---- coreutils-5.2.1/configure.ac.selinux 2004-03-16 14:25:05.461535240 -0500
-+++ coreutils-5.2.1/configure.ac 2004-03-16 14:25:05.594515024 -0500
-@@ -14,6 +14,13 @@
- LIB_PAM="-ldl -lpam -lpam_misc"
- AC_SUBST(LIB_PAM)])
+diff -Nur coreutils-6.4/README coreutils-6.4.selinux/README
+--- coreutils-6.4/README 2006-10-22 16:54:15.000000000 +0000
++++ coreutils-6.4.selinux/README 2006-10-31 23:39:34.000000000 +0000
+@@ -7,11 +7,11 @@
+
+ The programs that can be built with this package are:
+
+- [ base64 basename cat chgrp chmod chown chroot cksum comm cp csplit cut date
++ [ base64 basename cat chcon chgrp chmod chown chroot cksum comm cp csplit cut date
+ dd df dir dircolors dirname du echo env expand expr factor false fmt fold
+ ginstall groups head hostid hostname id join kill link ln logname ls
+ md5sum mkdir mkfifo mknod mv nice nl nohup od paste pathchk pinky pr
+- printenv printf ptx pwd readlink rm rmdir runuser seq sha1sum sha224sum sha256sum
++ printenv printf ptx pwd readlink rm rmdir runuser runcon seq sha1sum sha224sum sha256sum
+ sha384sum sha512sum shred shuf sleep sort split stat stty su sum sync tac
+ tail tee test touch tr true tsort tty uname unexpand uniq unlink uptime
+ users vdir wc who whoami yes
+diff -Nur coreutils-6.4/configure.ac coreutils-6.4.selinux/configure.ac
+--- coreutils-6.4/configure.ac 2006-10-31 23:38:15.000000000 +0000
++++ coreutils-6.4.selinux/configure.ac 2006-10-31 23:39:34.000000000 +0000
+@@ -264,6 +264,13 @@
+ LIB_CRYPT=
+ fi
+dnl Give the chance to enable SELINUX
+AC_ARG_ENABLE(selinux, dnl
+LIB_SELINUX="-lselinux"
+AC_SUBST(LIB_SELINUX)])
+
- gl_DEFAULT_POSIX2_VERSION
- gl_USE_SYSTEM_EXTENSIONS
- jm_PERL
---- coreutils-5.2.1/man/vdir.1.selinux 2004-03-02 17:52:33.000000000 -0500
-+++ coreutils-5.2.1/man/vdir.1 2004-03-16 14:25:05.596514720 -0500
-@@ -195,6 +195,20 @@
- .TP
- \fB\-1\fR
- list one file per line
+ AC_CONFIG_FILES(
+ Makefile
+ doc/Makefile
+diff -Nur coreutils-6.4/lib/config.hin coreutils-6.4.selinux/lib/config.hin
+--- coreutils-6.4/lib/config.hin 2006-10-22 20:36:23.000000000 +0000
++++ coreutils-6.4.selinux/lib/config.hin 2006-10-31 23:39:34.000000000 +0000
+@@ -1645,6 +1645,9 @@
+ 'wint_t'. */
+ #undef WINT_T_SUFFIX
+
++/* Define if you want to use SELINUX */
++#undef WITH_SELINUX
++
+ /* Define to 1 if your processor stores words with the most significant byte
+ first (like Motorola and SPARC, unlike Intel and VAX). */
+ #undef WORDS_BIGENDIAN
+--- coreutils-6.5/man/Makefile.am.orig 2006-11-22 10:47:32.569505000 +0100
++++ coreutils-6.5/man/Makefile.am 2006-11-22 10:48:11.669505000 +0100
+@@ -30,7 +30,7 @@
+ shred.1 shuf.1 sleep.1 sort.1 split.1 stat.1 \
+ su.1 sum.1 sync.1 tac.1 tail.1 tee.1 test.1 touch.1 tr.1 true.1 tsort.1 \
+ tty.1 unexpand.1 uniq.1 unlink.1 vdir.1 wc.1 \
+- whoami.1 yes.1 $(MAN)
++ whoami.1 yes.1 chcon.1 runcon.1 $(MAN)
+ optional_mans = \
+ chroot.1 hostid.1 nice.1 pinky.1 stty.1 uname.1 uptime.1 users.1 who.1
+ man_MANS = getgid.1
+@@ -142,6 +142,8 @@
+ who.1: $(common_dep) $(srcdir)/who.x ../src/who.c
+ whoami.1: $(common_dep) $(srcdir)/whoami.x ../src/whoami.c
+ yes.1: $(common_dep) $(srcdir)/yes.x ../src/yes.c
++chcon.1: $(common_dep) $(srcdir)/chcon.x ../src/chcon.c
++runcon.1: $(common_dep) $(srcdir)/runcon.x ../src/runcon.c
+
+ SUFFIXES = .x .1
+
+diff -Nur coreutils-6.4/man/chcon.1 coreutils-6.4.selinux/man/chcon.1
+--- coreutils-6.4/man/chcon.1 1970-01-01 00:00:00.000000000 +0000
++++ coreutils-6.4.selinux/man/chcon.1 2006-10-31 23:39:34.000000000 +0000
+@@ -0,0 +1,64 @@
++.TH CHCON 1 "July 2003" "chcon (coreutils) 5.0" "User Commands"
++.SH NAME
++chcon \- change security context
++.SH SYNOPSIS
++.B chcon
++[\fIOPTION\fR]...\fI CONTEXT FILE\fR...
++.br
++.B chcon
++[\fIOPTION\fR]...\fI --reference=RFILE FILE\fR...
++.SH DESCRIPTION
+.PP
-+SELinux options:
++." Add any additional description here
++.PP
++Change the security context of each FILE to CONTEXT.
+.TP
-+\fB\-\-lcontext\fR
-+Display security context. Enable \fB\-l\fR. Lines
-+will probably be too wide for most displays.
++\fB\-c\fR, \fB\-\-changes\fR
++like verbose but report only when a change is made
+.TP
-+\fB\-\-context\fR
-+Display security context so it fits on most
-+displays. Displays only mode, user, group,
-+security context and file name.
++\fB\-h\fR, \fB\-\-no\-dereference\fR
++affect symbolic links instead of any referenced file (available only on systems with lchown system call)
+.TP
-+\fB\-\-scontext\fR
-+Display only security context and file name.
- .TP
- \fB\-\-help\fR
- display this help and exit
---- coreutils-5.2.1/man/cp.1.selinux 2004-03-02 17:51:05.000000000 -0500
-+++ coreutils-5.2.1/man/cp.1 2004-03-16 14:25:05.598514416 -0500
++\fB\-f\fR, \fB\-\-silent\fR, \fB\-\-quiet\fR
++suppress most error messages
++.TP
++\fB\-l\fR, \fB\-\-range\fR
++set range RANGE in the target security context
++.TP
++\fB\-\-reference\fR=\fIRFILE\fR
++use RFILE's context instead of using a CONTEXT value
++.TP
++\fB\-R\fR, \fB\-\-recursive\fR
++change files and directories recursively
++.TP
++\fB\-r\fR, \fB\-\-role\fR
++set role ROLE in the target security context
++.TP
++\fB\-t\fR, \fB\-\-type\fR
++set type TYPE in the target security context
++.TP
++\fB\-u\fR, \fB\-\-user\fR
++set user USER in the target security context
++.TP
++\fB\-v\fR, \fB\-\-verbose\fR
++output a diagnostic for every file processed
++.TP
++\fB\-\-help\fR
++display this help and exit
++.TP
++\fB\-\-version\fR
++output version information and exit
++.SH "REPORTING BUGS"
++Report bugs to <email@host.com>.
++.SH "SEE ALSO"
++The full documentation for
++.B chcon
++is maintained as a Texinfo manual. If the
++.B info
++and
++.B chcon
++programs are properly installed at your site, the command
++.IP
++.B info chcon
++.PP
++should give you access to the complete manual.
+diff -Nur coreutils-6.4/man/chcon.x coreutils-6.4.selinux/man/chcon.x
+--- coreutils-6.4/man/chcon.x 1970-01-01 00:00:00.000000000 +0000
++++ coreutils-6.4.selinux/man/chcon.x 2006-10-31 23:39:34.000000000 +0000
+@@ -0,0 +1,4 @@
++[NAME]
++chcon \- change file security context
++[DESCRIPTION]
++.\" Add any additional description here
+diff -Nur coreutils-6.4/man/cp.1 coreutils-6.4.selinux/man/cp.1
+--- coreutils-6.4/man/cp.1 2006-10-22 19:56:33.000000000 +0000
++++ coreutils-6.4.selinux/man/cp.1 2006-10-31 23:39:34.000000000 +0000
@@ -57,7 +57,7 @@
.TP
\fB\-\-preserve\fR[=\fIATTR_LIST\fR]
additional attributes: links, all
.TP
\fB\-\-no\-preserve\fR=\fIATTR_LIST\fR
-@@ -109,6 +109,9 @@
+@@ -106,6 +106,9 @@
\fB\-\-help\fR
display this help and exit
.TP
\fB\-\-version\fR
output version information and exit
.PP
---- coreutils-5.2.1/man/mkdir.1.selinux 2004-03-02 17:52:28.000000000 -0500
-+++ coreutils-5.2.1/man/mkdir.1 2004-03-16 14:25:05.604513504 -0500
-@@ -12,6 +12,8 @@
- .PP
- Mandatory arguments to long options are mandatory for short options too.
+diff -Nur coreutils-6.4/man/dir.1 coreutils-6.4.selinux/man/dir.1
+--- coreutils-6.4/man/dir.1 2006-10-22 19:56:34.000000000 +0000
++++ coreutils-6.4.selinux/man/dir.1 2006-10-31 23:39:34.000000000 +0000
+@@ -204,6 +204,20 @@
.TP
-+\fB\-Z\fR, \fB\-\-context\fR=\fICONTEXT\fR (SELinux) set security context to CONTEXT
+ \fB\-1\fR
+ list one file per line
++.PP
++SELinux options:
+.TP
- \fB\-m\fR, \fB\-\-mode\fR=\fIMODE\fR
- set permission mode (as in chmod), not rwxrwxrwx - umask
++\fB\-\-lcontext\fR
++Display security context. Enable \fB\-l\fR. Lines
++will probably be too wide for most displays.
++.TP
++\fB\-\-context\fR
++Display security context so it fits on most
++displays. Displays only mode, user, group,
++security context and file name.
++.TP
++\fB\-\-scontext\fR
++Display only security context and file name.
+ .TP
+ \fB\-\-help\fR
+ display this help and exit
+diff -Nur coreutils-6.4/man/id.1 coreutils-6.4.selinux/man/id.1
+--- coreutils-6.4/man/id.1 2006-10-22 19:56:35.000000000 +0000
++++ coreutils-6.4.selinux/man/id.1 2006-10-31 23:39:34.000000000 +0000
+@@ -13,6 +13,9 @@
+ \fB\-a\fR
+ ignore, for compatibility with other versions
+ .TP
++\fB\-Z\fR, \fB\-\-context\fR
++print only the security context
++.TP
+ \fB\-g\fR, \fB\-\-group\fR
+ print only the effective group ID
+ .TP
+diff -Nur coreutils-6.4/man/install.1 coreutils-6.4.selinux/man/install.1
+--- coreutils-6.4/man/install.1 2006-10-22 19:56:35.000000000 +0000
++++ coreutils-6.4.selinux/man/install.1 2006-10-31 23:39:34.000000000 +0000
+@@ -66,6 +66,11 @@
+ .TP
+ \fB\-v\fR, \fB\-\-verbose\fR
+ print the name of each directory as it is created
++.HP
++\fB\-P\fR, \fB\-\-preserve_context\fR (SELinux) Preserve security context
++.TP
++\fB\-Z\fR, \fB\-\-context\fR=\fICONTEXT\fR
++(SELinux) Set security context of files and directories
.TP
---- coreutils-5.2.1/man/ls.1.selinux 2004-03-02 17:52:28.000000000 -0500
-+++ coreutils-5.2.1/man/ls.1 2004-03-16 14:25:05.606513200 -0500
-@@ -195,6 +195,20 @@
+ \fB\-\-help\fR
+ display this help and exit
+diff -Nur coreutils-6.4/man/ls.1 coreutils-6.4.selinux/man/ls.1
+--- coreutils-6.4/man/ls.1 2006-10-22 19:56:35.000000000 +0000
++++ coreutils-6.4.selinux/man/ls.1 2006-10-31 23:39:34.000000000 +0000
+@@ -204,6 +204,20 @@
.TP
\fB\-1\fR
list one file per line
.TP
\fB\-\-help\fR
display this help and exit
---- coreutils-5.2.1/man/mkfifo.1.selinux 2004-03-02 17:52:28.000000000 -0500
-+++ coreutils-5.2.1/man/mkfifo.1 2004-03-16 14:25:05.609512744 -0500
+diff -Nur coreutils-6.4/man/mkdir.1 coreutils-6.4.selinux/man/mkdir.1
+--- coreutils-6.4/man/mkdir.1 2006-10-22 19:56:35.000000000 +0000
++++ coreutils-6.4.selinux/man/mkdir.1 2006-10-31 23:39:34.000000000 +0000
+@@ -12,6 +12,8 @@
+ .PP
+ Mandatory arguments to long options are mandatory for short options too.
+ .TP
++\fB\-Z\fR, \fB\-\-context\fR=\fICONTEXT\fR (SELinux) set security context to CONTEXT
++.TP
+ \fB\-m\fR, \fB\-\-mode\fR=\fIMODE\fR
+ set file mode (as in chmod), not a=rwx \- umask
+ .TP
+diff -Nur coreutils-6.4/man/mkfifo.1 coreutils-6.4.selinux/man/mkfifo.1
+--- coreutils-6.4/man/mkfifo.1 2006-10-22 19:56:35.000000000 +0000
++++ coreutils-6.4.selinux/man/mkfifo.1 2006-10-31 23:39:34.000000000 +0000
@@ -12,6 +12,9 @@
.PP
Mandatory arguments to long options are mandatory for short options too.
+set security context (quoted string)
+.TP
\fB\-m\fR, \fB\-\-mode\fR=\fIMODE\fR
- set permission mode (as in chmod), not a=rw - umask
+ set file permission bits to MODE, not a=rw \- umask
.TP
---- coreutils-5.2.1/man/Makefile.am.selinux 2004-01-23 10:54:23.000000000 -0500
-+++ coreutils-5.2.1/man/Makefile.am 2004-03-16 14:25:05.614511984 -0500
-@@ -10,7 +10,7 @@
- rm.1 rmdir.1 seq.1 sha1sum.1 shred.1 sleep.1 sort.1 split.1 stat.1 stty.1 \
- su.1 sum.1 sync.1 tac.1 tail.1 tee.1 test.1 touch.1 tr.1 true.1 tsort.1 \
- tty.1 uname.1 unexpand.1 uniq.1 unlink.1 uptime.1 users.1 vdir.1 wc.1 \
-- who.1 whoami.1 yes.1
-+ who.1 whoami.1 yes.1 chcon.1 runcon.1
- man_MANS = getgid.1
-
- man_aux = $(dist_man_MANS:.1=.x)
-@@ -112,6 +112,8 @@
- who.1: $(common_dep) $(srcdir)/who.x ../src/who.c
- whoami.1: $(common_dep) $(srcdir)/whoami.x ../src/whoami.c
- yes.1: $(common_dep) $(srcdir)/yes.x ../src/yes.c
-+chcon.1: $(common_dep) $(srcdir)/chcon.x ../src/chcon.c
-+runcon.1: $(common_dep) $(srcdir)/runcon.x ../src/runcon.c
-
- SUFFIXES = .x .1
-
---- coreutils-5.2.1/man/mknod.1.selinux 2004-03-02 17:52:28.000000000 -0500
-+++ coreutils-5.2.1/man/mknod.1 2004-03-16 14:25:05.617511528 -0500
+diff -Nur coreutils-6.4/man/mknod.1 coreutils-6.4.selinux/man/mknod.1
+--- coreutils-6.4/man/mknod.1 2006-10-22 19:56:35.000000000 +0000
++++ coreutils-6.4.selinux/man/mknod.1 2006-10-31 23:39:34.000000000 +0000
@@ -12,6 +12,9 @@
.PP
Mandatory arguments to long options are mandatory for short options too.
+set security context (quoted string)
+.TP
\fB\-m\fR, \fB\-\-mode\fR=\fIMODE\fR
- set permission mode (as in chmod), not a=rw - umask
+ set file permission bits to MODE, not a=rw \- umask
.TP
---- /dev/null 2004-02-23 16:02:56.000000000 -0500
-+++ coreutils-5.2.1/man/runcon.1 2004-03-16 14:25:05.619511224 -0500
+diff -Nur coreutils-6.4/man/runcon.1 coreutils-6.4.selinux/man/runcon.1
+--- coreutils-6.4/man/runcon.1 1970-01-01 00:00:00.000000000 +0000
++++ coreutils-6.4.selinux/man/runcon.1 2006-10-31 23:39:34.000000000 +0000
@@ -0,0 +1,39 @@
+.TH RUNCON "1" "July 2003" "runcon (coreutils) 5.0" "selinux"
+.SH NAME
+.PP
+Note that only carefully-chosen contexts are likely to successfully
+run.
