREDICATEFUNCTION pred_xtype; ++PREDICATEFUNCTION pred_context; + + + +@@ -604,6 +607,9 @@ struct options + */ + int regex_options; + ++ /* function used to get file context */ ++ int (*x_getfilecon) (int, const char *, security_context_t *); ++ + /* Optimisation level. One is the default. + */ + unsigned short optimisation_level; +Index: findutils-4.4.2/find/find.1 +=================================================================== +--- findutils-4.4.2.orig/find/find.1 ++++ findutils-4.4.2/find/find.1 +@@ -936,6 +936,8 @@ if \fIc\fR is `l'. In other words, for + checks the type of the file that + .B \-type + does not check. ++.IP "\-context \fIpattern\fR" ++(SELinux only) Security context of the file matches glob \fIpattern\fR. + + .SS ACTIONS + .IP "\-delete\fR" +@@ -1357,6 +1359,8 @@ File's type (like in + U=unknown type (shouldn't happen) + .IP %Y + File's type (like %y), plus follow symlinks: L=loop, N=nonexistent ++.IP %Z ++(SELinux only) file's security context. + .PP + A `%' character followed by any other character is discarded, but the + other character is printed (don't rely on this, as further format +Index: findutils-4.4.2/find/parser.c +=================================================================== +--- findutils-4.4.2.orig/find/parser.c ++++ findutils-4.4.2/find/parser.c +@@ -53,6 +53,8 @@ + #include + #include + ++#include "selinux-at.h" ++ + #if ENABLE_NLS + # include + # define _(Text) gettext (Text) +@@ -156,6 +158,7 @@ static boolean parse_noignore_race PARAM + static boolean parse_warn PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); + static boolean parse_xtype PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); + static boolean parse_quit PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); ++static boolean parse_context PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); + + boolean parse_print PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); + +@@ -252,6 +255,7 @@ static struct parser_table const parse_t + PARSE_TEST ("cmin", cmin), /* GNU */ + PARSE_TEST ("cnewer", cnewer), /* GNU */ + {ARG_TEST, "ctime", parse_time, pred_ctime}, /* POSIX */ ++ PARSE_TEST ("context", context), /* GNU */ + PARSE_POSOPT ("daystart", daystart), /* GNU */ + PARSE_ACTION ("delete", delete), /* GNU, Mac OS, FreeBSD */ + PARSE_OPTION ("d", d), /* Mac OS X, FreeBSD, NetBSD, OpenBSD, but deprecated in favour of -depth */ +@@ -349,6 +353,86 @@ static struct parser_table const parse_t + static const char *first_nonoption_arg = NULL; + static const struct parser_table *noop = NULL; + ++static int ++fallback_getfilecon (int fd, const char *name, security_context_t *p, ++ int prev_rv) ++{ ++ /* Our original getfilecon () call failed. Perhaps we can't follow a ++ * symbolic link. If that might be the problem, lgetfilecon () the link. ++ * Otherwise, admit defeat. */ ++ switch (errno) ++ { ++ case ENOENT: ++ case ENOTDIR: ++#ifdef DEBUG_STAT ++ fprintf (stderr, "fallback_getfilecon(): getfilecon(%s) failed; falling " ++ "back on lgetfilecon()\n", name); ++#endif ++ return lgetfileconat (fd, name, p); ++ ++ case EACCES: ++ case EIO: ++ case ELOOP: ++ case ENAMETOOLONG: ++#ifdef EOVERFLOW ++ case EOVERFLOW: /* EOVERFLOW is not #defined on UNICOS. */ ++#endif ++ default: ++ return prev_rv; ++ } ++} ++ ++/* optionh_getfilecon () implements the getfilecon operation when the ++ * -H option is in effect. ++ * ++ * If the item to be examined is a command-line argument, we follow ++ * symbolic links. If the getfilecon () call fails on the command-line ++ * item, we fall back on the properties of the symbolic link. ++ * ++ * If the item to be examined is not a command-line argument, we ++ * examine the link itself. */ ++int ++optionh_getfilecon (int fd, const char *name, security_context_t *p) ++{ ++ int rv; ++ if (0 == state.curdepth) ++ { ++ /* This file is from the command line; dereference the link (if it is ++ a link). */ ++ rv = getfileconat (fd, name, p); ++ if (0 == rv) ++ return 0; /* success */ ++ else ++ return fallback_getfilecon (fd, name, p, rv); ++ } ++ else ++ { ++ /* Not a file on the command line; do not dereference the link. */ ++ return lgetfileconat (fd, name, p); ++ } ++} ++ ++/* optionl_getfilecon () implements the getfilecon operation when the ++ * -L option is in effect. That option makes us examine the thing the ++ * symbolic link points to, not the symbolic link itself. */ ++int ++optionl_getfilecon (int fd, const char *name, security_context_t *p) ++{ ++ int rv = getfileconat (fd, name, p); ++ if (0 == rv) ++ return 0; /* normal case. */ ++ else ++ return fallback_getfilecon (fd, name, p, rv); ++} ++ ++/* optionp_getfilecon () implements the stat operation when the -P ++ * option is in effect (this is also the default). That option makes ++ * us examine the symbolic link itself, not the thing it points to. */ ++int ++optionp_getfilecon (int fd, const char *name, security_context_t *p) ++{ ++ return lgetfileconat (fd, name, p); ++} + + void + check_option_combinations(const struct predicate *p) +@@ -452,11 +536,13 @@ set_follow_state(enum SymlinkOption opt) + { + case SYMLINK_ALWAYS_DEREF: /* -L */ + options.xstat = optionl_stat; ++ options.x_getfilecon = optionl_getfilecon; + options.no_leaf_check = true; + break; + + case SYMLINK_NEVER_DEREF: /* -P (default) */ + options.xstat = optionp_stat; ++ options.x_getfilecon = optionp_getfilecon; + /* Can't turn no_leaf_check off because the user might have specified + * -noleaf anyway + */ +@@ -464,6 +550,7 @@ set_follow_state(enum SymlinkOption opt) + + case SYMLINK_DEREF_ARGSONLY: /* -H */ + options.xstat = optionh_stat; ++ options.x_getfilecon = optionh_getfilecon; + options.no_leaf_check = true; + } + } +@@ -1129,8 +1216,10 @@ tests (N can be +N or -N or N): -amin N + -nouser -nogroup -path PATTERN -perm [+-]MODE -regex PATTERN\n\ + -readable -writable -executable\n\ + -wholename PATTERN -size N[bcwkMG] -true -type [bcdpflsD] -uid N\n\ +- -used N -user NAME -xtype [bcdpfls]\n")); ++ -used N -user NAME -xtype [bcdpfls]")); + puts (_("\ ++ -context CONTEXT\n")); ++ puts (_("\n\ + actions: -delete -print0 -printf FORMAT -fprintf FILE FORMAT -print \n\ + -fprint0 FILE -fprint FILE -ls -fls FILE -prune -quit\n\ + -exec COMMAND ; -exec COMMAND {} + -ok COMMAND ;\n\ +@@ -2520,6 +2609,11 @@ parse_version (const struct parser_table + printf("LEAF_OPTIMISATION "); + ++features; + #endif ++ if (0 < is_selinux_enabled ()) ++ { ++ printf ("SELINUX "); ++ ++features; ++ } + + flags = 0; + if (is_fts_enabled(&flags)) +@@ -2555,6 +2649,31 @@ parse_version (const struct parser_table + } + + static boolean ++parse_context (const struct parser_table* entry, char **argv, int *arg_ptr) ++{ ++ struct predicate *our_pred; ++ ++ if ((argv == NULL) || (argv[*arg_ptr] == NULL)) ++ return false; ++ ++ if (is_selinux_enabled () <= 0) ++ { ++ error (1, 0, _("invalid predicate -context: SELinux is not enabled.")); ++ return false; ++ } ++ our_pred = insert_primary (entry); ++ our_pred->est_success_rate = 0.01f; ++ our_pred->need_stat = false; ++#ifdef DEBUG ++ our_pred->p_name = find_pred_name (pred_context); ++#endif /*DEBUG*/ ++ our_pred->args.scontext = argv[*arg_ptr]; ++ ++ (*arg_ptr)++; ++ return true; ++} ++ ++static boolean + parse_xdev (const struct parser_table* entry, char **argv, int *arg_ptr) + { + options.stay_on_filesystem = true; +@@ -2815,7 +2934,7 @@ insert_fprintf (struct format_val *vec, + if (*scan2 == '.') + for (scan2++; ISDIGIT (*scan2); scan2++) + /* Do nothing. */ ; +- if (strchr ("abcdDfFgGhHiklmMnpPsStuUyY", *scan2)) ++ if (strchr ("abcdDfFgGhHiklmMnpPsStuUyYZ", *scan2)) + { + segmentp = make_segment (segmentp, format, scan2 - format, + KIND_FORMAT, *scan2, 0, +@@ -2945,6 +3064,11 @@ make_segment (struct segment **segment, + *fmt++ = 's'; + break; + ++ case 'Z': /* SELinux security context */ ++ mycost = NeedsAccessInfo; ++ *fmt++ = 's'; ++ break; ++ + case 'H': /* ARGV element file was found under */ + *fmt++ = 's'; + break; +Index: findutils-4.4.2/find/pred.c +=================================================================== +--- findutils-4.4.2.orig/find/pred.c ++++ findutils-4.4.2/find/pred.c +@@ -48,6 +48,8 @@ + #include "error.h" + #include "verify.h" + ++#include ++ + #if ENABLE_NLS + # include + # define _(Text) gettext (Text) +@@ -230,6 +232,7 @@ struct pred_assoc pred_table[] = + {pred_user, "user "}, + {pred_writable, "writable "}, + {pred_xtype, "xtype "}, ++ {pred_context, "context"}, + {0, "none "} + }; + #endif +@@ -1054,6 +1057,30 @@ do_fprintf(struct format_val *dest, + mode_to_filetype(stat_buf->st_mode & S_IFMT)); + } + break; ++ ++ case 'Z': /* SELinux security context */ ++ { ++ security_context_t scontext; ++ int rv = (*options.x_getfilecon) (state.cwd_dir_fd, state.rel_pathname, ++ &scontext); ++ if (rv < 0) ++ { ++ /* If getfilecon fails, there will in the general case ++ still be some text to print. We just make %Z expand ++ to an empty string. */ ++ checked_fprintf (dest, segment->text, ""); ++ ++ error (0, errno, "getfilecon: %s", ++ safely_quote_err_filename (0, pathname)); ++ state.exit_status = 1; ++ } ++ else ++ { ++ checked_fprintf (dest, segment->text, scontext); ++ freecon (scontext); ++ } ++ } ++ break; + } + /* end of KIND_FORMAT case */ + break; +@@ -1844,6 +1871,26 @@ pred_xtype (const char *pathname, struct + */ + return (pred_type (pathname, &sbuf, pred_ptr)); + } ++ ++ ++boolean ++pred_context (const char *pathname, struct stat *stat_buf, ++ struct predicate *pred_ptr) ++{ ++ security_context_t scontext; ++ int rv = (*options.x_getfilecon) (state.cwd_dir_fd, state.rel_pathname, ++ &scontext); ++ if (rv < 0) ++ { ++ error (0, errno, "getfilecon: %s", safely_quote_err_filename (0, pathname)); ++ return false; ++ } ++ ++ rv = (fnmatch (pred_ptr->args.scontext, scontext, 0) == 0); ++ freecon (scontext); ++ return rv; ++} ++ + + /* 1) fork to get a child; parent remembers the child pid + 2) child execs the command requested +Index: findutils-4.4.2/find/tree.c +=================================================================== +--- findutils-4.4.2.orig/find/tree.c ++++ findutils-4.4.2/find/tree.c +@@ -904,6 +904,7 @@ static struct pred_cost_lookup costlooku + { pred_cmin , NeedsStatInfo, }, + { pred_cnewer , NeedsStatInfo, }, + { pred_comma , NeedsNothing, }, ++ { pred_context , NeedsAccessInfo }, + { pred_ctime , NeedsStatInfo, }, + { pred_delete , NeedsSyncDiskHit }, + { pred_empty , NeedsStatInfo }, +@@ -1434,6 +1435,7 @@ get_new_pred (const struct parser_table + last_pred->need_stat = true; + last_pred->need_type = true; + last_pred->args.str = NULL; ++ last_pred->args.scontext = NULL; + last_pred->pred_next = NULL; + last_pred->pred_left = NULL; + last_pred->pred_right = NULL; diff --git a/findutils-4.4.0.diff