1 --- findutils-4.1.20/find/Makefile.am.orig Mon May 26 20:02:34 2003
2 +++ findutils-4.1.20/find/Makefile.am Wed Jan 28 15:15:13 2004
5 find_SOURCES = find.c fstype.c parser.c pred.c tree.c util.c version.c
6 EXTRA_DIST = defs.h $(man_MANS)
7 +DEFS = @DEFS@ -I. -I$(srcdir) -I.. -DWITH_SELINUX
8 INCLUDES = -I../gnulib/lib -I$(top_srcdir)/lib -I$(top_srcdir)/gnulib/lib -I../intl -DLOCALEDIR=\"$(localedir)\"
9 -LDADD = ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@
10 +LDADD = ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@ -lselinux
14 --- findutils-4.2.11/find/defs.h.orig 2005-01-03 01:06:10.000000000 +0100
15 +++ findutils-4.2.11/find/defs.h 2005-01-09 18:10:03.183117288 +0100
17 #define MODE_RWX (S_IXUSR | S_IXGRP | S_IXOTH | MODE_RW)
18 #define MODE_ALL (S_ISUID | S_ISGID | S_ISVTX | MODE_RWX)
21 +#include <selinux/selinux.h>
22 +#endif /*WITH_SELINUX*/
28 struct dir_id fileid; /* samefile */
29 mode_t type; /* type */
30 FILE *stream; /* ls fls fprint0 */
32 + security_context_t scontext; /* scontext */
33 +#endif /*WITH_SELINUX*/
34 struct format_val printf_vec; /* printf fprintf fprint */
39 /* Pointer to the function used to stat files. */
40 int (*xstat) (const char *name, struct stat *statbuf);
43 + int (*x_getfilecon) ();
44 +#endif /* WITH_SELINUX */
47 /* Indicate if we can implement safely_chdir() using the O_NOFOLLOW
49 # define fchdir(fd) (-1)
53 +boolean pred_scontext PARAMS((char *pathname, struct stat *stat_buf, struct predicate *pred_ptr));
54 +extern int (*x_getfilecon) ();
55 +#endif /*WITH_SELINUX*/
58 --- findutils-4.2.6/find/find.1.orig 2004-11-21 10:52:17.000000000 +0100
59 +++ findutils-4.2.6/find/find.1 2004-11-21 22:52:25.469719184 +0100
61 link to a file of type \fIc\fR; if the \-L option has been given, true
62 if \fIc\fR is `l'. In other words, for symbolic links, \-xtype checks
63 the type of the file that \-type does not check.
64 +.IP "\-context \fIscontext\fR"
65 +.IP "\--context \fIscontext\fR"
66 +(SELinux only) File has the security context \fIscontext\fR.
71 File's type (like in ls -l), U=unknown type (shouldn't happen)
73 File's type (like %y), plus follow symlinks: L=loop, N=nonexistent
75 +(SELinux only) file's security context.
77 A `%' character followed by any other character is discarded (but the
78 other character is printed).