---- /dev/null 2004-02-23 16:02:56.000000000 -0500
-+++ coreutils-5.2.1/man/chcon.1 2004-03-16 14:25:05.622510768 -0500
-@@ -0,0 +1,64 @@
-+.TH CHCON 1 "July 2003" "chcon (coreutils) 5.0" "User Commands"
-+.SH NAME
-+chcon \- change security context
-+.SH SYNOPSIS
-+.B chcon
-+[\fIOPTION\fR]...\fI CONTEXT FILE\fR...
-+.br
-+.B chcon
-+[\fIOPTION\fR]...\fI --reference=RFILE FILE\fR...
-+.SH DESCRIPTION
-+.PP
-+." Add any additional description here
-+.PP
-+Change the security context of each FILE to CONTEXT.
-+.TP
-+\fB\-c\fR, \fB\-\-changes\fR
-+like verbose but report only when a change is made
-+.TP
-+\fB\-h\fR, \fB\-\-no\-dereference\fR
-+affect symbolic links instead of any referenced file (available only on systems with lchown system call)
-+.TP
-+\fB\-f\fR, \fB\-\-silent\fR, \fB\-\-quiet\fR
-+suppress most error messages
-+.TP
-+\fB\-l\fR, \fB\-\-range\fR
-+set range RANGE in the target security context
-+.TP
-+\fB\-\-reference\fR=\fIRFILE\fR
-+use RFILE's context instead of using a CONTEXT value
-+.TP
-+\fB\-R\fR, \fB\-\-recursive\fR
-+change files and directories recursively
-+.TP
-+\fB\-r\fR, \fB\-\-role\fR
-+set role ROLE in the target security context
-+.TP
-+\fB\-t\fR, \fB\-\-type\fR
-+set type TYPE in the target security context
-+.TP
-+\fB\-u\fR, \fB\-\-user\fR
-+set user USER in the target security context
-+.TP
-+\fB\-v\fR, \fB\-\-verbose\fR
-+output a diagnostic for every file processed
-+.TP
-+\fB\-\-help\fR
-+display this help and exit
-+.TP
-+\fB\-\-version\fR
-+output version information and exit
-+.SH "REPORTING BUGS"
-+Report bugs to <email@host.com>.
-+.SH "SEE ALSO"
-+The full documentation for
-+.B chcon
-+is maintained as a Texinfo manual. If the
-+.B info
-+and
-+.B chcon
-+programs are properly installed at your site, the command
-+.IP
-+.B info chcon
-+.PP
-+should give you access to the complete manual.
---- coreutils-5.2.1/man/id.1.selinux 2004-03-02 17:52:27.000000000 -0500
-+++ coreutils-5.2.1/man/id.1 2004-03-16 14:25:05.624510464 -0500
-@@ -13,6 +13,9 @@
- \fB\-a\fR
- ignore, for compatibility with other versions
- .TP
-+\fB\-Z\fR, \fB\-\-context\fR
-+print only the security context
-+.TP
- \fB\-g\fR, \fB\-\-group\fR
- print only the effective group ID
- .TP
---- coreutils-5.2.1/man/stat.1.selinux 2004-03-02 17:52:31.000000000 -0500
-+++ coreutils-5.2.1/man/stat.1 2004-03-16 14:25:05.627510008 -0500
-@@ -22,6 +22,9 @@
+diff -Nur coreutils-6.4/man/runcon.x coreutils-6.4.selinux/man/runcon.x
+--- coreutils-6.4/man/runcon.x 1970-01-01 00:00:00.000000000 +0000
++++ coreutils-6.4.selinux/man/runcon.x 2006-10-31 23:39:34.000000000 +0000
+@@ -0,0 +1,2 @@
++[DESCRIPTION]
++.\" Add any additional description here
+diff -Nur coreutils-6.4/man/stat.1 coreutils-6.4.selinux/man/stat.1
+--- coreutils-6.4/man/stat.1 2006-10-22 19:56:37.000000000 +0000
++++ coreutils-6.4.selinux/man/stat.1 2006-10-31 23:39:34.000000000 +0000
+@@ -28,6 +28,9 @@
\fB\-t\fR, \fB\-\-terse\fR
print the information in terse form
.TP
\fB\-\-help\fR
display this help and exit
.TP
-@@ -42,6 +45,9 @@
- %b
- Number of blocks allocated (see %B)
+@@ -51,6 +54,9 @@
+ %d
+ Device number in decimal
.TP
+%C
+SELinux security context
%D
Device number in hex
.TP
---- /dev/null 2004-02-23 16:02:56.000000000 -0500
-+++ coreutils-5.2.1/man/chcon.x 2004-03-16 14:25:05.629509704 -0500
-@@ -0,0 +1,4 @@
-+[NAME]
-+chcon \- change file security context
-+[DESCRIPTION]
-+.\" Add any additional description here
---- coreutils-5.2.1/man/dir.1.selinux 2004-03-02 17:51:06.000000000 -0500
-+++ coreutils-5.2.1/man/dir.1 2004-03-16 14:25:05.632509248 -0500
-@@ -195,6 +195,20 @@
+diff -Nur coreutils-6.4/man/vdir.1 coreutils-6.4.selinux/man/vdir.1
+--- coreutils-6.4/man/vdir.1 2006-10-22 19:56:39.000000000 +0000
++++ coreutils-6.4.selinux/man/vdir.1 2006-10-31 23:39:34.000000000 +0000
+@@ -204,6 +204,20 @@
.TP
\fB\-1\fR
list one file per line
.TP
\fB\-\-help\fR
display this help and exit
---- /dev/null 2004-02-23 16:02:56.000000000 -0500
-+++ coreutils-5.2.1/man/runcon.x 2004-03-16 14:25:05.634508944 -0500
-@@ -0,0 +1,2 @@
-+[DESCRIPTION]
-+.\" Add any additional description here
---- coreutils-5.2.1/man/install.1.selinux 2004-03-16 14:25:05.238569136 -0500
-+++ coreutils-5.2.1/man/install.1 2004-03-16 14:25:05.636508640 -0500
-@@ -60,6 +60,11 @@
- .TP
- \fB\-v\fR, \fB\-\-verbose\fR
- print the name of each directory as it is created
-+.HP
-+\fB\-P\fR, \fB\-\-preserve_context\fR (SELinux) Preserve security context
-+.TP
-+\fB\-Z\fR, \fB\-\-context\fR=\fICONTEXT\fR
-+(SELinux) Set security context of files and directories
- .TP
- \fB\-\-help\fR
- display this help and exit
---- coreutils-5.2.1/config.hin.selinux 2004-03-16 14:25:05.467534328 -0500
-+++ coreutils-5.2.1/config.hin 2004-03-16 14:25:05.640508032 -0500
-@@ -1374,6 +1374,9 @@
- /* Define if sys/ptem.h is required for struct winsize. */
- #undef WINSIZE_IN_PTEM
+diff -Nur coreutils-6.4/po/POTFILES.in coreutils-6.4.selinux/po/POTFILES.in
+--- coreutils-6.4/po/POTFILES.in 2006-10-31 23:38:15.000000000 +0000
++++ coreutils-6.4.selinux/po/POTFILES.in 2006-10-31 23:39:34.000000000 +0000
+@@ -33,6 +33,7 @@
+ src/base64.c
+ src/basename.c
+ src/cat.c
++src/chcon.c
+ src/chgrp.c
+ src/chmod.c
+ src/chown-core.c
+@@ -91,6 +92,7 @@
+ src/remove.c
+ src/rm.c
+ src/rmdir.c
++src/runcon.c
+ src/seq.c
+ src/setuidgid.c
+ src/shred.c
+--- coreutils-6.7/po/pl.po.orig 2006-12-09 20:03:10.686071942 +0100
++++ coreutils-6.7/po/pl.po 2006-12-09 20:06:54.942851606 +0100
+@@ -867,6 +867,95 @@
+ msgid "%s: input file is output file"
+ msgstr "%s: plik wej¶ciowy jest plikiem wyj¶ciowym"
-+/* Define if you want to use SELINUX */
-+#undef WITH_SELINUX
++#: src/chcon.c:101
++#, c-format
++msgid "context of %s changed to %s\n"
++msgstr "kontekst %s zmieniony na %s\n"
+
- /* Define to 1 if your processor stores words with the most significant byte
- first (like Motorola and SPARC, unlike Intel and VAX). */
- #undef WORDS_BIGENDIAN
---- coreutils-5.2.1/README.selinux 2004-01-18 02:59:41.000000000 -0500
-+++ coreutils-5.2.1/README 2004-03-16 14:25:05.641507880 -0500
-@@ -7,11 +7,11 @@
-
- The programs that can be built with this package are:
-
-- [ basename cat chgrp chmod chown chroot cksum comm cp csplit cut date dd
-+ [ basename cat chcon chgrp chmod chown chroot cksum comm cp csplit cut date dd
- df dir dircolors dirname du echo env expand expr factor false fmt fold
- ginstall groups head hostid hostname id join kill link ln logname ls
- md5sum mkdir mkfifo mknod mv nice nl nohup od paste pathchk pinky pr
-- printenv printf ptx pwd readlink rm rmdir seq sha1sum shred sleep sort
-+ printenv printf ptx pwd readlink rm rmdir runcon seq sha1sum shred sleep sort
- split stat stty su sum sync tac tail tee test touch tr true tsort tty
- uname unexpand uniq unlink uptime users vdir wc who whoami yes
-
---- coreutils-5.2.1/tests/help-version.selinux 2004-02-17 11:04:23.000000000 -0500
-+++ coreutils-5.2.1/tests/help-version 2004-03-16 14:25:05.643507576 -0500
-@@ -42,6 +42,8 @@
-
- # Skip `test'; it doesn't accept --help or --version.
- test $i = test && continue;
-+ test $i = chcon && continue;
-+ test $i = runcon && continue;
++#: src/chcon.c:104
++#, c-format
++msgid "failed to change context of %s to %s\n"
++msgstr "nie mo¿na zmieniæ kontekstu %s na %s\n"
++
++#: src/chcon.c:107
++#, c-format
++msgid "context of %s retained as %s\n"
++msgstr "kontekst %s zachowany jako %s\n"
++
++#: src/chcon.c:172
++#, c-format
++msgid "can't apply partial context to unlabeled file %s"
++msgstr "nie mo¿na zastosowaæ czê¶ciowego kontekstu na nieoznakowanym pliku %s"
++
++#: src/chcon.c:180
++#, c-format
++msgid "couldn't compute security context from %s"
++msgstr "nie mo¿na obliczyæ kontekstu bezpieczeñstwa z %s"
++
++#: src/chcon.c:188
++#, c-format
++msgid "invalid context: %s"
++msgstr "b³êdny kontekst: %s"
++
++#: src/chcon.c:210
++#, c-format
++msgid "failed to change context of %s to %s"
++msgstr "nie mo¿na zmieniæ kontekstu %s na %s"
++
++#: src/chcon.c:258
++msgid "virtual memory exhausted"
++msgstr "pamiêæ wirtualna wyczerpana"
++
++#: src/chcon.c:292
++#, c-format
++msgid ""
++"Usage: %s [OPTION]... CONTEXT FILE...\n"
++" or: %s [OPTION]... [-u USER] [-r ROLE] [-l RANGE] [-t TYPE] FILE...\n"
++" or: %s [OPTION]... --reference=RFILE FILE...\n"
++msgstr ""
++"Sk³adnia: %s [OPCJA]... KONTEKST PLIK...\n"
++" albo: %s [OPCJA]... [-u U¯YTKOWNIK] [-r ROLA] [-l ZAKRES] [-t TYP] PLIK...\n"
++" albo: %s [OPCJA]... --reference=PLIK_WZ PLIK...\n"
++
++#: src/chcon.c:298
++#, c-format
++msgid ""
++"Change the security context of each FILE to CONTEXT.\n"
++"\n"
++" -c, --changes like verbose but report only when a change is made\n"
++" -h, --no-dereference affect symbolic links instead of any referenced file\n"
++" (available only on systems with lchown system call)\n"
++" -f, --silent, --quiet suppress most error messages\n"
++" --reference=RFILE use RFILE's group instead of using a CONTEXT value\n"
++" -u, --user=USER set user USER in the target security context\n"
++" -r, --role=ROLE set role ROLE in the target security context\n"
++" -t, --type=TYPE set type TYPE in the target security context\n"
++" -l, --range=RANGE set range RANGE in the target security context\n"
++" -R, --recursive change files and directories recursively\n"
++" -v, --verbose output a diagnostic for every file processed\n"
++" --help display this help and exit\n"
++" --version output version information and exit\n"
++msgstr ""
++"Zmiana kontekstu bezpieczeñstwa ka¿dego PLIKU na KONTEKST.\n"
++"\n"
++" -c, --changes jak verbose, ale raportowanie tylko wykonanych zmian\n"
++" -h, --no-dereference zmiana dowi±zañ symbolicznych zamiast wskazywanych\n"
++" plików (dostêpne tylko na systemach z lchown)\n"
++" -f, --silent, --quiet pominiêcie wiêkszo¶ci komunikatów o b³êdach\n"
++" --reference=PLIK u¿ycie grupy PLIKU zamiast warto¶ci KONTEKSTU\n"
++" -u, --user=U¯YTKOWNIK ustawienie U¯YTKOWNIK w kontek¶cie bezpieczeñstwa\n"
++" -r, --role=ROLA ustawienie ROLI w kontek¶cie bezpieczeñstwa\n"
++" -t, --type=TYP ustawienie TYPU w kontek¶cie bezpieczeñstwa\n"
++" -l, --range=ZAKRES ustawienie ZAKRESU w kontek¶cie bezpieczeñstwa\n"
++" -R, --recursive zmiana plików i katalogów rekursywnie\n"
++" -v, --verbose wypisywanie diagnostyki dla ka¿dego pliku\n"
++" --help wy¶wietlenie tego opisu i zakoñczenie\n"
++" --version wy¶wietlenie informacji o wersji i zakoñczenie\n"
++
++#: src/chcon.c:393
++msgid "conflicting security context specifiers given"
++msgstr "konflikt miêdzy podanymi okre¶leniami kontekstu bezpieczeñstwa"
++
+ #: src/chgrp.c:95 src/install.c:611
+ #, c-format
+ msgid "invalid group %s"
+@@ -1540,6 +1629,21 @@
+ "nie uda³o siê przeniesienie miêdzy urz±dzeniami: %s do %s; nie uda³o siê "
+ "usunaæ pliku docelowego"
- # false fails even when invoked with --help or --version.
- if test $i = false; then
-@@ -154,7 +156,7 @@
++#: src/copy.c:1305
++#, c-format
++msgid "cannot set setfscreatecon %s"
++msgstr "nie mo¿na ustawiæ setfscreatecon %s"
++
++#: src/copy.c:1315
++#, c-format
++msgid "warning: security context not preserved %s"
++msgstr "uwaga: nie zachowano kontekstu bezpieczeñstwa %s"
++
++#: src/copy.c:1317
++#, c-format
++msgid "cannot lgetfilecon %s"
++msgstr "nie mo¿na wykonaæ lgetfilecon %s"
++
+ #: src/copy.c:1553
+ #, c-format
+ msgid "cannot copy cyclic symbolic link %s"
+@@ -1688,6 +1792,10 @@
+ " atrybutów: links (dowi±zania), all "
+ "(wszystkie))\n"
- for i in $all_programs; do
- # Skip these.