b/findutils-4.4.2-updatedb.patch similarity index 63% rename from findutils-4.4.0.diff rename to findutils-4.4.2-updatedb.patch index 206f9f9..ee16427 100644 --- a/findutils-4.4.0.diff +++ b/findutils-4.4.2-updatedb.patch @@ -1,6 +1,8 @@ ---- doc/find.texi +Index: doc/find.texi +=================================================================== +--- doc/find.texi.orig +++ doc/find.texi -@@ -3329,7 +3329,7 @@ Default is none. +@@ -3364,7 +3364,7 @@ Default is none. @item --prunepaths='@var{path}@dots{}' Directories to omit from the database, which would otherwise be included. The environment variable @code{PRUNEPATHS} also sets this @@ -9,61 +11,9 @@ used as regular expressions (with @code{find ... -regex}, so you need to specify these paths in the same way that @code{find} will encounter them. This means for example that the paths must not include trailing ---- find/ftsfind.c -+++ find/ftsfind.c -@@ -388,7 +388,7 @@ consider_visiting(FTS *p, FTSENT *ent) - { - struct stat statbuf; - mode_t mode; -- int ignore, isdir; -+ int ignore; - - if (options.debug_options & DebugSearch) - fprintf(stderr, -@@ -498,22 +498,6 @@ consider_visiting(FTS *p, FTSENT *ent) - - /* examine this item. */ - ignore = 0; -- isdir = S_ISDIR(statbuf.st_mode) -- || (FTS_D == ent->fts_info) -- || (FTS_DP == ent->fts_info) -- || (FTS_DC == ent->fts_info); -- -- if (isdir && (ent->fts_info == FTS_NSOK)) -- { -- /* This is a directory, but fts did not stat it, so -- * presumably would not be planning to search its -- * children. Force a stat of the file so that the -- * children can be checked. -- */ -- fts_set(p, ent, FTS_AGAIN); -- return; -- } -- - if (options.maxdepth >= 0) - { - if (ent->fts_level >= options.maxdepth) ---- find/parser.c -+++ find/parser.c -@@ -3234,7 +3234,7 @@ get_relative_timestamp (const char *str, - double sec_per_unit, - const char *overflowmessage) - { -- uintmax_t checkval; -+ double checkval; - double offset, seconds, nanosec; - - if (get_comp_type(&str, &result->kind)) -@@ -3259,7 +3259,7 @@ get_relative_timestamp (const char *str, - - result->ts.tv_sec = origin.tv_sec - seconds; - result->ts.tv_nsec = origin.tv_nsec - nanosec; -- checkval = (uintmax_t)origin.tv_sec - seconds; -+ checkval = origin.tv_sec - seconds; - - if (origin.tv_nsec < nanosec) - { ---- locate/updatedb.1 +Index: locate/updatedb.1 +=================================================================== +--- locate/updatedb.1.orig +++ locate/updatedb.1 @@ -75,8 +75,7 @@ Default is \fInfs NFS proc\fP. .TP @@ -84,7 +34,9 @@ You can also use the environment variable \fBNETUSER\fP to set this user. .TP .B \-\-old\-format ---- locate/updatedb.sh +Index: locate/updatedb.sh +=================================================================== +--- locate/updatedb.sh.orig +++ locate/updatedb.sh @@ -158,7 +158,7 @@ select_shell() { : ${NETPATHS=} @@ -108,13 +60,13 @@ PATH=/bin:/usr/bin:${BINDIR}; export PATH --: ${PRUNEFS="nfs NFS proc afs proc smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs sysfs shfs"} -+: ${PRUNEFS="nfs NFS nfs4 afs proc smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs sysfs shfs cifs 9P"} +-: ${PRUNEFS="nfs NFS proc afs smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs sysfs shfs"} ++: ${PRUNEFS="nfs NFS proc afs smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs sysfs shfs cifs 9P"} if test -n "$PRUNEFS"; then -prunefs_exp=`echo $PRUNEFS |sed -e 's/\([^ ][^ ]*\)/-o -fstype \1/g' \ - -e 's/-o //' -e 's/$/ -o/'` -+ prunefs_exp=`echo $PRUNEFS |sed -e 's/\([^ ][^ ]*\)/-fstype \1 -o/g'` ++prunefs_exp=`echo $PRUNEFS |sed -e 's/\([^ ][^ ]*\)/-fstype \1 -o/g'` else prunefs_exp='' fi diff --git a/findutils-4.4.2-xautofs.patch b/findutils-4.4.2-xautofs.patch new file mode 100644 index 0000000..06ee7f5 --- /dev/null +++ b/findutils-4.4.2-xautofs.patch @@ -0,0 +1,109 @@ +Index: findutils-4.4.2/doc/find.texi +=================================================================== +--- findutils-4.4.2.orig/doc/find.texi ++++ findutils-4.4.2/doc/find.texi +@@ -1413,6 +1413,10 @@ them. + There are two ways to avoid searching certain filesystems. One way is + to tell @code{find} to only search one filesystem: + ++@deffn Option -xautofs ++Don't descend directories on autofs filesystems. ++@end deffn ++ + @deffn Option -xdev + @deffnx Option -mount + Don't descend directories on other filesystems. These options are +Index: findutils-4.4.2/find/defs.h +=================================================================== +--- findutils-4.4.2.orig/find/defs.h ++++ findutils-4.4.2/find/defs.h +@@ -550,6 +550,9 @@ struct options + /* If true, don't cross filesystem boundaries. */ + boolean stay_on_filesystem; + ++ /* If true, don't descend directories on autofs filesystems. */ ++ boolean bypass_autofs; ++ + /* If true, we ignore the problem where we find that a directory entry + * no longer exists by the time we get around to processing it. + */ +Index: findutils-4.4.2/find/find.1 +=================================================================== +--- findutils-4.4.2.orig/find/find.1 ++++ findutils-4.4.2/find/find.1 +@@ -451,6 +451,9 @@ if standard input is a tty, and to + .B \-nowarn + otherwise. + ++.IP \-xautofs ++Don't descend directories on autofs filesystems. ++ + .IP \-xdev + Don't descend directories on other filesystems. + +Index: findutils-4.4.2/find/ftsfind.c +=================================================================== +--- findutils-4.4.2.orig/find/ftsfind.c ++++ findutils-4.4.2/find/ftsfind.c +@@ -525,6 +525,12 @@ consider_visiting(FTS *p, FTSENT *ent) + } + } + ++ if (options.bypass_autofs && ++ 0 == strcmp ("autofs", filesystem_type (&statbuf, ent->fts_name))) ++ { ++ fts_set(p, ent, FTS_SKIP); /* descend no further */ ++ } ++ + if ( (ent->fts_info == FTS_D) && !options.do_dir_first ) + { + /* this is the preorder visit, but user said -depth */ +Index: findutils-4.4.2/find/parser.c +=================================================================== +--- findutils-4.4.2.orig/find/parser.c ++++ findutils-4.4.2/find/parser.c +@@ -150,6 +150,7 @@ static boolean parse_user PARAM + static boolean parse_version PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); + static boolean parse_wholename PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); + static boolean parse_xdev PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); ++static boolean parse_xautofs PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); + static boolean parse_ignore_race PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); + static boolean parse_noignore_race PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); + static boolean parse_warn PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); +@@ -320,6 +321,7 @@ static struct parser_table const parse_t + PARSE_TEST_NP ("wholename", wholename), /* GNU, replaced -path, but anyway -path will soon be in POSIX */ + {ARG_TEST, "writable", parse_accesscheck, pred_writable}, /* GNU, 4.3.0+ */ + PARSE_OPTION ("xdev", xdev), /* POSIX */ ++ PARSE_OPTION ("xautofs", xautofs), + PARSE_TEST ("xtype", xtype), /* GNU */ + #ifdef UNIMPLEMENTED_UNIX + /* It's pretty ugly for find to know about archive formats. +@@ -2560,6 +2562,16 @@ parse_xdev (const struct parser_table* e + } + + static boolean ++parse_xautofs (const struct parser_table* entry, char **argv, int *arg_ptr) ++{ ++ (void) argv; ++ (void) arg_ptr; ++ (void) entry; ++ options.bypass_autofs = true; ++ return true; ++} ++ ++static boolean + parse_ignore_race (const struct parser_table* entry, char **argv, int *arg_ptr) + { + options.ignore_readdir_race = true; +Index: findutils-4.4.2/find/util.c +=================================================================== +--- findutils-4.4.2.orig/find/util.c ++++ findutils-4.4.2/find/util.c +@@ -933,6 +933,7 @@ set_option_defaults(struct options *p) + + p->full_days = false; + p->stay_on_filesystem = false; ++ p->bypass_autofs = false; + p->ignore_readdir_race = false; + + if (p->posixly_correct) diff --git a/findutils-4.4.2.tar.bz2 b/findutils-4.4.2.tar.bz2 new file mode 100644 index 0000000..0d291e8 --- /dev/null +++ b/findutils-4.4.2.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:62ff724e2de32788fa527df69c631ad34c6dfbbd5430b6b6dc410662a6d206d6 +size 1506634 diff --git a/findutils-null.diff b/findutils-null.diff deleted file mode 100644 index b878a01..0000000 --- a/findutils-null.diff +++ /dev/null @@ -1,11 +0,0 @@ ---- find/find.1 -+++ find/find.1 2009-03-10 16:13:42.792001067 +0100 -@@ -1166,7 +1166,7 @@ Carriage return. - Horizontal tab. - .IP \ev - Vertical tab. --.IP \e\0 -+.IP \e0 - ASCII NUL. - .IP \e\e - A literal backslash (`\e'). diff --git a/findutils-selinux.diff b/findutils-selinux.diff deleted file mode 100644 index e677bf2..0000000 --- a/findutils-selinux.diff +++ /dev/null @@ -1,486 +0,0 @@ ---- findutils-4.4.0/configure.ac -+++ findutils-4.4.0/configure.ac -@@ -114,6 +114,16 @@ AC_CHECK_LIB([m],[fabs],[FINDLIBS="-lm $ - AC_DEFINE_UNQUOTED(HAVE_FABS_IN_LIBM,1,[fabs is defined in -lm])) - AC_SUBST([FINDLIBS]) - -+AC_ARG_WITH([selinux], -+ AS_HELP_STRING([--without-selinux], [disable SELinux support]), -+ [:], -+[AC_CHECK_LIB([selinux], [is_selinux_enabled], -+ [with_selinux=yes], [with_selinux=no])]) -+if test x$with_selinux != xno; then -+ AC_DEFINE([WITH_SELINUX], [1], [Define to support SELinux]) -+ AC_SUBST([LIBSELINUX], [-lselinux]) -+fi -+ - dnl Checks for header files. - AC_HEADER_STDC - dnl Assume unistd.h is present - coreutils does too. ---- findutils-4.4.0/doc/find.texi -+++ findutils-4.4.0/doc/find.texi -@@ -1242,6 +1242,14 @@ situation. - - @end deffn - -+@deffn Test -context pattern -+True if file's SELinux context matches the pattern @var{pattern}. -+The pattern uses shell glob matching. -+ -+This predicate is supported only on @code{find} versions compiled with -+SELinux support and only when SELinux is enabled. -+@end deffn -+ - @node Contents - @section Contents - -@@ -1826,6 +1834,9 @@ value used for BLOCKSIZE is system-depen - bytes. If the file size is zero, the value printed is undefined. On - systems which lack support for st_blocks, a file's sparseness is - assumed to be 1.0. -+@item %Z -+File's SELinux context, or empty string if the file has no SELinux context -+or this version of find does not support SELinux. - @end table - - @node Location Directives ---- findutils-4.4.0/find/Makefile.am -+++ findutils-4.4.0/find/Makefile.am -@@ -26,7 +26,7 @@ endif - - EXTRA_DIST = defs.h $(man_MANS) - INCLUDES = -I../gnulib/lib -I$(top_srcdir)/lib -I$(top_srcdir)/gnulib/lib -I../intl -DLOCALEDIR=\"$(localedir)\" --LDADD = ./libfindtools.a ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@ @LIB_CLOCK_GETTIME@ @FINDLIBS@ -+LDADD = ./libfindtools.a ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@ @LIB_CLOCK_GETTIME@ @FINDLIBS@ @LIBSELINUX@ - man_MANS = find.1 - SUBDIRS = . testsuite - ---- findutils-4.4.0/find/defs.h -+++ findutils-4.4.0/find/defs.h -@@ -91,6 +91,9 @@ int get_statinfo PARAMS((const char *pat - #define MODE_RWX (S_IXUSR | S_IXGRP | S_IXOTH | MODE_RW) - #define MODE_ALL (S_ISUID | S_ISGID | S_ISVTX | MODE_RWX) - -+#ifdef WITH_SELINUX -+#include -+#endif - - struct predicate; - struct options; -@@ -315,6 +318,9 @@ struct predicate - struct samefile_file_id samefileid; /* samefile */ - mode_t type; /* type */ - struct format_val printf_vec; /* printf fprintf fprint ls fls print0 fprint0 print */ -+#ifdef WITH_SELINUX -+ security_context_t scontext; /* scontext */ -+#endif - } args; - - /* The next predicate in the user input sequence, -@@ -459,6 +465,9 @@ PREDICATEFUNCTION pred_used; - PREDICATEFUNCTION pred_user; - PREDICATEFUNCTION pred_writable; - PREDICATEFUNCTION pred_xtype; -+#ifdef WITH_SELINUX -+PREDICATEFUNCTION pred_context; -+#endif - - - -@@ -601,6 +610,10 @@ struct options - */ - int regex_options; - -+#ifdef WITH_SELINUX -+ int (*x_getfilecon) (const char *name, security_context_t *context); -+#endif -+ - /* Optimisation level. One is the default. - */ - unsigned short optimisation_level; ---- findutils-4.4.0/find/find.1 -+++ findutils-4.4.0/find/find.1 -@@ -934,6 +934,8 @@ if \fIc\fR is `l'. In other words, for - checks the type of the file that - .B \-type - does not check. -+.IP "\-context \fIpattern\fR" -+(SELinux only) Security context of the file matches glob \fIpattern\fR. - - .SS ACTIONS - .IP "\-delete\fR" -@@ -1340,6 +1342,8 @@ File's type (like in - U=unknown type (shouldn't happen) - .IP %Y - File's type (like %y), plus follow symlinks: L=loop, N=nonexistent -+.IP %Z -+(SELinux only) file's security context. - .PP - A `%' character followed by any other character is discarded, but the - other character is printed (don't rely on this, as further format ---- findutils-4.4.0/find/find.c -+++ findutils-4.4.0/find/find.c -@@ -120,6 +120,35 @@ int get_current_dirfd(void) - return AT_FDCWD; - } - -+#ifdef WITH_SELINUX -+static int -+fallback_getfilecon (const char *name, security_context_t *p, int prev_rv) -+{ -+ /* Our original getfilecon call failed. Perhaps we can't follow a -+ symbolic link. If that might be the problem, lgetfilecon the link. -+ Otherwise, admit defeat. */ -+ switch (errno) -+ { -+ case ENOENT: -+ case ENOTDIR: -+#ifdef DEBUG_STAT -+ fprintf(stderr, "fallback_getfilecon(): getfilecon(%s) failed; falling back on lgetfilecon()\n", name); -+#endif -+ return lgetfilecon (name, p); -+ -+ case EACCES: -+ case EIO: -+ case ELOOP: -+ case ENAMETOOLONG: -+#ifdef EOVERFLOW -+ case EOVERFLOW: /* EOVERFLOW is not #defined on UNICOS. */ -+#endif -+ default: -+ return prev_rv; -+ } -+} -+#endif /* WITH_SELINUX */ -+ - - int - main (int argc, char **argv) ---- findutils-4.4.0/find/parser.c -+++ findutils-4.4.0/find/parser.c -@@ -53,6 +53,10 @@ - #include - #include - -+#ifdef WITH_SELINUX -+#include -+#endif -+ - #if ENABLE_NLS - # include - # define _(Text) gettext (Text) -@@ -156,6 +160,9 @@ static boolean parse_noignore_race PARAM - static boolean parse_warn PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); - static boolean parse_xtype PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); - static boolean parse_quit PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); -+#ifdef WITH_SELINUX -+static boolean parse_context PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); -+#endif - - boolean parse_print PARAMS((const struct parser_table*, char *argv[], int *arg_ptr)); - -@@ -252,6 +259,9 @@ static struct parser_table const parse_t - PARSE_TEST ("cmin", cmin), /* GNU */ - PARSE_TEST ("cnewer", cnewer), /* GNU */ - {ARG_TEST, "ctime", parse_time, pred_ctime}, /* POSIX */ -+#ifdef WITH_SELINUX -+ PARSE_TEST ("context", context), /* GNU */ -+#endif - PARSE_POSOPT ("daystart", daystart), /* GNU */ - PARSE_ACTION ("delete", delete), /* GNU, Mac OS, FreeBSD */ - PARSE_OPTION ("d", d), /* Mac OS X, FreeBSD, NetBSD, OpenBSD, but deprecated in favour of -depth */ -@@ -348,6 +358,85 @@ static struct parser_table const parse_t - static const char *first_nonoption_arg = NULL; - static const struct parser_table *noop = NULL; - -+#ifdef WITH_SELINUX -+static int -+fallback_getfilecon (const char *name, security_context_t *p, int prev_rv) -+{ -+ /* Our original getfilecon call failed. Perhaps we can't follow a -+ symbolic link. If that might be the problem, lgetfilecon the link. -+ Otherwise, admit defeat. */ -+ switch (errno) -+ { -+ case ENOENT: -+ case ENOTDIR: -+#ifdef DEBUG_STAT -+ fprintf(stderr, "fallback_getfilecon(): getfilecon(%s) failed; falling back on lgetfilecon()\n", name); -+#endif -+ return lgetfilecon (name, p); -+ -+ case EACCES: -+ case EIO: -+ case ELOOP: -+ case ENAMETOOLONG: -+#ifdef EOVERFLOW -+ case EOVERFLOW: /* EOVERFLOW is not #defined on UNICOS. */ -+#endif -+ default: -+ return prev_rv; -+ } -+} -+ -+/* optionh_getfilecon implements the getfilecon operation when the -+ -H option is in effect. -+ -+ If the item to be examined is a command-line argument, we follow -+ symbolic links. If the getfilecon call fails on the command-line -+ item, we fall back on the properties of the symbolic link. -+ -+ If the item to be examined is not a command-line argument, we -+ examine the link itself. */ -+int -+optionh_getfilecon (const char *name, security_context_t *p) -+{ -+ if (state.curdepth == 0) -+ { -+ /* This file is from the command line; deference the link (if it -+ is a link). */ -+ int rv = getfilecon (name, p); -+ if (0 == rv) -+ return 0; /* success */ -+ else -+ return fallback_getfilecon (name, p, rv); -+ } -+ else -+ { -+ /* Not a file on the command line; do not derefernce the link. */ -+ return lgetfilecon (name, p); -+ } -+} -+ -+/* optionl_getfilecon implements the getfilecon operation when the -+ -L option is in effect. That option makes us examine the thing the -+ symbolic link points to, not the symbolic link itself. */ -+int -+optionl_getfilecon (const char *name, security_context_t *p) -+{ -+ int rv = getfilecon (name, p); -+ if (rv == 0) -+ return 0; /* normal case. */ -+ else -+ return fallback_getfilecon (name, p, rv); -+} -+ -+/* optionp_getfilecon implements the stat operation when the -P -+ option is in effect (this is also the default). That option makes -+ us examine the symbolic link itself, not the thing it points to. */ -+int -+optionp_getfilecon (const char *name, security_context_t *p) -+{ -+ return lgetfilecon (name, p); -+} -+#endif /* WITH_SELINUX */ - - void - check_option_combinations(const struct predicate *p) -@@ -451,11 +540,17 @@ set_follow_state(enum SymlinkOption opt) - { - case SYMLINK_ALWAYS_DEREF: /* -L */ - options.xstat = optionl_stat; -+#ifdef WITH_SELINUX -+ options.x_getfilecon = optionl_getfilecon; -+#endif - options.no_leaf_check = true; - break; - - case SYMLINK_NEVER_DEREF: /* -P (default) */ - options.xstat = optionp_stat; -+#ifdef WITH_SELINUX -+ options.x_getfilecon = optionp_getfilecon; -+#endif - /* Can't turn no_leaf_check off because the user might have specified - * -noleaf anyway - */ -@@ -463,6 +558,9 @@ set_follow_state(enum SymlinkOption opt) - - case SYMLINK_DEREF_ARGSONLY: /* -H */ - options.xstat = optionh_stat; -+#ifdef WITH_SELINUX -+ options.x_getfilecon = optionh_getfilecon; -+#endif - options.no_leaf_check = true; - } - } -@@ -1124,6 +1222,10 @@ tests (N can be +N or -N or N): -amin N - -cnewer FILE -ctime N -empty -false -fstype TYPE -gid N -group NAME\n\ - -ilname PATTERN -iname PATTERN -inum N -iwholename PATTERN -iregex PATTERN\n\ - -links N -lname PATTERN -mmin N -mtime N -name PATTERN -newer FILE")); -+#ifdef WITH_SELINUX -+ puts (_("\ -+ -context CONTEXT")); -+#endif - puts (_("\ - -nouser -nogroup -path PATTERN -perm [+-]MODE -regex PATTERN\n\ - -readable -writable -executable\n\ -@@ -2492,6 +2594,10 @@ parse_version (const struct parser_table - printf("LEAF_OPTIMISATION "); - ++features; - #endif -+#if defined (WITH_SELINUX) -+ printf ("SELINUX "); -+ ++features; -+#endif - - flags = 0; - if (is_fts_enabled(&flags)) -@@ -2526,6 +2632,32 @@ parse_version (const struct parser_table - exit (0); - } - -+#ifdef WITH_SELINUX -+static boolean -+parse_context (const struct parser_table* entry, char **argv, int *arg_ptr) -+{ -+ struct predicate *our_pred; -+ -+ if (argv == NULL || argv[*arg_ptr] == NULL) -+ return false; -+ -+ if (is_selinux_enabled () <= 0) -+ { -+ error (1, 0, _("invalid predicate -context: SELinux is not enabled.")); -+ return false; -+ } -+ our_pred = insert_primary (entry); -+ our_pred->need_stat = false; -+#ifdef DEBUG -+ our_pred->p_name = find_pred_name (pred_context); -+#endif /*DEBUG*/ -+ our_pred->args.scontext = argv[*arg_ptr]; -+ -+ (*arg_ptr)++; -+ return true; -+} -+#endif /* WITH_SELINUX */ -+ - static boolean - parse_xdev (const struct parser_table* entry, char **argv, int *arg_ptr) - { -@@ -2777,7 +2909,7 @@ insert_fprintf (struct format_val *vec, - if (*scan2 == '.') - for (scan2++; ISDIGIT (*scan2); scan2++) - /* Do nothing. */ ; -- if (strchr ("abcdDfFgGhHiklmMnpPsStuUyY", *scan2)) -+ if (strchr ("abcdDfFgGhHiklmMnpPsStuUyYZ", *scan2)) - { - segmentp = make_segment (segmentp, format, scan2 - format, - KIND_FORMAT, *scan2, 0, -@@ -2904,6 +3036,7 @@ make_segment (struct segment **segment, - case 'h': /* leading directories part of path */ - case 'p': /* pathname */ - case 'P': /* pathname with ARGV element stripped */ -+ case 'Z': /* SELinux security context */ - *fmt++ = 's'; - break; - ---- findutils-4.4.0/find/pred.c -+++ findutils-4.4.0/find/pred.c -@@ -47,6 +47,10 @@ - #include "error.h" - #include "verify.h" - -+#ifdef WITH_SELINUX -+#include -+#endif /*WITH_SELINUX*/ -+ - #if ENABLE_NLS - # include - # define _(Text) gettext (Text) -@@ -229,6 +233,9 @@ struct pred_assoc pred_table[] = - {pred_user, "user "}, - {pred_writable, "writable "}, - {pred_xtype, "xtype "}, -+#ifdef WITH_SELINUX -+ {pred_context, "context"}, -+#endif /*WITH_SELINUX*/ - {0, "none "} - }; - #endif -@@ -1053,6 +1060,27 @@ do_fprintf(struct format_val *dest, - mode_to_filetype(stat_buf->st_mode & S_IFMT)); - } - break; -+ case 'Z': /* SELinux security context */ -+#ifdef WITH_SELINUX -+ { -+ security_context_t scontext; -+ int rv; -+ rv = options.x_getfilecon (state.rel_pathname, &scontext); -+ -+ if (rv < 0) -+ { -+ fprintf (stderr, "getfilecon(%s): %s", pathname, -+ strerror (errno)); -+ fflush (stderr); -+ } -+ else -+ { -+ checked_fprintf (dest, segment->text, scontext); -+ freecon (scontext); -+ } -+ } -+#endif /* WITH_SELINUX */ -+ break; - } - /* end of KIND_FORMAT case */ - break; -@@ -1841,6 +1869,33 @@ pred_xtype (const char *pathname, struct - */ - return (pred_type (pathname, &sbuf, pred_ptr)); - } -+ -+ -+#ifdef WITH_SELINUX -+ -+boolean -+pred_context (const char *pathname, struct stat *stat_buf, -+ struct predicate *pred_ptr) -+{ -+ int rv; -+ security_context_t scontext; -+ -+ rv = options.x_getfilecon (state.rel_pathname, &scontext); -+ -+ if (rv < 0) -+ { -+ fprintf (stderr, "getfilecon(%s): %s\n", pathname, strerror (errno)); -+ fflush (stderr); -+ return false; -+ } -+ -+ rv = fnmatch (pred_ptr->args.scontext, scontext, 0) == 0; -+ freecon (scontext); -+ return rv; -+} -+ -+#endif /*WITH_SELINUX*/ -+ - - /* 1) fork to get a child; parent remembers the child pid - 2) child execs the command requested ---- findutils-4.4.0/find/tree.c -+++ findutils-4.4.0/find/tree.c -@@ -953,7 +953,10 @@ static struct pred_cost_lookup costlooku - { pred_used , NeedsStatInfo }, - { pred_user , NeedsStatInfo }, - { pred_writable , NeedsAccessInfo }, -- { pred_xtype , NeedsType } /* roughly correct unless most files are symlinks */ -+ { pred_xtype , NeedsType }, /* roughly correct unless most files are symlinks */ -+#ifdef WITH_SELINUX -+ { pred_context , NeedsNothing } /* remove warning only:) */ -+#endif - }; - static int pred_table_sorted = 0; - -@@ -1434,6 +1437,9 @@ get_new_pred (const struct parser_table - last_pred->need_stat = true; - last_pred->need_type = true; - last_pred->args.str = NULL; -+#ifdef WITH_SELINUX -+ last_pred->args.scontext = NULL; -+#endif - last_pred->pred_next = NULL; - last_pred->pred_left = NULL; - last_pred->pred_right = NULL; diff --git a/findutils.changes b/findutils.changes index 6550cd2..c90571b 100644 --- a/findutils.changes +++ b/findutils.changes @@ -1,7 +1,17 @@ +------------------------------------------------------------------- +Mon Mar 8 18:53:10 CET 2010 - prusnak@suse.cz + +- updated to 4.4.2 + * see NEWS for more info +- updated SElinux patches (selinux.patch, selinux-gnulib.patch) +- added more patches from Fedora (autofs.patch, ftsremount.patch, xautofs.patch) +- findutils.patch renamed to updatedb.patch +- split-off lang package + ------------------------------------------------------------------- Fri Jul 10 19:26:16 UTC 2009 - jansimon.moeller@opensuse.org -- Workaround for a qemu-user bug, we hit. +- Workaround for a qemu-user bug, we hit. A qemu patch is being discussed, but for now ... This is important for the ARM build process to work. @@ -40,7 +50,7 @@ Tue Mar 18 10:40:04 CET 2008 - schwab@suse.de ------------------------------------------------------------------- Sun Feb 24 17:24:53 CET 2008 - crrodriguez@suse.de -- use find_lang macro +- use find_lang macro ------------------------------------------------------------------- Thu Feb 14 10:33:47 CET 2008 - schwab@suse.de @@ -85,7 +95,7 @@ Fri Jan 25 22:32:40 CET 2008 - schwab@suse.de does not follow the POSIX rules of doing likewise. Likewise for find (for example, with the -ok action). #19660: Fix compilation failure on Cygwin. - #15384: Find misbehaves when parent directory is not readable. + #15384: Find misbehaves when parent directory is not readable. ** Enhancements #20688: The warning printed by -name or -iname when the pattern to match contains a slash can now be silenced by -nowarn. This warning @@ -205,7 +215,7 @@ Mon Aug 7 11:46:08 CEST 2006 - schwab@suse.de ------------------------------------------------------------------- Mon Jul 24 16:47:14 CEST 2006 - rguenther@suse.de -- Do not run autoreconf. +- Do not run autoreconf. ------------------------------------------------------------------- Mon Jul 24 14:31:33 CEST 2006 - schwab@suse.de @@ -463,7 +473,7 @@ Mon Feb 25 13:06:48 CET 2002 - schwab@suse.de ------------------------------------------------------------------- Wed Feb 6 13:30:16 CET 2002 - ro@suse.de -- sysconfig/cron_daily -> sysconfig/cron +- sysconfig/cron_daily -> sysconfig/cron ------------------------------------------------------------------- Thu Jan 31 17:46:08 CET 2002 - ro@suse.de @@ -528,7 +538,7 @@ Mon Jan 17 17:59:44 CET 2000 - schwab@suse.de ------------------------------------------------------------------- Mon Nov 15 19:10:13 MET 1999 - kukuk@suse.de -- fix returncode from dostat and dolstat +- fix returncode from dostat and dolstat ------------------------------------------------------------------- Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de @@ -568,11 +578,7 @@ Mon Nov 10 11:04:28 MET 1997 - bs@suse.de ---------------------------------------------------------------------------- Sun Apr 13 23:04:29 MEST 1997 - florian@suse.de - - add bug-fixes from debian and gnu.utils.bugs - - updatedb now supports "--prunefs" - - "mv /usr/libexec/* /usr/lib/find/" - diff --git a/findutils.spec b/findutils.spec index 7e516b4..93121b2 100644 --- a/findutils.spec +++ b/findutils.spec @@ -1,7 +1,7 @@ # -# spec file for package findutils (Version 4.4.0) +# spec file for package findutils (Version 4.4.2) # -# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,51 +18,58 @@ Name: findutils -%if %suse_version > 1100 -BuildRequires: libselinux-devel -%endif Url: http://www.gnu.org/software/findutils/ -License: GFDL v1.2 ; GPL v3 or later +License: GPLv3+ Group: Productivity/File utilities -Provides: find -Obsoletes: find -AutoReqProv: on -PreReq: %{install_info_prereq} -Version: 4.4.0 -Release: 45 -Summary: GNU find--Finding Files +Version: 4.4.2 +Release: 1 +Summary: The GNU versions of find utilities (find and xargs) +# retreived