79 --- findutils-4.2.26/find/find.c.orig 2005-11-11 08:41:37.000000000 +0100
80 +++ findutils-4.2.26/find/find.c 2005-11-27 03:32:00.836912296 +0100
83 case SYMLINK_ALWAYS_DEREF: /* -L */
84 options.xstat = optionl_stat;
86 + options.x_getfilecon = getfilecon;
87 +#endif /* WITH_SELINUX */
88 options.no_leaf_check = true;
91 case SYMLINK_NEVER_DEREF: /* -P (default) */
92 options.xstat = optionp_stat;
94 + options.x_getfilecon = lgetfilecon;
95 +#endif /* WITH_SELINUX */
96 /* Can't turn no_leaf_check off because the user might have specified
101 case SYMLINK_DEREF_ARGSONLY: /* -H */
102 options.xstat = optionh_stat;
104 + options.x_getfilecon = getfilecon;
105 +#endif /* WITH_SELINUX */
106 options.no_leaf_check = true;
110 struct predicate *cur_pred;
111 char *predicate_name; /* Name of predicate being parsed. */
112 int end_of_leading_options = 0; /* First arg after any -H/-L etc. */
114 + int is_selinux_enabled_flag;
115 +#endif /* WITH_SELINUX */
118 program_name = argv[0];
120 options.ignore_readdir_race = false;
122 state.exit_status = 0;
124 + is_selinux_enabled_flag = (is_selinux_enabled() > 0);
125 +#endif /* WITH_SELINUX */
127 #if defined(DEBUG_STAT)
128 options.xstat = debug_stat;
130 if (strchr ("-!(),", argv[i][0]) == NULL)
131 usage (_("paths must precede expression"));
132 predicate_name = argv[i];
134 + if (! is_selinux_enabled_flag) {
135 + if ((strncmp(predicate_name,"-context",strlen("-context"))==0) ||
136 + (strncmp(predicate_name,"--context",strlen("--context"))==0)) {
137 + error (1, 0,_("Error: invalid predicate %s: the kernel is not SELinux-enabled.\n"),predicate_name);
141 parse_entry = find_parser (predicate_name);
142 if (parse_entry == NULL)
144 --- findutils-4.2.25/find/parser.c.orig 2005-07-31 23:01:54.000000000 +0200
145 +++ findutils-4.2.25/find/parser.c 2005-10-25 23:58:27.823557240 +0200
147 /* We need <unistd.h> for isatty(). */
151 +#include <selinux/selinux.h>
152 +#endif /*WITH_SELINUX*/
155 # include <libintl.h>
156 # define _(Text) gettext (Text)
158 static boolean parse_warn PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
159 static boolean parse_xtype PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
160 static boolean parse_quit PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
162 +static boolean parse_scontext PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
163 +#endif /*WITH_SELINUX*/
168 PARSE_TEST_NP ("wholename", wholename), /* GNU, replaces -path */
169 PARSE_OPTION ("xdev", xdev),
170 PARSE_TEST ("xtype", xtype), /* GNU */
172 + PARSE_TEST ("context", scontext), /* SELINUX */
173 + PARSE_TEST ("-context", scontext), /* SELINUX */
174 +#endif /*WITH_SELINUX*/
175 #ifdef UNIMPLEMENTED_UNIX
176 /* It's pretty ugly for find to know about archive formats.
177 Plus what it could do with cpio archives is very limited.
179 -nouser -nogroup -path PATTERN -perm [+-]MODE -regex PATTERN\n\
180 -wholename PATTERN -size N[bcwkMG] -true -type [bcdpflsD] -uid N\n\
181 -used N -user NAME -xtype [bcdpfls]\n"));
184 + -context CONTEXT\n"));
185 +#endif /*WITH_SELINUX*/
187 actions: -delete -print0 -printf FORMAT -fprintf FILE FORMAT -print \n\
188 -fprint0 FILE -fprint FILE -ls -fls FILE -prune -quit\n\
189 @@ -1614,6 +1629,30 @@
190 return insert_num (argv, arg_ptr, entry);
196 +parse_scontext (const struct parser_table *entry, char **argv, int *arg_ptr)
198 + struct predicate *our_pred;
200 + if ( (argv == NULL) || (argv[*arg_ptr] == NULL) )
203 + our_pred = insert_primary_withpred (entry, pred_scontext);
204 + our_pred->need_stat = our_pred->need_type = false;
206 + our_pred->p_name = find_pred_name (pred_scontext);
209 + our_pred->args.scontext = argv[*arg_ptr];;
215 +#endif /*WITH_SELINUX*/
218 parse_used (const struct parser_table* entry, char **argv, int *arg_ptr)
220 @@ -1949,7 +1988,11 @@
222 for (scan2++; ISDIGIT (*scan2); scan2++)
225 + if (strchr ("abcdDfFgGhHiklmMnpPstuUyYZ", *scan2))
226 +#else /* WITH_SELINUX */
227 if (strchr ("abcdDfFgGhHiklmMnpPstuUyY", *scan2))
228 +#endif /* WITH_SELINUX */
230 segmentp = make_segment (segmentp, format, scan2 - format,
232 --- findutils-4.2.11/find/pred.c.orig 2005-01-03 01:15:48.000000000 +0100
233 +++ findutils-4.2.11/find/pred.c 2005-01-09 18:22:25.204312920 +0100
235 #include "filemode.h"
239 +#include <selinux/selinux.h>
240 +#endif /*WITH_SELINUX*/
242 +#ifndef FNM_CASEFOLD
243 +#define FNM_CASEFOLD (1<<4)
244 +#endif /*FNM_CASEFOLD*/
247 # include <libintl.h>
248 # define _(Text) gettext (Text)
254 /* Get or fake the disk device blocksize.