-- case $i in chroot|stty|tty|false) continue;; esac
-+ case $i in chroot|stty|tty|false|chcon|runcon) continue;; esac
++#: src/cp.c:202
++msgid " -c same as --preserve=context\n"
++msgstr " -c to samo co --preserve=context\n"
++
+ #: src/cp.c:196
+ msgid ""
+ " --no-preserve=ATTR_LIST don't preserve the specified attributes\n"
+@@ -1740,12 +1848,13 @@
+ " destination file is missing\n"
+ " -v, --verbose explain what is being done\n"
+ " -x, --one-file-system stay on this file system\n"
++" -Z, --context=CONTEXT set security context of copy to CONTEXT\n"
+ msgstr ""
+ " -u, --update kopiowanie tylko plików, dla których ¬RÓD£O\n"
+ " jest nowsze ni¿ CEL albo brakuje CELU\n"
+ " -v, --verbose wyja¶nianie co siê dzieje\n"
+ " -x, --one-file-system pozostanie w jednym systemie plików\n"
+-"\n"
++" -Z, --context=KONTEKST ustawienie KONTEKSTU bezpieczeñstwa kopii\n"
- rm -rf $tmp_in $tmp_in2 $tmp_dir $tmp_out
- echo > $tmp_in
---- coreutils-5.2.1/src/mkdir.c.selinux 2004-01-21 17:27:02.000000000 -0500
-+++ coreutils-5.2.1/src/mkdir.c 2004-03-16 14:25:05.645507272 -0500
-@@ -34,6 +34,10 @@
+ #: src/cp.c:225
+ msgid ""
+@@ -1874,6 +1983,26 @@
+ msgid "multiple target directories specified"
+ msgstr "podano wiele katalogów docelowych"
- #define AUTHORS "David MacKenzie"
++#: src/cp.c:1017
++#, c-format
++msgid "%s: cannot force target context <-- %s and preserve it\n"
++msgstr "%s: nie mo¿na wymusiæ docelowego kontekstu <-- %s i zachowaæ go\n"
++
++#: src/cp.c:1027
++#, c-format
++msgid "Warning: ignoring --context (-Z). It requires a SELinux enabled kernel.\n"
++msgstr "Uwaga: zignorowano --context (-Z). Ta opcja wymaga j±dra z obs³ug± SELinuksa.\n"
++
++#: src/cp.c:1031 src/install.c:369
++#, c-format
++msgid "%s: cannot force target context to '%s' and preserve it\n"
++msgstr "%s: nie mo¿na wymusiæ docelowego kontekstu na '%s' i zachowaæ go\n"
++
++#: src/cp.c:1038
++#, c-format
++msgid "cannot set default security context %s"
++msgstr "nie mo¿na ustawiæ domy¶lnego kontekstu bezpieczeñstwa %s"
++
+ #: src/cp.c:1030
+ #, c-format
+ msgid "cannot make both hard and symbolic links"
+@@ -3880,6 +4009,7 @@
+ "Print information for USERNAME, or the current user.\n"
+ "\n"
+ " -a ignore, for compatibility with other versions\n"
++" -Z, --context print only the context\n"
+ " -g, --group print only the effective group ID\n"
+ " -G, --groups print all group IDs\n"
+ " -n, --name print a name instead of a number, for -ugG\n"
+@@ -3890,6 +4020,7 @@
+ "\n"
+ " -a ignorowane, dla zachowania kompatybilno¶ci z innymi "
+ "wersjami\n"
++" -Z, --context wy¶wietlenie tylko kontekstu\n"
+ " -g, --group wy¶wietlenie tylko efektywnego identyfikatora grupy\n"
+ " -G, --groups wy¶wietlenie pe³nej listy grup\n"
+ " -n, --name wy¶wietlenie nazw zamiast numerów, dla -ugG\n"
+@@ -3906,10 +4037,26 @@
+ "Bez ¿adnych OPCJI wy¶wietla zestaw u¿ytecznych informacji, które uda³o siê\n"
+ "zidentyfikowaæ.\n"
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h> /* for is_selinux_enabled() */
-+#endif
+-#: src/id.c:152
++#: src/id.c:165 src/mkdir.c:136 src/mkfifo.c:124 src/mknod.c:135
+ #, c-format
+-msgid "cannot print only user and only group"
+-msgstr "nie mo¿na wypisaæ tylko u¿ytkownika i tylko grupê równocze¶nie"
++msgid "Sorry, --context (-Z) can be used only on a SELinux-enabled kernel.\n"
++msgstr "Niestety --context (-Z) mo¿na u¿ywaæ tylko na j±drze z obs³ug± SELinuksa.\n"
+
- /* The name this program was run with. */
- char *program_name;
++#: src/id.c:198
++msgid ""
++"cannot display context when SELinux not enabled or when displaying the id\n"
++"of a different user"
++msgstr ""
++"nie mo¿na wy¶wietliæ kontekstu kiedy SELinux nie jest w³±czony lub przy\n"
++"wy¶wietlaniu identyfikatora innego u¿ytkownika"
++
++#: src/id.c:209
++msgid "can't get process context"
++msgstr "nie mo¿na uzyskaæ kontekstu procesu"
++
++#: src/id.c:214
++msgid "cannot print \"only\" of more than one choice"
++msgstr "nie mo¿na wypisaæ \"tylko czego¶\" dla wiêcej ni¿ jednej rzeczy"
-@@ -42,6 +46,9 @@
+ #: src/id.c:156
+ #, c-format
+@@ -3941,6 +4088,31 @@
+ msgid " groups="
+ msgstr " grupy="
- static struct option const longopts[] =
- {
-+#ifdef WITH_SELINUX
-+ {"context", required_argument, NULL, 'Z'},
-+#endif
- {"mode", required_argument, NULL, 'm'},
- {"parents", no_argument, NULL, 'p'},
- {"verbose", no_argument, NULL, 'v'},
-@@ -63,6 +70,11 @@
- Create the DIRECTORY(ies), if they do not already exist.\n\
- \n\
- "), stdout);
-+#ifdef WITH_SELINUX
-+ printf (_("\
-+ -Z, --context=CONTEXT (SELinux) set security context to CONTEXT\n\
-+"));
-+#endif
- fputs (_("\
- Mandatory arguments to long options are mandatory for short options too.\n\
- "), stdout);
-@@ -98,7 +110,11 @@
-
- create_parents = 0;
-
-+#ifdef WITH_SELINUX
-+ while ((optc = getopt_long (argc, argv, "pm:vZ:", longopts, NULL)) != -1)
-+#else
- while ((optc = getopt_long (argc, argv, "pm:v", longopts, NULL)) != -1)
-+#endif
- {
- switch (optc)
- {
-@@ -113,6 +129,19 @@
- case 'v': /* --verbose */
- verbose_fmt_string = _("created directory %s");
- break;
-+#ifdef WITH_SELINUX
-+ case 'Z':
-+ /* politely decline if we're not on a selinux-enabled kernel. */
-+ if( !(is_selinux_enabled()>0)) {
-+ fprintf( stderr, _("Sorry, --context (-Z) can be used only on a SELinux-enabled kernel.\n") );
-+ exit( 1 );
-+ }
-+ if (setfscreatecon(optarg)) {
-+ fprintf( stderr, _("Sorry, cannot set default context to %s.\n"), optarg);
-+ exit( 1 );
-+ }
-+ break;
-+#endif
- case_GETOPT_HELP_CHAR;
- case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
- default:
---- coreutils-5.2.1/src/cp.c.selinux 2004-03-16 14:25:05.411542840 -0500
-+++ coreutils-5.2.1/src/cp.c 2004-03-16 14:25:05.648506816 -0500
-@@ -49,6 +49,11 @@
-
- #define AUTHORS "Torbjorn Granlund", "David MacKenzie", "Jim Meyering"
-
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h> /* for is_selinux_enabled() */
-+int selinux_enabled=0;
-+#endif
++#: src/id.c:458
++#, c-format
++msgid " context=%s"
++msgstr " kontekst=%s"
+
- #ifndef _POSIX_VERSION
- uid_t geteuid ();
- #endif
-@@ -143,6 +148,9 @@
- {"update", no_argument, NULL, 'u'},
- {"verbose", no_argument, NULL, 'v'},
- {"version-control", required_argument, NULL, 'V'}, /* Deprecated. FIXME. */
-+#ifdef WITH_SELINUX
-+ {"context", required_argument, NULL, 'Z'},
-+#endif
- {GETOPT_HELP_OPTION_DECL},
- {GETOPT_VERSION_OPTION_DECL},
- {NULL, 0, NULL, 0}
-@@ -192,6 +200,9 @@
- additional attributes: links, all\n\
- "), stdout);
- fputs (_("\
-+ -c same as --preserve=context\n\
-+"), stdout);
-+ fputs (_("\
- --no-preserve=ATTR_LIST don't preserve the specified attributes\n\
- --parents append source path to DIRECTORY\n\
- -P same as `--no-dereference'\n\
-@@ -219,6 +230,7 @@
- destination file is missing\n\
- -v, --verbose explain what is being done\n\
- -x, --one-file-system stay on this file system\n\
-+ -Z, --context=CONTEXT set security context of copy to CONTEXT\n\
- "), stdout);
- fputs (HELP_OPTION_DESCRIPTION, stdout);
- fputs (VERSION_OPTION_DESCRIPTION, stdout);
-@@ -748,8 +760,8 @@
- {
- new_dest = (char *) dest;
- }
--
-- return copy (source, new_dest, new_dst, x, &unused, NULL);
-+ ret=copy (source, new_dest, new_dst, x, &unused, NULL);
-+ return ret;
- }
-
- /* unreachable */
-@@ -773,6 +785,10 @@
- x->preserve_mode = 0;
- x->preserve_timestamps = 0;
-
-+#ifdef WITH_SELINUX
-+ x->preserve_security_context = 0;
-+#endif
++#: src/install.c:365
++#, c-format
++msgid "Warning: ignoring --preserve_context (-P) because the kernel is not SELinux-enabled.\n"
++msgstr "Uwaga: zignorowano --preserve_context (-P), poniewa¿ j±dro nie ma obs³ugi SELinuksa.\n"
+
- x->require_preserve = 0;
- x->recursive = 0;
- x->sparse_mode = SPARSE_AUTO;
-@@ -800,19 +816,20 @@
- PRESERVE_TIMESTAMPS,
- PRESERVE_OWNERSHIP,
- PRESERVE_LINK,
-+ PRESERVE_CONTEXT,
- PRESERVE_ALL
- };
- static enum File_attribute const preserve_vals[] =
- {
- PRESERVE_MODE, PRESERVE_TIMESTAMPS,
-- PRESERVE_OWNERSHIP, PRESERVE_LINK, PRESERVE_ALL
-+ PRESERVE_OWNERSHIP, PRESERVE_LINK, PRESERVE_CONTEXT, PRESERVE_ALL
- };
-
- /* Valid arguments to the `--preserve' option. */
- static char const* const preserve_args[] =
- {
- "mode", "timestamps",
-- "ownership", "links", "all", 0
-+ "ownership", "links", "context", "all", 0
- };
-
- char *arg_writable = xstrdup (arg);
-@@ -847,11 +864,16 @@
- x->preserve_links = on_off;
- break;
++#: src/install.c:377
++#, c-format
++msgid "Warning: ignoring --context (-Z) because the kernel is not SELinux-enabled.\n"
++msgstr "Uwaga: zignorowano --context (-Z), poniewa¿ j±dro nie ma obs³ugi SELinuksa.\n"
++
++#: src/install.c:382
++#, c-format
++msgid "%s: cannot force target context == '%s' and preserve it\n"
++msgstr "%s: nie mo¿na wymusiæ docelowego kontekstu '%s' i zachowaæ go\n"
++
++#: src/install.c:387
++#, c-format
++msgid "%s: cannot setup default context == '%s'\n"
++msgstr "%s: nie mo¿na ustawiæ domy¶lnego kontekstu '%s'\n"
++
+ #: src/install.c:318
+ #, c-format
+ msgid "the strip option may not be used when installing a directory"
+@@ -4079,6 +4251,14 @@
+ " -T, --no-target-directory traktowanie CELU jak zwyk³ego pliku\n"
+ " -v, --verbose wypisanie nazwy ka¿dego tworzonego katalogu\n"
-+ case PRESERVE_CONTEXT:
-+ x->preserve_security_context = on_off;
-+ break;
++#: src/install.c:773
++msgid ""
++" -P, --preserve_context (SELinux) Preserve security context\n"
++" -Z, --context=CONTEXT (SELinux) Set security context of files and directories\n"
++msgstr ""
++" -P, --preserve_context (SELinux) zachowanie kontekstu bezpieczeñstwa\n"
++" -Z, --context=KONTEKST (SELinux) ustawienie kontekstu plików i katalogów\n"
+
- case PRESERVE_ALL:
- x->preserve_mode = on_off;
- x->preserve_timestamps = on_off;
- x->preserve_ownership = on_off;
- x->preserve_links = on_off;
-+ x->preserve_security_context = on_off;
- break;
+ #: src/install.c:692 src/ln.c:365 src/mv.c:318
+ msgid ""
+ "\n"
+@@ -4468,6 +4648,11 @@
+ msgid "no login name"
+ msgstr "brak nazwy u¿ytkownika"
- default:
-@@ -875,6 +897,10 @@
- struct cp_options x;
- int copy_contents = 0;
- char *target_directory = NULL;
-+#ifdef WITH_SELINUX
-+ security_context_t scontext = NULL;
-+ selinux_enabled= (is_selinux_enabled()>0);
-+#endif
++#: src/ls.c:129
++#, c-format
++msgid "Sorry, this option can only be used on a SELinux-enabled kernel.\n"
++msgstr "Niestety tej opcji mo¿na u¿yæ tylko na j±drze z obs³ug± SELinuksa.\n"
++
+ #: src/ls.c:684
+ msgid "%b %e %Y"
+ msgstr "%b %e %Y"
+@@ -4841,6 +5026,34 @@
+ " -X sortowanie alfabetyczne wg rozszerzeñ\n"
+ " -1 listowanie po jednym pliku w linii\n"
- initialize_main (&argc, &argv);
- program_name = argv[0];
-@@ -890,7 +916,11 @@
- we'll actually use backup_suffix_string. */
- backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
++#: src/ls.c:4134
++#, c-format
++msgid ""
++"\n"
++"SELinux options:\n"
++"\n"
++" --lcontext Display security context. Enable -l. Lines\n"
++" will probably be too wide for most displays.\n"
++" -Z, --context Display security context so it fits on most\n"
++" displays. Displays only mode, user, group,\n"
++" security context and file name.\n"
++" --scontext Display only security context and file name.\n"
++"\n"
++"\n"
++msgstr ""
++"\n"
++"Opcje dla SELinuksa:\n"
++"\n"
++" --lcontext wy¶wietlanie kontekstu bezpieczeñstwa; w³±cza -l,\n"
++" linie mog± byæ zbyt d³ugie dla wielu terminali\n"
++" --context wy¶wietlanie kontekstu tak, ¿eby zmie¶ci³ siê na\n"
++" wiêkszo¶ci terminali; wy¶wietlane s± tylko\n"
++" uprawnienia, w³a¶ciciel, grupa, kontekst\n"
++" bezpieczeñstwa i nazwa pliku\n"
++" --scontext wy¶wietlanie tylko kontekstu i nazwy pliku\n"
++"\n"
++"\n"
++
+ #: src/ls.c:4360
+ msgid ""
+ "\n"
+@@ -5043,6 +5256,11 @@
+ "Utworzenie KATALOGU/ÓW, je¿eli jeszcze nie istniej±.\n"
+ "\n"
-+#ifdef WITH_SELINUX
-+ while ((c = getopt_long (argc, argv, "abcdfHilLprsuvxPRS:V:Z:", long_opts, NULL))
-+#else
- while ((c = getopt_long (argc, argv, "abdfHilLprsuvxPRS:V:", long_opts, NULL))
-+#endif
- != -1)
- {
- switch (c)
-@@ -981,6 +1011,35 @@
- x.preserve_timestamps = 1;
- x.require_preserve = 1;
- break;
-+#ifdef WITH_SELINUX
-+ case 'c':
-+ if ( scontext != NULL ) {
-+ (void) fprintf(stderr, _("%s: cannot force target context <-- %s and preserve it\n"), argv[0], scontext);
-+ exit( 1 );
-+ }
-+ else if (selinux_enabled)
-+ x.preserve_security_context = 1;
-+ break;
++#: src/mkdir.c:74
++#, c-format
++msgid " -Z, --context=CONTEXT (SELinux) set security context to CONTEXT\n"
++msgstr " -Z, --context=KONTEKST (SELinux) ustawienie KONTEKSTU bezpieczeñstwa\n"
+
-+ case 'Z':
-+ /* politely decline if we're not on a selinux-enabled kernel. */
-+ if( !selinux_enabled ) {
-+ fprintf( stderr, _("Warning: ignoring --context (-Z). It requires a SELinux enabled kernel.\n") );
-+ break;
-+ }
-+ if ( x.preserve_security_context ) {
-+ (void) fprintf(stderr, _("%s: cannot force target context to '%s' and preserve it\n"), argv[0], optarg);
-+ exit( 1 );
-+ }
-+ scontext = optarg;
-+ /* if there's a security_context given set new path
-+ components to that context, too */
-+ if ( setfscreatecon(scontext) < 0 ) {
-+ (void) fprintf(stderr, _("cannot set default security context %s"), scontext);
-+ exit( 1 );
-+ }
-+ break;
-+#endif
+ #: src/mkdir.c:67
+ msgid ""
+ " -m, --mode=MODE set file mode (as in chmod), not a=rwx - umask\n"
+@@ -5059,6 +5277,11 @@
+ msgid "created directory %s"
+ msgstr "utworzony katalog %s"
- case PARENTS_OPTION:
- flag_path = 1;
---- coreutils-5.2.1/src/stat.c.selinux 2004-02-05 08:46:12.000000000 -0500
-+++ coreutils-5.2.1/src/stat.c 2004-03-16 14:25:05.652506208 -0500
-@@ -42,6 +42,13 @@
- # endif
- #endif
++#: src/mkdir.c:170 src/mkfifo.c:128 src/mknod.c:139
++#, c-format
++msgid "Sorry, cannot set default context to %s.\n"