from http://ftp.gnu.org/pub/gnu/findutils/findutils-4.4.2.tar.gz Source: findutils-%{version}.tar.bz2 Source1: sysconfig.locate Source2: cron.daily.updatedb -Patch: findutils-%{version}.diff -Patch1: findutils-selinux.diff -Patch2: findutils-null.diff +# learn find to recognize autofs file system by reading /proc/mounts +# as autofs mount points are not listed in /etc/mtab +Patch0: findutils-4.4.2-autofs.patch +# adds a new option -xautofs to find to not descend into directories on autofs file systems +Patch1: findutils-4.4.2-xautofs.patch +# patch accepted by gnulib upstream - rhbz#538536 +Patch2: findutils-4.4.2-fts-remount.patch +# gnulib based SELinux patch adding a new search predicate -context and +# a new -printf conversion %Z +Patch3: findutils-4.4.2-selinux.patch +# once the selinux-at module appears on the list within import-gnulib.config +# the following patch will be no longer needed +Patch4: findutils-4.4.2-selinux-gnulib.patch +Patch5: findutils-4.4.2-updatedb.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build +%if 0%{?suse_version} > 1100 +BuildRequires: libselinux-devel +%endif +Provides: find = %{version} +Obsoletes: find < %{version} +Requires(post): %{install_info_prereq} +Requires(preun): %{install_info_prereq} %description -This package contains GNU find and xargs. The programs comply with -POSIX 1003.2. They also support additional options, some borrowed from -Unix and some unique to GNU. +The findutils package contains programs which will help you locate +files on your system. The find utility searches through a hierarchy +of directories looking for files which match a certain set of criteria +(such as a file name pattern). The xargs utility builds and executes +command lines from standard input arguments (usually lists of file +names generated by the find command). + +You should install findutils because it includes tools that are very +useful for finding things on your system. - -Authors: --------- - David J. MacKenzie - Jan Brittenson - Brian L. Matthews - Mike Rendell - James A. Woods - Jay Plett - Tim Wood - +%lang_package %package locate -License: GPL v3 or later -Summary: Tool for Locating Files (GNU Findutils Subpackage) +License: GPLv3+ +Summary: Tool for Locating Files (findutils subpackage) Group: Productivity/File utilities Provides: findutils:/usr/bin/locate -AutoReqProv: on -PreReq: %fillup_prereq +PreReq: %{fillup_prereq} Requires: cron %description locate @@ -70,52 +77,49 @@ This package contains the locate program which is part of the GNU findutils software suite. You can find files fast using locate. On installing findutils-locate -an additional daily cron job will be added to the cron system. This +an additional daily cron job will be added to the cron system. This job will update the files database every night or shortly after switching on the computer. - - -Authors: --------- - David J. MacKenzie - Jan Brittenson - Brian L. Matthews - Mike Rendell - James A. Woods - Jay Plett - Tim Wood - %prep %setup -q -%patch +%patch0 -p1 %patch1 -p1 -%patch2 -p0 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 %build -%ifarch %arm armv5tel armv7l armv7el armv5el +autoreconf +%ifarch %arm armv5tel armv7l armv7el armv5el # this is a workaround for a qemu-user bug, we hit. A qemu patch is being discussed, but for now ... -DEFAULT_ARG_SIZE="(31u * 1024u)" \ +export DEFAULT_ARG_SIZE="(31u * 1024u)" %endif -./configure CFLAGS="$RPM_OPT_FLAGS" \ - --prefix=%{_prefix} --libexecdir=%{_libdir}/find \ - --localstatedir=/var/lib \ - --infodir=%{_infodir} --mandir=%{_mandir} \ - --without-included-regex \ - --without-fts \ - --enable-d_type-optimisation -make +%configure \ + --libexecdir=%{_libdir}/find \ + --localstatedir=/var/lib \ + --without-included-regex \ + --without-fts \ + --enable-d_type-optimisation +make %{?_smp_mflags} + +%check +make check %install make install DESTDIR=$RPM_BUILD_ROOT -mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates -mkdir -p $RPM_BUILD_ROOT/etc/cron.daily -install -m 644 %{SOURCE1} $RPM_BUILD_ROOT/var/adm/fillup-templates -install -m 755 %{SOURCE2} $RPM_BUILD_ROOT/etc/cron.daily/suse.de-updatedb -%find_lang %name +install -D -m 644 %{SOURCE1} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.locate +install -D -m 755 %{SOURCE2} $RPM_BUILD_ROOT/etc/cron.daily/suse-updatedb rm -f $RPM_BUILD_ROOT%{_bindir}/oldfind rm -f $RPM_BUILD_ROOT%{_bindir}/ftsfind rm -f $RPM_BUILD_ROOT%{_infodir}/find-maint* +%find_lang %{name} +# move find to /bin/find +mkdir -p $RPM_BUILD_ROOT/bin +mv $RPM_BUILD_ROOT{%{_bindir},/bin}/find +# create /usr/bin/find -> /bin/find symlink +ln -sf ../../bin/find $RPM_BUILD_ROOT%{_bindir} %clean rm -rf $RPM_BUILD_ROOT @@ -126,20 +130,24 @@ rm -rf $RPM_BUILD_ROOT %post %install_info --info-dir=%{_infodir} %{_infodir}/find.info.gz -%postun +%preun %install_info_delete --info-dir=%{_infodir} %{_infodir}/find.info.gz -%files -f %name.lang -%defattr(-,root,root,755) -%doc README NEWS AUTHORS TODO +%files +%defattr(-,root,root,-) +%doc AUTHORS COPYING NEWS README THANKS TODO +/bin/find %{_bindir}/find %{_bindir}/xargs %doc %{_infodir}/find.info*.gz %doc %{_mandir}/man1/find.1.gz %doc %{_mandir}/man1/xargs.1.gz +%files lang -f %{name}.lang +%defattr(-,root,root,-) + %files locate -%defattr(-,root,root,755) +%defattr(-,root,root,-) /etc/cron.daily/* %{_bindir}/locate %{_bindir}/updatedb