255 Usually defined by sys/param.h (if at all). */
258 {pred_used, "used "},
259 {pred_user, "user "},
260 {pred_xtype, "xtype "},
262 + {pred_scontext, "context"},
263 +#endif /*WITH_SELINUX*/
272 + case 'Z': /* SELinux security context */
274 + security_context_t scontext;
276 + rv = (*options.x_getfilecon)(state.rel_pathname, &scontext);
279 + (void) fprintf(stderr, "getfileconf(%s): %s",
280 + pathname, strerror(errno));
281 + (void) fflush(stderr);
284 + segment->text[segment->text_len] = 's';
285 + (void) fprintf (fp, segment->text, scontext);
290 +#endif /* WITH_SELINUX */
294 @@ -1366,6 +1396,31 @@
296 return (pred_type (pathname, &sbuf, pred_ptr));
303 +pred_scontext (char *pathname, struct stat *stat_buf, struct predicate *pred_ptr)
306 + security_context_t scontext;
308 + rv = (*options.x_getfilecon)(state.rel_pathname, &scontext);
311 + (void) fprintf(stderr, "getfilecon(%s): %s\n", pathname, strerror(errno));
312 + (void) fflush(stderr);
316 + rv= (strcmp(scontext, pred_ptr->args.scontext) == 0);
321 +#endif /*WITH_SELINUX*/
324 /* 1) fork to get a child; parent remembers the child pid
325 2) child execs the command requested
326 --- findutils-4.1.7/find/util.c.selinux 2001-05-20 16:39:37.000000000 -0400
327 +++ findutils-4.1.7/find/util.c 2003-10-10 13:19:10.869534272 -0400
329 last_pred->no_default_print = false;
330 last_pred->need_stat = true;
331 last_pred->args.str = NULL;
333 + last_pred->args.scontext = NULL;
335 last_pred->pred_next = NULL;
336 last_pred->pred_left = NULL;
337 last_pred->pred_right = NULL;
338 --- findutils-4.2.28/po/pl.po.orig 2006-08-26 00:46:49.506053750 +0200
339 +++ findutils-4.2.28/po/pl.po 2006-08-26 00:48:19.247662250 +0200
341 msgid "paths must precede expression"
342 msgstr "¶cie¿ki musz± poprzedzaæ wyra¿enie"
346 +msgid "Error: invalid predicate %s: the kernel is not SELinux-enabled.\n"
347 +msgstr "B³±d: b³êdne wyra¿enie %s: j±dro nie ma w³±czonej obs³ugi SELinuksa.\n"
351 msgid "invalid predicate `%s'"
353 "w przypadku braku dostêpu do WWW, wysy³aj±c pocztê elektroniczn± pod\n"
354 "adres <bug-findutils@gnu.org>."
356 +#: find/parser.c:817
357 +msgid " -context CONTEXT\n"
358 +msgstr " -context KONTEKST\n"
361 msgid "sanity check of the fnmatch() library function failed."