++msgstr "Niestety nie mo¿na ustawiæ domy¶lnego kontekstu na %s.\n"
++
+ #: src/mkfifo.c:54
+ #, c-format
+ msgid "Usage: %s [OPTION] NAME...\n"
+@@ -5072,6 +5295,11 @@
+ "Tworzenie nazwanych potoków (pipes, FIFOs) o podanych NAZWACH.\n"
+ "\n"
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h>
-+#define SECURITY_ID_T security_context_t
-+#else
-+#define SECURITY_ID_T char *
-+#endif
++#: src/mkfifo.c:68 src/mknod.c:69
++#, c-format
++msgid " -Z, --context=CONTEXT set security context (quoted string)\n"
++msgstr " -Z, --context=KONTEKST ustawienie kontekstu bezpieczeñstwa (³añcuch cytowany)\n"
+
- #include "system.h"
+ #: src/mkfifo.c:62 src/mknod.c:64
+ msgid ""
+ " -m, --mode=MODE set file permission bits to MODE, not a=rw - umask\n"
+@@ -6808,6 +7036,72 @@
+ " -v, --verbose informacja diagnostyczna o ka¿dym przetworzonym\n"
+ " katalogu\n"
- #include "error.h"
-@@ -95,6 +102,7 @@
- {"dereference", no_argument, 0, 'L'},
- {"format", required_argument, 0, 'c'},
- {"filesystem", no_argument, 0, 'f'},
-+ {"context", no_argument, 0, 'Z'},
- {"terse", no_argument, 0, 't'},
- {GETOPT_HELP_OPTION_DECL},
- {GETOPT_VERSION_OPTION_DECL},
-@@ -345,7 +353,7 @@
- /* print statfs info */
- static void
- print_statfs (char *pformat, char m, char const *filename,
-- void const *data)
-+ void const *data,SECURITY_ID_T scontext)
- {
- STRUCT_STATVFS const *statfsbuf = data;
-
-@@ -407,7 +415,10 @@
- strcat (pformat, PRIdMAX);
- printf (pformat, (intmax_t) (statfsbuf->f_ffree));
- break;
--
-+ case 'C':
-+ strcat (pformat, "s");
-+ printf(scontext);
-+ break;
- default:
- strcat (pformat, "c");
- printf (pformat, m);
-@@ -417,7 +428,7 @@
-
- /* print stat info */
- static void
--print_stat (char *pformat, char m, char const *filename, void const *data)
-+print_stat (char *pformat, char m, char const *filename, void const *data, SECURITY_ID_T scontext)
- {
- struct stat *statbuf = (struct stat *) data;
- struct passwd *pw_ent;
-@@ -553,6 +564,10 @@
- strcat (pformat, "d");
- printf (pformat, (int) statbuf->st_ctime);
- break;
-+ case 'C':
-+ strcat (pformat, "s");
-+ printf(pformat,scontext);
-+ break;
- default:
- strcat (pformat, "c");
- printf (pformat, m);
-@@ -562,8 +577,8 @@
-
- static void
- print_it (char const *masterformat, char const *filename,
-- void (*print_func) (char *, char, char const *, void const *),
-- void const *data)
-+ void (*print_func) (char *, char, char const *, void const *,SECURITY_ID_T ),
-+ void const *data, SECURITY_ID_T scontext)
- {
- char *b;
-
-@@ -598,7 +613,7 @@
- putchar ('%');
- break;
- default:
-- print_func (dest, *p, filename, data);
-+ print_func (dest, *p, filename, data,scontext);
- break;
- }
- }
-@@ -615,9 +630,17 @@
-
- /* stat the filesystem and print what we find */
- static void
--do_statfs (char const *filename, int terse, char const *format)
-+do_statfs (char const *filename, int terse, int secure, char const *format)
- {
- STRUCT_STATVFS statfsbuf;
-+ SECURITY_ID_T scontext = NULL;
-+#ifdef WITH_SELINUX
-+ if(secure)
-+ if (getfilecon(filename,&scontext)<0) {
-+ perror (filename);
-+ return;
-+ }
-+#endif
- int i = statfs (filename, &statfsbuf);
++#: src/runcon.c:42
++#, c-format
++msgid ""
++"Usage: %s [OPTION]... command [args]\n"
++"Run a program in a different security context.\n"
++"\n"
++" context Complete security context\n"
++" -t type (for same role as parent)\n"
++" -u user identity\n"
++" -r role\n"
++" -l levelrange\n"
++" --help display this help and exit\n"
++msgstr ""
++"Sk³adnia: %s [OPCJA]... polecenie [argumenty]\n"
++"Uruchomienie programu w innym kontek¶cie bezpieczeñstwa.\n"
++"\n"
++" kontekst pe³ny kontekst bezpieczeñstwa\n"
++" -t typ (dla tej samej roli jako rodzica)\n"
++" -u identyfikator u¿ytkownika\n"
++" -r rola\n"
++" -l zakres poziomów\n"
++" --help wy¶wietlenie tego opisu i zakoñczenie\n"
++
++#: src/runcon.c:90
++#, c-format
++msgid "multiple roles\n"
++msgstr "wiele ról\n"
++
++#: src/runcon.c:97
++#, c-format
++msgid "multiple types\n"
++msgstr "wiele typów\n"
++
++#: src/runcon.c:104
++#, c-format
++msgid "multiple users\n"
++msgstr "wielu u¿ytkowników\n"
++
++#: src/runcon.c:111
++#, c-format
++msgid "multiple levelranges\n"
++msgstr "wiele zakresów poziomów\n"
++
++#: src/runcon.c:117
++#, c-format
++msgid "unrecognised option %c\n"
++msgstr "nierozpoznana opcja %c\n"
++
++#: src/runcon.c:125
++msgid "must specify -t, -u, -l, -r, or context"
++msgstr "trzeba podaæ -t, -u, -l, -r albo kontekst"
++
++#: src/runcon.c:131
++msgid "no command found"
++msgstr "nie znaleziono polecenia"
++
++#: src/runcon.c:137 src/runcon.c:145
++#, c-format
++msgid "%s is not a valid context\n"
++msgstr "%s nie jest poprawnym kontekstem\n"
++
++#: src/runcon.c:163
++#, c-format
++msgid "unable to setup security context %s\n"
++msgstr "nie mo¿na ustawiæ kontekstu bezpieczeñstwa %s\n"
++
+ #: src/seq.c:74
+ #, c-format
+ msgid ""
+@@ -7689,6 +7983,7 @@
+ " --printf=FORMAT like --format, but interpret backslash escapes,\n"
+ " and do not output a mandatory trailing newline.\n"
+ " If you want a newline, include \\n in FORMAT.\n"
++" -Z, --context print the security context\n"
+ " -t, --terse print the information in terse form\n"
+ msgstr ""
+ " -c --format=FORMAT u¿ycie podanego FORMATU zamiast domy¶lnego; po\n"
+@@ -7699,6 +7994,7 @@
+ " uko¶nikiem odwrotnym i bez wypisywania znaku "
+ "nowej\n"
+ " linii. ¯eby go wypisaæ u¿yj \\n w FORMACIE.\n"
++" -Z, --context wypisywanie kontekstu bezpieczeñstwa\n"
+ " -t, --terse wypisywanie informacji w skróconej formie\n"
- if (i == -1)
-@@ -629,23 +652,40 @@
+ #: src/stat.c:849
+@@ -7786,6 +8082,7 @@
+ " %c Total file nodes in file system\n"
+ " %d Free file nodes in file system\n"
+ " %f Free blocks in file system\n"
++" %C Security context in SELinux\n"
+ msgstr ""
+ "Prawid³owe specyfikacje formatu dla systemów plików:\n"
+ "\n"
+@@ -7794,6 +8091,7 @@
+ " %c ca³kowita liczba i-wêz³ów w systemie plików\n"
+ " %d liczba wolnych i-wêz³ów w systemie plików\n"
+ " %f liczba wolnych bloków w systemie plików\n"
++" %C kontekst bezpieczeñstwa w SELinuksie\n"
- if (format == NULL)
- {
-- format = (terse
-- ? "%n %i %l %t %b %f %a %s %c %d"
-- : " File: \"%n\"\n"
-- " ID: %-8i Namelen: %-7l Type: %T\n"
-- "Blocks: Total: %-10b Free: %-10f Available: %-10a Size: %s\n"
-- "Inodes: Total: %-10c Free: %-10d");
-- }
--
-- print_it (format, filename, print_statfs, &statfsbuf);
-+ if (terse) {
-+ if(secure)
-+ format = "%n %i %l %t %b %f %a %s %c %d %C";
-+ else
-+ format = "%n %i %l %t %b %f %a %s %c %d";
-+ }
-+ else
-+ {
-+ if(secure)
-+ format = " File: \"%n\"\n"
-+ " ID: %-8i Namelen: %-7l Type: %T\n"
-+ "Blocks: Total: %-10b Free: %-10f Available: %-10a Size: %s\n"
-+ "Inodes: Total: %-10c Free: %-10d\n"
-+ " S_Context: %C\n";
-+ else
-+ format= " File: \"%n\"\n"
-+ " ID: %-8i Namelen: %-7l Type: %T\n"
-+ "Blocks: Total: %-10b Free: %-10f Available: %-10a Size: %s\n"
-+ "Inodes: Total: %-10c Free: %-10d";
-+ }
-+ }
-+ print_it (format, filename, print_statfs, &statfsbuf,scontext);
-+#ifdef WITH_SELINUX
-+ if (scontext != NULL)
-+ freecon(scontext);
-+#endif
- }
--
- /* stat the file and print what we find */
- static void
--do_stat (char const *filename, int follow_links, int terse,
-+ do_stat (char const *filename, int follow_links, int terse,int secure,
- char const *format)
- {
- struct stat statbuf;
-+ SECURITY_ID_T scontext = NULL;
- int i = ((follow_links == 1)
- ? stat (filename, &statbuf)
- : lstat (filename, &statbuf));
-@@ -656,11 +696,28 @@
- return;
- }
+ #: src/stat.c:896
+ msgid ""
+@@ -7813,6 +8111,10 @@
+ " %t typ szesnastkowo\n"
+ " %T typ w formie czytelnej dla cz³owieka\n"
-+#ifdef WITH_SELINUX
-+ if(secure) {
-+ if (link)
-+ i=lgetfilecon(filename, &scontext);
-+ else
-+ i=getfilecon(filename, &scontext);
-+ if (i == -1)
-+ {
-+ perror (filename);
-+ return;
-+ }
-+ }
-+#endif
++#: src/stat.c:900
++msgid "Kernel is not SELinux enabled"
++msgstr "J±dro nie ma obs³ugi SELinuksa"
+
- if (format == NULL)
- {
- if (terse != 0)
- {
-- format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o";
-+ if (secure)
-+ format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o %C";
-+ else
-+ format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o";
- }
- else
- {
-@@ -668,7 +725,17 @@
- i = statbuf.st_mode & S_IFMT;
- if (i == S_IFCHR || i == S_IFBLK)
- {
-- format =
-+ if (secure)
-+ format =
-+ " File: %N\n"
-+ " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
-+ "Device: %Dh/%dd\tInode: %-10i Links: %-5h"
-+ " Device type: %t,%T\n"
-+ "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n"
-+ " S_Context: %C\n"
-+ "Access: %x\n" "Modify: %y\n" "Change: %z\n";
-+ else
-+ format =
- " File: %N\n"
- " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
- "Device: %Dh/%dd\tInode: %-10i Links: %-5h"
-@@ -678,6 +745,15 @@
- }
- else
- {
-+ if (secure)
-+ format =
-+ " File: %N\n"
-+ " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
-+ "Device: %Dh/%dd\tInode: %-10i Links: %-5h\n"
-+ "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n"
-+ "S_Context: %C\n"
-+ "Access: %x\n" "Modify: %y\n" "Change: %z\n";
-+ else
- format =
- " File: %N\n"
- " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
-@@ -687,7 +763,11 @@
- }
- }
- }
-- print_it (format, filename, print_stat, &statbuf);
-+ print_it (format, filename, print_stat, &statbuf,scontext);
-+#ifdef WITH_SELINUX
-+ if (scontext)
-+ freecon(scontext);
-+#endif
- }
-
- void
-@@ -705,6 +785,7 @@
- -f, --filesystem display filesystem status instead of file status\n\
- -c --format=FORMAT use the specified FORMAT instead of the default\n\
- -L, --dereference follow links\n\
-+ -Z, --context print the security context\n\
- -t, --terse print the information in terse form\n\
- "), stdout);
- fputs (HELP_OPTION_DESCRIPTION, stdout);
-@@ -756,6 +837,7 @@
- %c Total file nodes in file system\n\
- %d Free file nodes in file system\n\
- %f Free blocks in file system\n\
-+ %C Security context in SELinux\n\
- "), stdout);
- fputs (_("\
- %i File System id in hex\n\
-@@ -778,6 +860,7 @@
- int follow_links = 0;
- int fs = 0;
- int terse = 0;
-+ int secure = 0;
- char *format = NULL;
-
- initialize_main (&argc, &argv);
-@@ -788,7 +871,7 @@
+ #: src/stty.c:511
+ #, c-format
+ msgid ""
+diff -Nur coreutils-6.4/src/Makefile.am coreutils-6.4.selinux/src/Makefile.am
+--- coreutils-6.4/src/Makefile.am 2006-10-31 23:38:15.000000000 +0000
++++ coreutils-6.4.selinux/src/Makefile.am 2006-10-31 23:39:34.000000000 +0000
+@@ -20,14 +20,14 @@
+ EXTRA_PROGRAMS = chroot df hostid nice pinky stty su uname uptime users who
- atexit (close_stdout);
+ bin_SCRIPTS = groups
+-bin_PROGRAMS = [ chgrp chown chmod cp dd dircolors du \
++bin_PROGRAMS = [ chgrp chown chmod chcon cp dd dircolors du \
+ ginstall link ln dir vdir ls mkdir \
+ mkfifo mknod mv nohup readlink rm rmdir shred stat sync touch unlink \
+ cat cksum comm csplit cut expand fmt fold head join md5sum \
+ nl od paste pr ptx sha1sum sha224sum sha256sum sha384sum sha512sum \
+ shuf sort split sum tac tail tr tsort unexpand uniq wc \
+ basename date dirname echo env expr factor false getgid \
+- hostname id kill logname pathchk printenv printf pwd seq sleep tee \
++ hostname id kill logname pathchk printenv printf pwd runcon seq sleep tee \
+ test true tty whoami yes \
+ base64 \
+ $(OPTIONAL_BIN_PROGS) $(DF_PROG)
+@@ -112,6 +112,20 @@
+ mv_LDADD += $(LIB_ACL)
+ ginstall_LDADD += $(LIB_ACL)
+
++dir_LDADD += @LIB_SELINUX@
++ls_LDADD += @LIB_SELINUX@
++vdir_LDADD += @LIB_SELINUX@
++cp_LDADD += @LIB_SELINUX@
++ginstall_LDADD += @LIB_SELINUX@
++mv_LDADD += @LIB_SELINUX@
++chcon_LDADD = $(LDADD) @LIB_SELINUX@
++id_LDADD = $(LDADD) @LIB_SELINUX@
++mkdir_LDADD = $(LDADD) @LIB_SELINUX@
++mkfifo_LDADD = $(LDADD) @LIB_SELINUX@
++mknod_LDADD = $(LDADD) @LIB_SELINUX@
++stat_LDADD = $(LDADD) @LIB_SELINUX@
++runcon_LDADD = $(LDADD) @LIB_SELINUX@
++
+ $(PROGRAMS): ../lib/libcoreutils.a
-- while ((c = getopt_long (argc, argv, "c:fLlt", long_options, NULL)) != -1)
-+ while ((c = getopt_long (argc, argv, "c:fLltZ", long_options, NULL)) != -1)
- {
- switch (c)
- {
-@@ -810,6 +893,14 @@
- case 't':
- terse = 1;
- break;
-+ case 'Z':
-+ if((is_selinux_enabled()>0))
-+ secure = 1;
-+ else {
-+ error (0, 0, _("Kernel is not SELinux enabled"));
-+ usage (EXIT_FAILURE);
-+ }
-+ break;
-
- case_GETOPT_HELP_CHAR;
-
-@@ -829,9 +920,9 @@
- for (i = optind; i < argc; i++)
- {
- if (fs == 0)
-- do_stat (argv[i], follow_links, terse, format);
-+ do_stat (argv[i], follow_links, terse, secure, format);
- else
-- do_statfs (argv[i], terse, format);
-+ do_statfs (argv[i], terse, secure, format);
- }
-
- exit (G_fail ? EXIT_FAILURE : EXIT_SUCCESS);
---- coreutils-5.2.1/src/ls.c.selinux 2004-03-16 14:25:05.406543600 -0500
-+++ coreutils-5.2.1/src/ls.c 2004-03-16 14:25:05.675502712 -0500
-@@ -121,6 +121,17 @@
-
- #define AUTHORS "Richard Stallman", "David MacKenzie"
-
-+#ifdef WITH_SELINUX
+ SUFFIXES = .sh
+diff -Nur coreutils-6.4/src/chcon.c coreutils-6.4.selinux/src/chcon.c
+--- coreutils-6.4/src/chcon.c 1970-01-01 00:00:00.000000000 +0000
++++ coreutils-6.4.selinux/src/chcon.c 2006-10-31 23:39:34.000000000 +0000
+@@ -0,0 +1,423 @@
++/* chcontext -- change security context of a pathname */
++
++#include <config.h>
++#include <stdio.h>
++#include <sys/types.h>
++#include <grp.h>
++#include <getopt.h>
+#include <selinux/selinux.h>
-+int selinux_enabled= 0;
-+static int print_scontext = 0;
-+#define check_selinux() if (!selinux_enabled) { \
-+ fprintf( stderr, _("Sorry, this option can only be used on a SELinux-enabled kernel.\n") ); \
-+ exit( EXIT_FAILURE ); \
-+}
++#include <selinux/context.h>
+
-+#endif
++#include "system.h"
++#include "error.h"
++#include "savedir.h"
++#include "group-member.h"
+
- #define obstack_chunk_alloc malloc
- #define obstack_chunk_free free
-
-@@ -192,6 +203,10 @@
- /* For long listings, true if the file has an access control list. */
- bool have_acl;
- #endif
++enum Change_status
++{
++ CH_SUCCEEDED,
++ CH_FAILED,
++ CH_NO_CHANGE_REQUESTED
++};
+
-+#ifdef WITH_SELINUX
-+ security_context_t scontext;
-+#endif
- };
-
- #if HAVE_ACL || USE_ACL
-@@ -256,6 +271,9 @@
- static void sort_files (void);
- static void parse_ls_color (void);
- void usage (int status);
-+#ifdef WITH_SELINUX
-+static void print_scontext_format (const struct fileinfo *f);
-+#endif
-
- /* The name the program was run with, stripped of any leading path. */
- char *program_name;
-@@ -354,7 +372,10 @@
- one_per_line, /* -1 */
- many_per_line, /* -C */
- horizontal, /* -x */
-- with_commas /* -m */
-+#ifdef WITH_SELINUX
-+ security_format, /* -Z */
-+#endif
-+ with_commas /* -m */
- };
-
- static enum format format;
-@@ -679,6 +700,11 @@
- SHOW_CONTROL_CHARS_OPTION,
- SI_OPTION,
- SORT_OPTION,
-+#ifdef WITH_SELINUX
-+ CONTEXT_OPTION,
-+ LCONTEXT_OPTION,
-+ SCONTEXT_OPTION,
-+#endif
- TIME_OPTION,
- TIME_STYLE_OPTION
- };
-@@ -722,6 +748,11 @@
- {"time-style", required_argument, 0, TIME_STYLE_OPTION},
- {"color", optional_argument, 0, COLOR_OPTION},
- {"block-size", required_argument, 0, BLOCK_SIZE_OPTION},
-+#ifdef WITH_SELINUX
-+ {"context", no_argument, 0, CONTEXT_OPTION},
-+ {"lcontext", no_argument, 0, LCONTEXT_OPTION},
-+ {"scontext", no_argument, 0, SCONTEXT_OPTION},
-+#endif
- {"author", no_argument, 0, AUTHOR_OPTION},
- {GETOPT_HELP_OPTION_DECL},
- {GETOPT_VERSION_OPTION_DECL},
-@@ -731,12 +762,19 @@
- static char const *const format_args[] =
- {
- "verbose", "long", "commas", "horizontal", "across",
-- "vertical", "single-column", 0
-+ "vertical", "single-column",
-+#ifdef WITH_SELINUX
-+ "context",
-+#endif
-+ 0
- };
-
- static enum format const format_types[] =
- {
- long_format, long_format, with_commas, horizontal, horizontal,
-+#ifdef WITH_SELINUX
-+ security_format,
-+#endif
- many_per_line, one_per_line
- };
-
-@@ -1101,6 +1139,9 @@
-
- format_needs_stat = sort_type == sort_time || sort_type == sort_size
- || format == long_format
-+#ifdef WITH_SELINUX
-+ || format == security_format || print_scontext
-+#endif
- || dereference == DEREF_ALWAYS
- || print_block_size || print_inode;
- format_needs_type = (format_needs_stat == 0
-@@ -1223,6 +1265,11 @@
- /* Record whether there is an option specifying sort type. */
- int sort_type_specified = 0;
-
-+#ifdef WITH_SELINUX
-+ /* 1 iff kernel has new selinux system calls */
-+ selinux_enabled= (is_selinux_enabled()>0);
-+#endif
++enum Verbosity
++{
++ /* Print a message for each file that is processed. */
++ V_high,
+
- qmark_funny_chars = 0;
-
- /* initialize all switches to default settings */
-@@ -1273,6 +1319,9 @@
- all_files = 0;
- really_all_files = 0;
- ignore_patterns = 0;
-+#ifdef WITH_SELINUX
-+ print_scontext = 0;
-+#endif
-
- /* FIXME: put this in a function. */
- {
-@@ -1350,7 +1399,7 @@
- }
-
- while ((c = getopt_long (argc, argv,
-- "abcdfghiklmnopqrstuvw:xABCDFGHI:LNQRST:UX1",
-+ "abcdfghiklmnopqrstuvw:xABCDFGHI:LNQRST:UX1Z",
- long_options, NULL)) != -1)
- {
- switch (c)
-@@ -1470,6 +1519,13 @@
- format = horizontal;
- break;
-
-+#ifdef WITH_SELINUX
-+ case 'Z':
-+ check_selinux();
-+ print_scontext = 1;
-+ format = security_format;
-+ break;
-+#endif
- case 'A':
- really_all_files = 0;
- all_files = 1;
-@@ -1637,6 +1693,25 @@
-
- case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
-
-+#ifdef WITH_SELINUX
++ /* Print a message for each file whose attributes we change. */
++ V_changes_only,
+
-+ case CONTEXT_OPTION: /* new security format */
-+ check_selinux();
-+ print_scontext = 1;
-+ format = security_format;
-+ break;
-+ case LCONTEXT_OPTION: /* long format plus security context */
-+ check_selinux();
-+ print_scontext = 1;
-+ format = long_format;
-+ break;
-+ case SCONTEXT_OPTION: /* short form of new security format */
-+ check_selinux();
-+ print_scontext = 0;
-+ format = security_format;
-+ break;
-+#endif
++ /* Do not be verbose. This is the default. */
++ V_off
++};
+
- default:
- usage (EXIT_FAILURE);
- }
-@@ -2300,6 +2375,12 @@
- free (files[i].name);
- if (files[i].linkname)
- free (files[i].linkname);
-+#ifdef WITH_SELINUX
-+ if (files[i].scontext) {
-+ freecon (files[i].scontext);
-+ files[i].scontext=NULL;
-+ }
-+#endif
- }
-
- files_index = 0;
-@@ -2336,6 +2417,9 @@
- f->linkname = 0;
- f->linkmode = 0;
- f->linkok = 0;
-+#ifdef WITH_SELINUX
-+ f->scontext = NULL;
-+#endif
-
- if (explicit_arg
- || format_needs_stat
-@@ -2381,6 +2465,11 @@
- {
- int need_lstat;
- err = stat (path, &f->stat);
-+#ifdef WITH_SELINUX
-+ if (err>=0)
-+ if (selinux_enabled && (format == security_format || print_scontext))
-+ getfilecon(path, &f->scontext);
-+#endif
-
- if (dereference == DEREF_COMMAND_LINE_ARGUMENTS)
- break;
-@@ -2399,6 +2488,11 @@
-
- default: /* DEREF_NEVER */
- err = lstat (path, &f->stat);
-+#ifdef WITH_SELINUX
-+ if (err>=0)
-+ if (selinux_enabled && (format == security_format || print_scontext))
-+ lgetfilecon(path, &f->scontext);
-+#endif
- break;
- }
-
-@@ -2893,6 +2987,16 @@
- DIRED_PUTCHAR ('\n');
- }
- break;
++static int change_dir_context (const char *dir, const struct stat *statp);
+
-+#ifdef WITH_SELINUX
-+ case security_format:
-+ for (i = 0; i < files_index; i++)
-+ {
-+ print_scontext_format (files + i);
-+ DIRED_PUTCHAR ('\n');
-+ }
-+ break;
-+#endif
- }
- }
-
-@@ -3117,6 +3221,14 @@
- }
- p += sizeof modebuf + nlink_width + 1;
-
-+#ifdef WITH_SELINUX
++/* The name the program was run with. */
++char *program_name;
+
-+ if ( print_scontext ) {
-+ sprintf (p, "%-32s ", f->scontext);
-+ p += strlen (p);
-+ }
-+#endif
++/* If nonzero, and the systems has support for it, change the context
++ of symbolic links rather than any files they point to. */
++static int change_symlinks;
+
- DIRED_INDENT ();
-
- if (print_owner | print_group | print_author)
-@@ -4037,6 +4149,16 @@
- -X sort alphabetically by entry extension\n\
- -1 list one file per line\n\
- "), stdout);
-+#ifdef WITH_SELINUX
-+printf(_("\nSELinux options:\n\n\
-+ --lcontext Display security context. Enable -l. Lines\n\
-+ will probably be too wide for most displays.\n\
-+ -Z, --context Display security context so it fits on most\n\
-+ displays. Displays only mode, user, group,\n\
-+ security context and file name.\n\
-+ --scontext Display only security context and file name.\n\
-+\n\n"));
-+#endif
- fputs (HELP_OPTION_DESCRIPTION, stdout);
- fputs (VERSION_OPTION_DESCRIPTION, stdout);
- fputs (_("\n\
-@@ -4055,3 +4177,79 @@
- }
- exit (status);
- }
++/* If nonzero, change the context of directories recursively. */
++static int recurse;
+
-+#ifdef WITH_SELINUX
++/* If nonzero, force silence (no error messages). */
++static int force_silent;
+
-+static void
-+print_scontext_format (const struct fileinfo *f)
++/* Level of verbosity. */
++static enum Verbosity verbosity = V_off;
++
++/* The name of the context file is being given. */
++static const char *specified_context;
++
++/* Specific components of the context */
++static const char *specified_user;
++static const char *specified_role;
++static const char *specified_range;
++static const char *specified_type;
++
++/* The argument to the --reference option. Use the context of this file.
++ This file must exist. */
++static char *reference_file;
++
++/* If nonzero, display usage information and exit. */
++static int show_help;
++
++/* If nonzero, print the version on standard output and exit. */
++static int show_version;
++
++static struct option const long_options[] =
+{
-+ char modebuf[12];
++ {"recursive", no_argument, 0, 'R'},
++ {"changes", no_argument, 0, 'c'},
++ {"no-dereference", no_argument, 0, 'h'},
++ {"silent", no_argument, 0, 'f'},
++ {"quiet", no_argument, 0, 'f'},
++ {"reference", required_argument, 0, CHAR_MAX + 1},
++ {"context", required_argument, 0, CHAR_MAX + 2},
++ {"user", required_argument, 0, 'u'},
++ {"role", required_argument, 0, 'r'},
++ {"type", required_argument, 0, 't'},
++ {"range", required_argument, 0, 'l'},
++ {"verbose", no_argument, 0, 'v'},
++ {"help", no_argument, &show_help, 1},
++ {"version", no_argument, &show_version, 1},
++ {0, 0, 0, 0}
++};
+
-+ /* 7 fields that may require LONGEST_HUMAN_READABLE bytes,
-+ 1 10-byte mode string,
-+ 9 spaces, one following each of these fields, and
-+ 1 trailing NUL byte. */
++/* Tell the user how/if the context of FILE has been changed.
++ CHANGED describes what (if anything) has happened. */
+
-+ char init_bigbuf[7 * LONGEST_HUMAN_READABLE + 10 + 9 + 1];
-+ char *buf = init_bigbuf;
-+ size_t bufsize = sizeof (init_bigbuf);
-+ size_t s;
-+ char *p;
++static void
++describe_change (const char *file, security_context_t newcontext, enum Change_status changed)
++{
+ const char *fmt;
-+ char *user_name;
-+ char *group_name;
-+ int rv;
-+ char *scontext;
++ switch (changed)
++ {
++ case CH_SUCCEEDED:
++ fmt = _("context of %s changed to %s\n");
++ break;
++ case CH_FAILED:
++ fmt = _("failed to change context of %s to %s\n");
++ break;
++ case CH_NO_CHANGE_REQUESTED:
++ fmt = _("context of %s retained as %s\n");
++ break;
++ default:
++ abort ();
++ }
++ printf (fmt, file, newcontext);
++}
+
-+ p = buf;
++static int
++compute_context_from_mask (security_context_t context, context_t *ret)
++{
++ context_t newcontext = context_new (context);
++ if (!newcontext)
++ return 1;
++#define SETCOMPONENT(comp) \
++ do { \
++ if (specified_ ## comp) \
++ if (context_ ## comp ## _set (newcontext, specified_ ## comp)) \
++ goto lose; \
++ } while (0)
++
++ SETCOMPONENT(user);
++ SETCOMPONENT(range);
++ SETCOMPONENT(role);
++ SETCOMPONENT(type);
++#undef SETCOMPONENT
++
++ *ret = newcontext;
++ return 0;
++ lose:
++ context_free (newcontext);
++ return 1;
++}
+
-+ if ( print_scontext ) { /* zero means terse listing */
-+ mode_string (f->stat.st_mode, modebuf);
-+ modebuf[10] = (FILE_HAS_ACL (f) ? '+' : ' ');
-+ modebuf[11] = '\0';
++/* Change the context of FILE, using specified components.
++ If it is a directory and -R is given, recurse.
++ Return 0 if successful, 1 if errors occurred. */
+
-+ /* print mode */
++static int
++change_file_context (const char *file)
++{
++ struct stat file_stats;
++ security_context_t file_context=NULL;
++ context_t context;
++ security_context_t context_string;
++ int errors = 0;
++ int status = 0;
+
-+ (void) sprintf (p, "%s ", modebuf);
-+ p += strlen (p);
++ if (change_symlinks)
++ status = lgetfilecon(file, &file_context);
++ else
++ status = getfilecon(file, &file_context);
+
-+ /* print standard user and group */
++ if ((status < 0) && (errno != ENODATA))
++ {
++ if (force_silent == 0)
++ error (0, errno, "%s", file);
++ return 1;
++ }
+
-+ user_name = (numeric_ids ? NULL : getuser (f->stat.st_uid));
-+ if (user_name)
-+ (void) sprintf (p, "%-8.8s ", user_name);
-+ else
-+ (void) sprintf (p, "%-8u ", (unsigned int) f->stat.st_uid);
-+ p += strlen (p);
++ /* If the file doesn't have a context, and we're not setting all of
++ the context components, there isn't really an obvious default.
++ Thus, we just give up. */
++ if (file_context == NULL && specified_context == NULL)
++ {
++ error (0, 0, _("can't apply partial context to unlabeled file %s"), file);
++ return 1;
++ }
++
++ if (specified_context == NULL)
++ {
++ if (compute_context_from_mask (file_context, &context))
++ {
++ error (0, 0, _("couldn't compute security context from %s"), file_context);
++ return 1;
++ }
++ }
++ else
++ {
++ context = context_new (specified_context);
++ if (!context)
++ error (1, 0,_("invalid context: %s"),specified_context);
++ }
+
-+ if ( print_group ) {
-+ group_name = (numeric_ids ? NULL : getgroup (f->stat.st_gid));
-+ if (group_name)
-+ (void) sprintf (p, "%-8.8s ", group_name);
++ context_string = context_str (context);
++
++ if (file_context == NULL || strcmp(context_string,file_context)!=0)
++ {
++ int fail;
++
++ if (change_symlinks)
++ fail = lsetfilecon (file, context_string);
+ else
-+ (void) sprintf (p, "%-8u ", (unsigned int) f->stat.st_gid);
-+ p += strlen (p);
++ fail = setfilecon (file, context_string);
++
++ if (verbosity == V_high || (verbosity == V_changes_only && !fail))
++ describe_change (file, context_string, (fail ? CH_FAILED : CH_SUCCEEDED));
++
++ if (fail)
++ {
++ errors = 1;
++ if (force_silent == 0)
++ {
++ error (0, errno, _("failed to change context of %s to %s"), file, context_string);
++ }
++ }
++ }
++ else if (verbosity == V_high)
++ {
++ describe_change (file, context_string, CH_NO_CHANGE_REQUESTED);
+ }
-+ }
+
-+ (void) sprintf (p, "%-32s ", f->scontext);
-+ p += strlen (p);
-+
-+ DIRED_INDENT ();
-+ DIRED_FPUTS (buf, stdout, p - buf);
-+ print_name_with_quoting (f->name, f->stat.st_mode, f->linkok, &dired_obstack);
-+
-+ if (f->filetype == symbolic_link) {
-+ if (f->linkname) {
-+ DIRED_FPUTS_LITERAL (" -> ", stdout);
-+ print_name_with_quoting (f->linkname, f->linkmode, f->linkok - 1, NULL);
-+ if (indicator_style != none)
-+ print_type_indicator (f->linkmode);
-+ }
-+ }
-+ else {
-+ if (indicator_style != none)
-+ print_type_indicator (f->stat.st_mode);
++ context_free(context);
++ freecon(file_context);
++
++ if (recurse) {
++ if (lstat(file, &file_stats)==0)
++ if (S_ISDIR (file_stats.st_mode) &&
++ (strcmp(file,"..") !=0) &&
++ (strcmp(file,".") !=0))
++ errors |= change_dir_context (file, &file_stats);
+ }
++ return errors;
+}
-+#endif
---- coreutils-5.2.1/src/copy.h.selinux 2004-03-16 14:25:05.413542536 -0500
-+++ coreutils-5.2.1/src/copy.h 2004-03-16 14:25:05.677502408 -0500
-@@ -105,6 +105,9 @@
- int preserve_ownership;
- int preserve_mode;
- int preserve_timestamps;
-+#ifdef WITH_SELINUX
-+ int preserve_security_context;
-+#endif
-
- /* Enabled for mv, and for cp by the --preserve=links option.
- If nonzero, attempt to preserve in the destination files any
---- coreutils-5.2.1/src/mknod.c.selinux 2004-01-21 17:27:02.000000000 -0500
-+++ coreutils-5.2.1/src/mknod.c 2004-03-16 14:25:05.679502104 -0500
-@@ -36,8 +36,15 @@
- /* The name this program was run with. */
- char *program_name;
-
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h>
-+#endif
+
- static struct option const longopts[] =
- {
-+#ifdef WITH_SELINUX
-+ {"context", required_argument, NULL, 'Z'},
-+#endif
- {"mode", required_argument, NULL, 'm'},
- {GETOPT_HELP_OPTION_DECL},
- {GETOPT_VERSION_OPTION_DECL},
-@@ -58,6 +65,11 @@
- Create the special file NAME of the given TYPE.\n\
- \n\
- "), stdout);
-+#ifdef WITH_SELINUX
-+ fputs(_("\
-+ -Z, --context=CONTEXT set security context (quoted string)\n\
-+"), stdout);
-+#endif
- fputs (_("\
- Mandatory arguments to long options are mandatory for short options too.\n\
- "), stdout);
-@@ -103,7 +115,11 @@
-
- specified_mode = NULL;
-
-+#ifdef WITH_SELINUX
-+ while ((optc = getopt_long (argc, argv, "m:Z:", longopts, NULL)) != -1)
-+#else
- while ((optc = getopt_long (argc, argv, "m:", longopts, NULL)) != -1)
-+#endif
- {
- switch (optc)
- {
-@@ -112,6 +128,19 @@
- case 'm':
- specified_mode = optarg;
- break;
-+#ifdef WITH_SELINUX
-+ case 'Z':
-+ /* politely decline if we're not on a selinux-enabled kernel. */
-+ if( !(is_selinux_enabled()>0)) {
-+ fprintf( stderr, _("Sorry, --context (-Z) can be used only on a SELinux-enabled kernel.\n") );
-+ exit( 1 );
-+ }
-+ if (setfscreatecon(optarg)) {
-+ fprintf( stderr, _("Sorry, cannot set default context to %s.\n"), optarg);
-+ exit( 1 );
-+ }
-+ break;
-+#endif
- case_GETOPT_HELP_CHAR;
- case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
- default:
---- coreutils-5.2.1/src/mkfifo.c.selinux 2004-01-21 17:27:02.000000000 -0500
-+++ coreutils-5.2.1/src/mkfifo.c 2004-03-16 14:25:05.682501648 -0500
-@@ -32,11 +32,18 @@
-
- #define AUTHORS "David MacKenzie"
-
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h> /* for is_selinux_enabled() */
-+#endif
-+
- /* The name this program was run with. */
- char *program_name;
-
- static struct option const longopts[] =
- {
-+#ifdef WITH_SELINUX
-+ {"context", required_argument, NULL, 'Z'},
-+#endif
- {"mode", required_argument, NULL, 'm'},
- {GETOPT_HELP_OPTION_DECL},
- {GETOPT_VERSION_OPTION_DECL},
-@@ -57,6 +64,11 @@
- Create named pipes (FIFOs) with the given NAMEs.\n\
- \n\
- "), stdout);
-+#ifdef WITH_SELINUX
-+ printf (_("\
-+ -Z, --context=CONTEXT set security context (quoted string)\n\
-+"), stdout);
-+#endif
- fputs (_("\
- Mandatory arguments to long options are mandatory for short options too.\n\
- "), stdout);
-@@ -93,7 +105,11 @@
- #ifndef S_ISFIFO
- error (EXIT_FAILURE, 0, _("fifo files not supported"));
- #else
-+#ifdef WITH_SELINUX
-+ while ((optc = getopt_long (argc, argv, "m:Z:", longopts, NULL)) != -1)
-+#else
- while ((optc = getopt_long (argc, argv, "m:", longopts, NULL)) != -1)
-+#endif
- {
- switch (optc)
- {
-@@ -102,6 +118,18 @@
- case 'm':
- specified_mode = optarg;
- break;
-+#ifdef WITH_SELINUX
-+ case 'Z':
-+ if( !(is_selinux_enabled()>0)) {
-+ fprintf( stderr, _("Sorry, --context (-Z) can be used only on a SELinux-enabled kernel.\n") );
-+ exit( 1 );
-+ }
-+ if (setfscreatecon(optarg)) {
-+ fprintf( stderr, _("Sorry, cannot set default context to %s.\n"), optarg);
-+ exit( 1 );
-+ }
-+ break;
-+#endif
- case_GETOPT_HELP_CHAR;
- case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
- default:
---- coreutils-5.2.1/src/Makefile.am.selinux 2004-03-16 14:25:05.455536152 -0500
-+++ coreutils-5.2.1/src/Makefile.am 2004-03-16 14:25:05.684501344 -0500
-@@ -3,13 +3,13 @@
- EXTRA_PROGRAMS = chroot df hostid nice pinky stty su uname uptime users who
-
- bin_SCRIPTS = groups
--bin_PROGRAMS = [ chgrp chown chmod cp dd dircolors du \
-+bin_PROGRAMS = [ chgrp chown chmod chcon cp dd dircolors du \
- ginstall link ln dir vdir ls mkdir \
- mkfifo mknod mv nohup readlink rm rmdir shred stat sync touch unlink \
- cat cksum comm csplit cut expand fmt fold head join md5sum \
- nl od paste pr ptx sha1sum sort split sum tac tail tr tsort unexpand uniq wc \
- basename date dirname echo env expr factor false getgid \
-- hostname id kill logname pathchk printenv printf pwd seq sleep tee \
-+ hostname id kill logname pathchk printenv printf pwd runcon seq sleep tee \
- test true tty whoami yes \
- $(OPTIONAL_BIN_PROGS) $(DF_PROG)
-
-@@ -32,13 +32,20 @@
- # replacement functions defined in libfetish.a.
- LDADD = ../lib/libfetish.a $(LIBINTL) ../lib/libfetish.a
-
--dir_LDADD = $(LDADD) $(LIB_CLOCK_GETTIME) @LIBACL@
--ls_LDADD = $(LDADD) $(LIB_CLOCK_GETTIME) @LIBACL@
-+dir_LDADD = $(LDADD) $(LIB_CLOCK_GETTIME) @LIBACL@ @LIB_SELINUX@
-+ls_LDADD = $(LDADD) $(LIB_CLOCK_GETTIME) @LIBACL@ @LIB_SELINUX@
- shred_LDADD = $(LDADD) $(LIB_CLOCK_GETTIME)
--vdir_LDADD = $(LDADD) $(LIB_CLOCK_GETTIME) @LIBACL@
--cp_LDADD = $(LDADD) @LIBACL@
--ginstall_LDADD = $(LDADD) @LIBACL@
--mv_LDADD = $(LDADD) @LIBACL@
-+vdir_LDADD = $(LDADD) $(LIB_CLOCK_GETTIME) @LIBACL@ @LIB_SELINUX@
-+cp_LDADD = $(LDADD) @LIBACL@ @LIB_SELINUX@
-+ginstall_LDADD = $(LDADD) @LIBACL@ @LIB_SELINUX@
-+mv_LDADD = $(LDADD) @LIBACL@ @LIB_SELINUX@
-+chcon_LDADD = $(LDADD) @LIB_SELINUX@
-+id_LDADD = $(LDADD) @LIB_SELINUX@
-+mkdir_LDADD = $(LDADD) @LIB_SELINUX@
-+mkfifo_LDADD = $(LDADD) @LIB_SELINUX@
-+mknod_LDADD = $(LDADD) @LIB_SELINUX@
-+stat_LDADD = $(LDADD) @LIB_SELINUX@
-+runcon_LDADD = $(LDADD) @LIB_SELINUX@
-
- ## If necessary, add -lm to resolve use of pow in lib/strtod.c.
- sort_LDADD = $(LDADD) $(POW_LIB)
---- /dev/null 2004-02-23 16:02:56.000000000 -0500
-+++ coreutils-5.2.1/src/chcon.c 2004-03-16 14:25:05.688500736 -0500
-@@ -0,0 +1,423 @@
-+/* chcontext -- change security context of a pathname */
-+
-+#include <config.h>
-+#include <stdio.h>
-+#include <sys/types.h>
-+#include <grp.h>
-+#include <getopt.h>
-+#include <selinux/selinux.h>
-+#include <selinux/context.h>
-+
-+#include "system.h"
-+#include "error.h"
-+#include "savedir.h"
-+#include "group-member.h"
-+
-+enum Change_status
-+{
-+ CH_SUCCEEDED,
-+ CH_FAILED,
-+ CH_NO_CHANGE_REQUESTED
-+};
++/* Recursively change context of the files in directory DIR
++ using specified context components.
++ STATP points to the results of lstat on DIR.
++ Return 0 if successful, 1 if errors occurred. */
+
-+enum Verbosity
++static int
++change_dir_context (const char *dir, const struct stat *statp)
+{
-+ /* Print a message for each file that is processed. */
-+ V_high,
-+
-+ /* Print a message for each file whose attributes we change. */
-+ V_changes_only,
-+
-+ /* Do not be verbose. This is the default. */
-+ V_off
-+};
-+
-+static int change_dir_context (const char *dir, const struct stat *statp);
-+
-+/* The name the program was run with. */
-+char *program_name;
-+
-+/* If nonzero, and the systems has support for it, change the context
-+ of symbolic links rather than any files they point to. */
-+static int change_symlinks;
-+
-+/* If nonzero, change the context of directories recursively. */
-+static int recurse;
-+
-+/* If nonzero, force silence (no error messages). */
-+static int force_silent;
-+
-+/* Level of verbosity. */
-+static enum Verbosity verbosity = V_off;
-+
-+/* The name of the context file is being given. */
-+static const char *specified_context;
-+
-+/* Specific components of the context */
-+static const char *specified_user;
-+static const char *specified_role;
-+static const char *specified_range;
-+static const char *specified_type;
-+
-+/* The argument to the --reference option. Use the context of this file.
-+ This file must exist. */
-+static char *reference_file;
-+
-+/* If nonzero, display usage information and exit. */
-+static int show_help;
++ char *name_space, *namep;
++ char *path; /* Full path of each entry to process. */
++ unsigned dirlength; /* Length of `dir' and '\0'. */
++ unsigned filelength; /* Length of each pathname to process. */
++ unsigned pathlength; /* Bytes allocated for `path'. */
++ int errors = 0;
+
-+/* If nonzero, print the version on standard output and exit. */
-+static int show_version;
++ errno = 0;
++ name_space = savedir (dir);
++ if (name_space == NULL)
++ {
++ if (errno)
++ {
++ if (force_silent == 0)
++ error (0, errno, "%s", dir);
++ return 1;
++ }
++ else
++ error (1, 0, _("virtual memory exhausted"));
++ }
+
-+static struct option const long_options[] =
-+{
-+ {"recursive", no_argument, 0, 'R'},
-+ {"changes", no_argument, 0, 'c'},
-+ {"no-dereference", no_argument, 0, 'h'},
-+ {"silent", no_argument, 0, 'f'},
-+ {"quiet", no_argument, 0, 'f'},
-+ {"reference", required_argument, 0, CHAR_MAX + 1},
-+ {"context", required_argument, 0, CHAR_MAX + 2},
-+ {"user", required_argument, 0, 'u'},
-+ {"role", required_argument, 0, 'r'},
-+ {"type", required_argument, 0, 't'},
-+ {"range", required_argument, 0, 'l'},
-+ {"verbose", no_argument, 0, 'v'},
-+ {"help", no_argument, &show_help, 1},
-+ {"version", no_argument, &show_version, 1},
-+ {0, 0, 0, 0}
-+};
++ dirlength = strlen (dir) + 1; /* + 1 is for the trailing '/'. */
++ pathlength = dirlength + 1;
++ /* Give `path' a dummy value; it will be reallocated before first use. */
++ path = xmalloc (pathlength);
++ strcpy (path, dir);
++ path[dirlength - 1] = '/';
+
-+/* Tell the user how/if the context of FILE has been changed.
-+ CHANGED describes what (if anything) has happened. */
++ for (namep = name_space; *namep; namep += filelength - dirlength)
++ {
++ filelength = dirlength + strlen (namep) + 1;
++ if (filelength > pathlength)
++ {
++ pathlength = filelength * 2;
++ path = xrealloc (path, pathlength);
++ }
++ strcpy (path + dirlength, namep);
++ errors |= change_file_context (path);
++ }
++ free (path);
++ free (name_space);
++ return errors;
++}
+
+static void
-+describe_change (const char *file, security_context_t newcontext, enum Change_status changed)
++usage (int status)
+{
-+ const char *fmt;
-+ switch (changed)
-+ {
-+ case CH_SUCCEEDED:
-+ fmt = _("context of %s changed to %s\n");
-+ break;
-+ case CH_FAILED:
-+ fmt = _("failed to change context of %s to %s\n");
-+ break;
-+ case CH_NO_CHANGE_REQUESTED:
-+ fmt = _("context of %s retained as %s\n");
-+ break;
-+ default:
-+ abort ();
-+ }
-+ printf (fmt, file, newcontext);
-+}
-+
-+static int
-+compute_context_from_mask (security_context_t context, context_t *ret)
-+{
-+ context_t newcontext = context_new (context);
-+ if (!newcontext)
-+ return 1;
-+#define SETCOMPONENT(comp) \
-+ do { \
-+ if (specified_ ## comp) \
-+ if (context_ ## comp ## _set (newcontext, specified_ ## comp)) \
-+ goto lose; \
-+ } while (0)
-+
-+ SETCOMPONENT(user);
-+ SETCOMPONENT(range);
-+ SETCOMPONENT(role);
-+ SETCOMPONENT(type);
-+#undef SETCOMPONENT
-+
-+ *ret = newcontext;
-+ return 0;
-+ lose:
-+ context_free (newcontext);
-+ return 1;
-+}
-+
-+/* Change the context of FILE, using specified components.
-+ If it is a directory and -R is given, recurse.
-+ Return 0 if successful, 1 if errors occurred. */
-+
-+static int
-+change_file_context (const char *file)
-+{
-+ struct stat file_stats;
-+ security_context_t file_context=NULL;
-+ context_t context;
-+ security_context_t context_string;
-+ int errors = 0;
-+ int status = 0;
-+
-+ if (change_symlinks)
-+ status = lgetfilecon(file, &file_context);
-+ else
-+ status = getfilecon(file, &file_context);
-+
-+ if ((status < 0) && (errno != ENODATA))
-+ {
-+ if (force_silent == 0)
-+ error (0, errno, "%s", file);
-+ return 1;
-+ }
-+
-+ /* If the file doesn't have a context, and we're not setting all of
-+ the context components, there isn't really an obvious default.
-+ Thus, we just give up. */
-+ if (file_context == NULL && specified_context == NULL)
-+ {
-+ error (0, 0, _("can't apply partial context to unlabeled file %s"), file);
-+ return 1;
-+ }
-+
-+ if (specified_context == NULL)
-+ {
-+ if (compute_context_from_mask (file_context, &context))
-+ {
-+ error (0, 0, _("couldn't compute security context from %s"), file_context);
-+ return 1;
-+ }
-+ }
-+ else
-+ {
-+ context = context_new (specified_context);
-+ if (!context)
-+ error (1, 0,_("invalid context: %s"),specified_context);
-+ }
-+
-+ context_string = context_str (context);
-+
-+ if (file_context == NULL || strcmp(context_string,file_context)!=0)
-+ {
-+ int fail;
-+
-+ if (change_symlinks)
-+ fail = lsetfilecon (file, context_string);
-+ else
-+ fail = setfilecon (file, context_string);
-+
-+ if (verbosity == V_high || (verbosity == V_changes_only && !fail))
-+ describe_change (file, context_string, (fail ? CH_FAILED : CH_SUCCEEDED));
-+
-+ if (fail)
-+ {
-+ errors = 1;
-+ if (force_silent == 0)
-+ {
-+ error (0, errno, _("failed to change context of %s to %s"), file, context_string);
-+ }
-+ }
-+ }
-+ else if (verbosity == V_high)
-+ {
-+ describe_change (file, context_string, CH_NO_CHANGE_REQUESTED);
-+ }
-+
-+ context_free(context);
-+ freecon(file_context);
-+
-+ if (recurse) {
-+ if (lstat(file, &file_stats)==0)
-+ if (S_ISDIR (file_stats.st_mode) &&
-+ (strcmp(file,"..") !=0) &&
-+ (strcmp(file,".") !=0))
-+ errors |= change_dir_context (file, &file_stats);
-+ }
-+ return errors;
-+}
-+
-+/* Recursively change context of the files in directory DIR
-+ using specified context components.
-+ STATP points to the results of lstat on DIR.
-+ Return 0 if successful, 1 if errors occurred. */
-+
-+static int
-+change_dir_context (const char *dir, const struct stat *statp)
-+{
-+ char *name_space, *namep;
-+ char *path; /* Full path of each entry to process. */
-+ unsigned dirlength; /* Length of `dir' and '\0'. */
-+ unsigned filelength; /* Length of each pathname to process. */
-+ unsigned pathlength; /* Bytes allocated for `path'. */
-+ int errors = 0;
-+
-+ errno = 0;
-+ name_space = savedir (dir);
-+ if (name_space == NULL)
-+ {
-+ if (errno)
-+ {
-+ if (force_silent == 0)
-+ error (0, errno, "%s", dir);
-+ return 1;
-+ }
-+ else
-+ error (1, 0, _("virtual memory exhausted"));
-+ }
-+
-+ dirlength = strlen (dir) + 1; /* + 1 is for the trailing '/'. */
-+ pathlength = dirlength + 1;
-+ /* Give `path' a dummy value; it will be reallocated before first use. */
-+ path = xmalloc (pathlength);
-+ strcpy (path, dir);
-+ path[dirlength - 1] = '/';
-+
-+ for (namep = name_space; *namep; namep += filelength - dirlength)
-+ {
-+ filelength = dirlength + strlen (namep) + 1;
-+ if (filelength > pathlength)
-+ {
-+ pathlength = filelength * 2;
-+ path = xrealloc (path, pathlength);
-+ }
-+ strcpy (path + dirlength, namep);
-+ errors |= change_file_context (path);
-+ }
-+ free (path);
-+ free (name_space);
-+ return errors;
-+}
-+
-+static void
-+usage (int status)
-+{
-+ if (status != 0)
-+ fprintf (stderr, _("Try `%s --help' for more information.\n"),
-+ program_name);
-+ else
++ if (status != 0)
++ fprintf (stderr, _("Try `%s --help' for more information.\n"),
++ program_name);
++ else
+ {
+ printf (_("\
+Usage: %s [OPTION]... CONTEXT FILE...\n\
+ {
+ if (getfilecon (reference_file, &ref_context)<0)
+ error (1, errno, "%s", reference_file);
-+
-+ specified_context = ref_context;
-+ }
-+ else if (!component_specified) {
-+ specified_context = argv[optind++];
-+ }
-+ for (; optind < argc; ++optind)
-+ errors |= change_file_context (argv[optind]);
-+
-+ if (verbosity != V_off)
-+ close_stdout ();
-+ if (ref_context != NULL)
-+ freecon(ref_context);
-+ exit (errors);
-+}
---- coreutils-5.2.1/src/copy.c.selinux 2004-03-16 14:25:05.417541928 -0500
-+++ coreutils-5.2.1/src/copy.c 2004-03-16 14:25:56.729741288 -0500
-@@ -42,6 +42,11 @@
- #include "utimens.h"
- #include "xreadlink.h"
-
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h> /* for is_selinux_enabled() */
-+extern int selinux_enabled;
-+#endif
-+
- #define DO_CHOWN(Chown, File, New_uid, New_gid) \
- (Chown (File, New_uid, New_gid) \
- /* If non-root uses -p, it's ok if we can't preserve ownership. \
-@@ -1288,6 +1293,34 @@
- In such cases, set this variable to zero. */
- preserve_metadata = 1;
-
-+#ifdef WITH_SELINUX
-+ if (x->preserve_security_context && selinux_enabled)
-+ {
-+ security_context_t con;
-+
-+ if (lgetfilecon (src_path, &con) >= 0)
-+ {
-+ if (setfscreatecon(con) < 0)
-+ {
-+ error (0, errno, _("cannot set setfscreatecon %s"), quote (con));
-+ if (x->require_preserve) {
-+ freecon(con);
-+ return 1;
-+ }
-+ }
-+ freecon(con);
-+ }
-+ else {
-+ if ( errno == ENOTSUP ) {
-+ error (0, errno, _("warning: security context not preserved %s"), quote (src_path));
-+ } else {
-+ error (0, errno, _("cannot lgetfilecon %s"), quote (src_path));
-+ return 1;
-+ }
-+ }
-+ }
-+#endif
-+
- if (S_ISDIR (src_mode))
- {
- struct dir_list *dir;
-@@ -1357,8 +1390,13 @@
- }
-
- /* Are we crossing a file system boundary? */
-- if (x->one_file_system && device != 0 && device != src_sb.st_dev)
-+ if (x->one_file_system && device != 0 && device != src_sb.st_dev) {
-+#ifdef WITH_SELINUX
-+ if (x->preserve_security_context && selinux_enabled)
-+ setfscreatecon(NULL);
-+#endif
- return 0;
-+ }
-
- /* Copy the contents of the directory. */
-
-@@ -1491,6 +1529,11 @@
- }
- }
-
-+#ifdef WITH_SELINUX
-+ if (x->preserve_security_context && selinux_enabled)
-+ setfscreatecon(NULL);
-+#endif
-+
- /* There's no need to preserve timestamps or permissions. */
- preserve_metadata = 0;
-
-@@ -1523,7 +1566,7 @@
- if (command_line_arg)
- record_file (x->dest_info, dst_path, NULL);
-
-- if ( ! preserve_metadata)
-+ if ( ! preserve_metadata)
- return 0;
-
- /* POSIX says that `cp -p' must restore the following:
-@@ -1629,6 +1672,11 @@
-
- un_backup:
-
-+#ifdef WITH_SELINUX
-+ if (x->preserve_security_context && selinux_enabled)
-+ setfscreatecon(NULL);
-+#endif
-+
- /* We have failed to create the destination file.
- If we've just added a dev/ino entry via the remember_copied
- call above (i.e., unless we've just failed to create a hard link),
---- coreutils-5.2.1/src/id.c.selinux 2004-01-21 17:27:02.000000000 -0500
-+++ coreutils-5.2.1/src/id.c 2004-03-16 14:25:05.695499672 -0500
-@@ -45,6 +45,20 @@
-
- int getugroups ();
-
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h>
-+static void print_context (char* context);
-+/* Print the SELinux context */
-+static void
-+print_context(char *context)
-+{
-+ printf ("%s", context);
-+}
-+
-+/* If nonzero, output only the SELinux context. -Z */
-+static int just_context = 0;
-+
-+#endif
- static void print_user (uid_t uid);
- static void print_group (gid_t gid);
- static void print_group_list (const char *username);
-@@ -63,8 +77,14 @@
- /* Nonzero if errors have been encountered. */
- static int problems = 0;
-
-+/* The SELinux context */
-+/* Set `context' to a known invalid value so print_full_info() will *
-+ * know when `context' has not been set to a meaningful value. */
-+static security_context_t context=NULL;
-+
- static struct option const longopts[] =
- {
-+ {"context", no_argument, NULL, 'Z'},
- {"group", no_argument, NULL, 'g'},
- {"groups", no_argument, NULL, 'G'},
- {"name", no_argument, NULL, 'n'},
-@@ -88,6 +108,7 @@
- Print information for USERNAME, or the current user.\n\
- \n\
- -a ignore, for compatibility with other versions\n\
-+ -Z, --context print only the context\n\
- -g, --group print only the effective group ID\n\
- -G, --groups print all group IDs\n\
- -n, --name print a name instead of a number, for -ugG\n\
-@@ -109,6 +130,7 @@
- main (int argc, char **argv)
- {
- int optc;
-+ int selinux_enabled=(is_selinux_enabled()>0);
-
- /* If nonzero, output the list of all group IDs. -G */
- int just_group_list = 0;
-@@ -127,7 +149,7 @@
-
- atexit (close_stdout);
-
-- while ((optc = getopt_long (argc, argv, "agnruG", longopts, NULL)) != -1)
-+ while ((optc = getopt_long (argc, argv, "agnruGZ", longopts, NULL)) != -1)
- {
- switch (optc)
- {
-@@ -136,6 +158,16 @@
- case 'a':
- /* Ignore -a, for compatibility with SVR4. */
- break;
-+#ifdef WITH_SELINUX
-+ case 'Z':
-+ /* politely decline if we're not on a selinux-enabled kernel. */
-+ if( !selinux_enabled ) {
-+ fprintf( stderr, _("Sorry, --context (-Z) can be used only on a SELinux-enabled kernel.\n") );
-+ exit( 1 );
-+ }
-+ just_context = 1;
-+ break;
-+#endif
- case 'g':
- just_group = 1;
- break;
-@@ -158,8 +192,28 @@
- }
- }
-
-- if (just_user + just_group + just_group_list > 1)
-- error (EXIT_FAILURE, 0, _("cannot print only user and only group"));
-+#ifdef WITH_SELINUX
-+ if (argc - optind == 1)
-+ selinux_enabled = 0;
-+
-+ if( just_context && !selinux_enabled)
-+ error (1, 0, _("\
-+cannot display context when SELinux not enabled or when displaying the id\n\
-+of a different user"));
-+
-+ /* If we are on a selinux-enabled kernel, get our context. *
-+ * Otherwise, leave the context variable alone - it has *
-+ * been initialized known invalid value; if we see this invalid *
-+ * value later, we will know we are on a non-selinux kernel. */
-+ if( selinux_enabled )
-+ {
-+ if (getcon(&context))
-+ error (1, 0, _("can't get process context"));
-+ }
-+#endif
-+
-+ if (just_user + just_group + just_group_list + just_context > 1)
-+ error (EXIT_FAILURE, 0, _("cannot print \"only\" of more than one choice"));
-
- if (just_user + just_group + just_group_list == 0 && (use_real || use_name))
- error (EXIT_FAILURE, 0,
-@@ -190,6 +242,10 @@
- print_group (use_real ? rgid : egid);
- else if (just_group_list)
- print_group_list (argv[optind]);
-+#ifdef WITH_SELINUX
-+ else if (just_context)
-+ print_context (context);
-+#endif
- else
- print_full_info (argv[optind]);
- putchar ('\n');
-@@ -397,4 +453,9 @@
- free (groups);
- }
- #endif /* HAVE_GETGROUPS */
-+#ifdef WITH_SELINUX
-+ if ( context != NULL ) {
-+ printf(_(" context=%s"),context);
-+ }
-+#endif
- }
---- coreutils-5.2.1/src/mv.c.selinux 2004-03-16 14:25:05.401544360 -0500
-+++ coreutils-5.2.1/src/mv.c 2004-03-16 14:25:25.906427144 -0500
-@@ -34,6 +34,11 @@
- #include "quote.h"
- #include "remove.h"
-
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h> /* for is_selinux_enabled() */
-+int selinux_enabled=0;
-+#endif
-+
- /* The official name of this program (e.g., no `g' prefix). */
- #define PROGRAM_NAME "mv"
-
-@@ -124,6 +129,9 @@
- x->preserve_links = 1;
- x->preserve_mode = 1;
- x->preserve_timestamps = 1;
-+#ifdef WITH_SELINUX
-+ x->preserve_security_context = 1;
-+#endif
- x->require_preserve = 0; /* FIXME: maybe make this an option */
- x->recursive = 1;
- x->sparse_mode = SPARSE_AUTO; /* FIXME: maybe make this an option */
-@@ -376,6 +384,10 @@
-
- cp_option_init (&x);
-
-+#ifdef WITH_SELINUX
-+ selinux_enabled= (is_selinux_enabled()>0);
-+#endif
-+
- /* FIXME: consider not calling getenv for SIMPLE_BACKUP_SUFFIX unless
- we'll actually use backup_suffix_string. */
- backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
---- /dev/null 2004-02-23 16:02:56.000000000 -0500
-+++ coreutils-5.2.1/src/runcon.c 2004-03-16 14:25:05.701498760 -0500
-@@ -0,0 +1,174 @@
-+/*
-+ * runcon [ context |
-+ * ( [ -r role ] [-t type] [ -u user ] [ -l levelrange ] )
-+ * command [arg1 [arg2 ...] ]
-+ *
-+ * attempt to run the specified command with the specified context.
-+ *
-+ * -r role : use the current context with the specified role
-+ * -t type : use the current context with the specified type
-+ * -u user : use the current context with the specified user
-+ * -l level : use the current context with the specified level range
-+ *
-+ * Contexts are interpreted as follows:
-+ *
-+ * Number of MLS
-+ * components system?
-+ *
-+ * 1 - type
-+ * 2 - role:type
-+ * 3 Y role:type:range
-+ * 3 N user:role:type
-+ * 4 Y user:role:type:range
-+ * 4 N error
-+ */
-+
-+#include <config.h>
-+#include <unistd.h>
-+#include <stdio.h>
-+#include <getopt.h>
-+#include <selinux/context.h>
-+#include <selinux/selinux.h>
-+#include <errno.h>
-+#include "system.h"
-+extern int errno;
-+
-+/* The name the program was run with. */
-+char *program_name;
-+
-+void
-+usage(char *str)
-+{
-+ printf(_("Usage: %s [OPTION]... command [args]\n"
-+ "Run a program in a different security context.\n\n"
-+ " context Complete security context\n"
-+ " -t type (for same role as parent)\n"
-+ " -u user identity\n"
-+ " -r role\n"
-+ " -l levelrange\n"
-+ " --help display this help and exit\n"),
-+ program_name);
-+ exit(1);
-+}
-+
-+int
-+main(int argc,char **argv,char **envp )
-+{
-+ char *role = 0;
-+ char *range = 0;
-+ char *user = 0;
-+ char *type = 0;
-+ char *context = NULL;
-+ security_context_t cur_context = NULL;
-+
-+ context_t con;
-+
-+ program_name = argv[0];
-+ setlocale (LC_ALL, "");
-+ bindtextdomain (PACKAGE, LOCALEDIR);
-+ textdomain (PACKAGE);
-+
-+ while (1) {
-+ int c;
-+ int this_option_optind = optind ? optind : 1;
-+ int option_index = 0;
-+ static struct option long_options[] = {
-+ { "role", 1, 0, 'r' },
-+ { "type", 1, 0, 't' },
-+ { "user", 1, 0, 'u' },
-+ { "range", 1, 0, 'l' },
-+ { "help", 0, 0, '?' },
-+ { 0, 0, 0, 0 }
-+ };
-+ c = getopt_long(argc, argv, "s:r:t:u:l:?", long_options, &option_index);
-+ if ( c == -1 ) {
-+ break;
-+ }
-+ switch ( c ) {
-+ case 'r':
-+ if ( role ) {
-+ fprintf(stderr,_("multiple roles\n"));
-+ exit(1);
-+ }
-+ role = optarg;
-+ break;
-+ case 't':
-+ if ( type ) {
-+ fprintf(stderr,_("multiple types\n"));
-+ exit(1);
-+ }
-+ type = optarg;
-+ break;
-+ case 'u':
-+ if ( user ) {
-+ fprintf(stderr,_("multiple users\n"));
-+ exit(1);
-+ }
-+ user = optarg;
-+ break;
-+ case 'l':
-+ if ( range ) {
-+ fprintf(stderr,_("multiple levelranges\n"));
-+ exit(1);
-+ }
-+ range = optarg;
-+ break;
-+ default:
-+ fprintf(stderr,_("unrecognised option %c\n"),c);
-+ case '?':
-+ usage(0);
-+ break;
-+ }
-+ }
-+ if ( !(user || role || type || range)) {
-+ if ( optind >= argc ) {
-+ usage(_("must specify -t, -u, -l, -r, or context"));
-+ }
-+ context = argv[optind++];
-+ }
-+
-+ if ( optind >= argc ) {
-+ usage(_("no command found"));
-+ }
-+
-+ if ( context ) {
-+ con = context_new(context);
-+ if (!con) {
-+ fprintf(stderr,_("%s is not a valid context\n"), context);
-+ exit(1);
-+ }
-+ }
-+ else {
-+ getcon(&cur_context);
-+ con = context_new(cur_context);
-+ if (!con) {
-+ fprintf(stderr,_("%s is not a valid context\n"), context);
-+ exit(1);
-+ }
-+ if ( user ) {
-+ context_user_set(con,user);
-+ }
-+ if ( type ) {
-+ context_type_set(con,type);
-+ }
-+ if ( range ) {
-+ context_range_set(con,range);
-+ }
-+ if ( role ) {
-+ context_role_set(con,role);
-+ }
-+ }
-+
-+ if (setexeccon(context_str(con))!=0) {
-+ fprintf(stderr,_("unable to setup security context %s\n"), context_str(con));
-+ exit(1);
-+ }
-+ if (cur_context!=NULL)
-+ freecon(cur_context);
-+
-+ if ( execvp(argv[optind],argv+optind) ) {
-+ perror("execvp");
-+ exit(1);
-+ }
-+ return 1; /* can't reach this statement.... */
-+}
---- coreutils-5.2.1/src/install.c.selinux 2004-03-16 14:25:05.408543296 -0500
-+++ coreutils-5.2.1/src/install.c 2004-03-16 14:25:05.704498304 -0500
-@@ -47,6 +47,11 @@
- # include <sys/wait.h>
- #endif
-
-+#ifdef WITH_SELINUX
-+#include <selinux/selinux.h> /* for is_selinux_enabled() */
-+int selinux_enabled=0;
-+#endif
-+
- struct passwd *getpwnam ();
- struct group *getgrnam ();
-
-@@ -123,11 +128,17 @@
- static struct option const long_options[] =
- {
- {"backup", optional_argument, NULL, 'b'},
-+#ifdef WITH_SELINUX
-+ {"context", required_argument, NULL, 'Z'},
-+#endif
- {"directory", no_argument, NULL, 'd'},
- {"group", required_argument, NULL, 'g'},
- {"mode", required_argument, NULL, 'm'},
- {"owner", required_argument, NULL, 'o'},
- {"preserve-timestamps", no_argument, NULL, 'p'},
-+#ifdef WITH_SELINUX
-+ {"preserve_context", no_argument, NULL, 'P'},
-+#endif
- {"strip", no_argument, NULL, 's'},
- {"suffix", required_argument, NULL, 'S'},
- {"version-control", required_argument, NULL, 'V'}, /* Deprecated. FIXME. */
-@@ -244,6 +255,9 @@
-
- x->update = 0;
- x->verbose = 0;
-+#ifdef WITH_SELINUX
-+ x->preserve_security_context = 0;
-+#endif
- x->dest_info = NULL;
- x->src_info = NULL;
- }
-@@ -261,6 +275,11 @@
- struct cp_options x;
- int n_files;
- char **file;
-+#ifdef WITH_SELINUX
-+ security_context_t scontext = NULL;
-+ /* set iff kernel has extra selinux system calls */
-+ selinux_enabled = (is_selinux_enabled()>0);
-+#endif
-
- initialize_main (&argc, &argv);
- program_name = argv[0];
-@@ -282,7 +301,11 @@
- we'll actually use backup_suffix_string. */
- backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
-
-+#ifdef WITH_SELINUX
-+ while ((optc = getopt_long (argc, argv, "bcCsDdg:m:o:pPvV:S:Z:", long_options,
-+#else
- while ((optc = getopt_long (argc, argv, "bcCsDdg:m:o:pvV:S:", long_options,
-+#endif
- NULL)) != -1)
- {
- switch (optc)
-@@ -335,6 +358,37 @@
- make_backups = 1;
- backup_suffix_string = optarg;
- break;
-+#ifdef WITH_SELINUX
-+ case 'P':
-+ /* politely decline if we're not on a selinux-enabled kernel. */
-+ if( !selinux_enabled ) {
-+ fprintf( stderr, _("Warning: ignoring --preserve_context (-P) because the kernel is not SELinux-enabled.\n") );
-+ break;
-+ }
-+ if ( scontext!=NULL ) { /* scontext could be NULL because of calloc() failure */
-+ (void) fprintf(stderr, _("%s: cannot force target context to '%s' and preserve it\n"), argv[0], scontext);
-+ exit( 1 );
-+ }
-+ x.preserve_security_context = 1;
-+ break ;
-+ case 'Z':
-+ /* politely decline if we're not on a selinux-enabled kernel. */
-+ if( !selinux_enabled) {
-+ fprintf( stderr, _("Warning: ignoring --context (-Z) because the kernel is not SELinux-enabled.\n") );
-+ break;
-+ }
-+ if ( x.preserve_security_context ) {
-+
-+ (void) fprintf(stderr, _("%s: cannot force target context == '%s' and preserve it\n"), argv[0], optarg);
-+ exit( 1 );
-+ }
-+ scontext = optarg;
-+ if (setfscreatecon(scontext)) {
-+ (void) fprintf(stderr, _("%s: cannot setup default context == '%s'\n"), argv[0], scontext);
-+ exit(1);
-+ }
-+ break;
-+#endif
- case_GETOPT_HELP_CHAR;
- case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
- default:
-@@ -716,6 +770,11 @@
- -S, --suffix=SUFFIX override the usual backup suffix\n\
- -v, --verbose print the name of each directory as it is created\n\
- "), stdout);
-+ fputs (_("\
-+ -P, --preserve_context (SELinux) Preserve security context\n\
-+ -Z, --context=CONTEXT (SELinux) Set security context of files and directories\n\
-+"), stdout);
-+
- fputs (HELP_OPTION_DESCRIPTION, stdout);
- fputs (VERSION_OPTION_DESCRIPTION, stdout);
- fputs (_("\
---- coreutils-5.0/po/POTFILES.in.orig 2003-12-29 00:25:44.000000000 +0100
-+++ coreutils-5.0/po/POTFILES.in 2003-12-29 00:27:23.176769816 +0100
-@@ -22,6 +22,7 @@
-
- src/basename.c
- src/cat.c
-+src/chcon.c
- src/chgrp.c
- src/chmod.c
- src/chown-core.c
-@@ -79,6 +80,7 @@
- src/remove.c
- src/rm.c
- src/rmdir.c
-+src/runcon.c
- src/seq.c
- src/shred.c
- src/sleep.c
---- coreutils-5.2.1/po/pl.po.orig Wed Apr 28 14:28:18 2004
-+++ coreutils-5.2.1/po/pl.po Wed Apr 28 15:15:40 2004
-@@ -158,12 +158,12 @@
- msgid "failed to return to initial working directory"
- msgstr "nie uda³o siê wróciæ do pocz±tkowego katalogu roboczego"
-
--#: lib/makepath.c:152 src/copy.c:1343 src/mkdir.c:171
-+#: lib/makepath.c:152 src/copy.c:1351 src/mkdir.c:200
- #, c-format
- msgid "cannot create directory %s"
- msgstr "nie mo¿na utworzyæ katalogu %s"
-
--#: lib/makepath.c:158 lib/makepath.c:400 src/cp.c:435 src/cp.c:457
-+#: lib/makepath.c:158 lib/makepath.c:400 src/cp.c:505 src/cp.c:527
- #, c-format
- msgid "%s exists but is not a directory"
- msgstr "%s istnieje, ale nie jest katalogiem"
-@@ -178,7 +178,7 @@
- msgid "cannot chdir to directory %s"
- msgstr "nie mo¿na przej¶æ do katalogu %s"
-
--#: lib/makepath.c:371 lib/makepath.c:386 lib/makepath.c:425 src/install.c:474
-+#: lib/makepath.c:371 lib/makepath.c:386 lib/makepath.c:425 src/install.c:616
- #, c-format
- msgid "cannot change permissions of %s"
- msgstr "nie mo¿na zmieniæ uprawnieñ do %s"
-@@ -390,25 +390,25 @@
- msgid "The strings compared were %s and %s."
- msgstr "Porównywane ³añcuchy znaków do %s i %s."
-
--#: src/basename.c:49 src/cat.c:87 src/chgrp.c:115 src/chmod.c:266
--#: src/chown.c:90 src/chroot.c:41 src/cksum.c:277 src/comm.c:68 src/cp.c:154
--#: src/csplit.c:1401 src/cut.c:178 src/date.c:114 src/dd.c:283 src/df.c:723
--#: src/dircolors.c:100 src/dirname.c:41 src/du.c:163 src/echo.c:72
--#: src/env.c:114 src/expand.c:104 src/expr.c:98 src/factor.c:69 src/fmt.c:267
--#: src/fold.c:62 src/head.c:109 src/hostid.c:42 src/hostname.c:62 src/id.c:82
--#: src/install.c:588 src/join.c:154 src/kill.c:90 src/link.c:47 src/ln.c:341
--#: src/logname.c:44 src/ls.c:3901 src/md5sum.c:120 src/mkdir.c:57
--#: src/mkfifo.c:51 src/mknod.c:51 src/mv.c:301 src/nice.c:65 src/nl.c:172
--#: src/nohup.c:50 src/od.c:282 src/paste.c:392 src/pathchk.c:136
--#: src/pinky.c:464 src/pr.c:2748 src/printenv.c:62 src/printf.c:91
--#: src/ptx.c:1870 src/pwd.c:41 src/readlink.c:63 src/rm.c:103 src/rmdir.c:143
--#: src/seq.c:78 src/setuidgid.c:46 src/shred.c:155 src/sleep.c:48
--#: src/sort.c:272 src/split.c:96 src/stat.c:697 src/stty.c:485 src/su.c:432
--#: src/sum.c:55 src/sync.c:40 src/tac.c:122 src/tail.c:234 src/tee.c:58
--#: src/test.c:971 src/touch.c:244 src/tr.c:316 src/tsort.c:92 src/tty.c:64
--#: src/uname.c:105 src/unexpand.c:373 src/uniq.c:130 src/unlink.c:47
--#: src/uptime.c:189 src/users.c:115 src/wc.c:131 src/who.c:616 src/whoami.c:49
--#: src/yes.c:42
-+#: src/basename.c:49 src/cat.c:87 src/chcon.c:288 src/chgrp.c:115
-+#: src/chmod.c:266 src/chown.c:90 src/chroot.c:41 src/cksum.c:277
-+#: src/comm.c:68 src/cp.c:163 src/csplit.c:1401 src/cut.c:178 src/date.c:114
-+#: src/dd.c:283 src/df.c:723 src/dircolors.c:100 src/dirname.c:41 src/du.c:163
-+#: src/echo.c:72 src/env.c:114 src/expand.c:104 src/expr.c:98 src/factor.c:69
-+#: src/fmt.c:267 src/fold.c:62 src/head.c:109 src/hostid.c:42
-+#: src/hostname.c:62 src/id.c:102 src/install.c:730 src/join.c:154
-+#: src/kill.c:90 src/link.c:47 src/ln.c:341 src/logname.c:44 src/ls.c:4013
-+#: src/md5sum.c:120 src/mkdir.c:64 src/mkfifo.c:58 src/mknod.c:58 src/mv.c:303
-+#: src/nice.c:65 src/nl.c:172 src/nohup.c:50 src/od.c:282 src/paste.c:392
-+#: src/pathchk.c:136 src/pinky.c:464 src/pr.c:2748 src/printenv.c:62
-+#: src/printf.c:91 src/ptx.c:1870 src/pwd.c:41 src/readlink.c:63 src/rm.c:103
-+#: src/rmdir.c:143 src/seq.c:78 src/setuidgid.c:46 src/shred.c:155
-+#: src/sleep.c:48 src/sort.c:272 src/split.c:96 src/stat.c:777 src/stty.c:485
-+#: src/su.c:610 src/sum.c:55 src/sync.c:40 src/tac.c:122 src/tail.c:234
-+#: src/tee.c:58 src/test.c:971 src/touch.c:244 src/tr.c:316 src/tsort.c:92
-+#: src/tty.c:64 src/uname.c:107 src/unexpand.c:373 src/uniq.c:130
-+#: src/unlink.c:47 src/uptime.c:189 src/users.c:115 src/wc.c:131 src/who.c:616
-+#: src/whoami.c:49 src/yes.c:42
- #, c-format
- msgid "Try `%s --help' for more information.\n"
- msgstr "Spróbuj `%s --help' dla uzyskania informacji.\n"
-@@ -433,22 +433,22 @@
- "\n"
-
- #: src/basename.c:65 src/cat.c:123 src/chgrp.c:163 src/chmod.c:298
--#: src/chown.c:152 src/chroot.c:59 src/cksum.c:292 src/comm.c:93 src/cp.c:251
-+#: src/chown.c:152 src/chroot.c:59 src/cksum.c:292 src/comm.c:93 src/cp.c:264
- #: src/csplit.c:1443 src/cut.c:223 src/date.c:216 src/dd.c:341 src/df.c:762
- #: src/dircolors.c:121 src/dirname.c:57 src/du.c:216 src/echo.c:104
- #: src/env.c:133 src/expand.c:129 src/expr.c:161 src/factor.c:89
- #: src/false.c:43 src/fmt.c:297 src/fold.c:85 src/head.c:144 src/hostid.c:55
--#: src/hostname.c:75 src/id.c:103 src/install.c:643 src/join.c:195
--#: src/kill.c:120 src/link.c:59 src/ln.c:398 src/logname.c:55 src/ls.c:4035
--#: src/md5sum.c:156 src/mkdir.c:76 src/mkfifo.c:68 src/mknod.c:82 src/mv.c:355
-+#: src/hostname.c:75 src/id.c:124 src/install.c:793 src/join.c:195
-+#: src/kill.c:120 src/link.c:59 src/ln.c:398 src/logname.c:55 src/ls.c:4157
-+#: src/md5sum.c:156 src/mkdir.c:88 src/mkfifo.c:80 src/mknod.c:94 src/mv.c:357
- #: src/nice.c:79 src/nl.c:227 src/nohup.c:66 src/od.c:369 src/paste.c:416
- #: src/pathchk.c:148 src/pinky.c:491 src/pr.c:2860 src/printenv.c:75
- #: src/printf.c:140 src/ptx.c:1917 src/pwd.c:52 src/readlink.c:80 src/rm.c:141
- #: src/rmdir.c:163 src/seq.c:106 src/setuidgid.c:66 src/shred.c:219
--#: src/sleep.c:64 src/sort.c:343 src/split.c:129 src/stat.c:768 src/stty.c:699
--#: src/su.c:453 src/sum.c:75 src/sync.c:51 src/tac.c:145 src/tail.c:304
-+#: src/sleep.c:64 src/sort.c:343 src/split.c:129 src/stat.c:850 src/stty.c:699
-+#: src/su.c:631 src/sum.c:75 src/sync.c:51 src/tac.c:145 src/tail.c:304
- #: src/tee.c:71 src/test.c:1050 src/touch.c:275 src/tr.c:389 src/true.c:43
--#: src/tsort.c:104 src/tty.c:76 src/uname.c:127 src/unexpand.c:397
-+#: src/tsort.c:104 src/tty.c:76 src/uname.c:129 src/unexpand.c:397
- #: src/uniq.c:169 src/unlink.c:58 src/uptime.c:204 src/users.c:128
- #: src/wc.c:153 src/who.c:657 src/whoami.c:61 src/yes.c:58
- #, c-format
-@@ -459,19 +459,20 @@
- "\n"
- "Raporty o b³êdach wysy³aj do %s .\n"
-
--#: src/basename.c:114 src/chgrp.c:246 src/chmod.c:395 src/chown.c:264
--#: src/chroot.c:80 src/comm.c:288 src/csplit.c:1373 src/dirname.c:89
--#: src/expr.c:199 src/install.c:281 src/link.c:88 src/mkdir.c:125
--#: src/mkfifo.c:114 src/mknod.c:138 src/nohup.c:100 src/pathchk.c:189
--#: src/readlink.c:128 src/rm.c:231 src/rmdir.c:208 src/seq.c:374
--#: src/setuidgid.c:99 src/sleep.c:140 src/stat.c:825 src/unlink.c:89
-+#: src/basename.c:114 src/chcon.c:401 src/chgrp.c:246 src/chmod.c:395
-+#: src/chown.c:264 src/chroot.c:80 src/comm.c:288 src/csplit.c:1373
-+#: src/dirname.c:89 src/expr.c:199 src/install.c:417 src/link.c:88
-+#: src/mkdir.c:154 src/mkfifo.c:142 src/mknod.c:167 src/nohup.c:100
-+#: src/pathchk.c:189 src/readlink.c:128 src/rm.c:231 src/rmdir.c:208
-+#: src/seq.c:374 src/setuidgid.c:99 src/sleep.c:140 src/stat.c:916
-+#: src/unlink.c:89
- msgid "too few arguments"
- msgstr "za ma³o argumentów"
-
- #: src/basename.c:115 src/dircolors.c:475 src/dirname.c:90 src/hostid.c:78
--#: src/hostname.c:122 src/link.c:94 src/logname.c:91 src/mknod.c:140
-+#: src/hostname.c:122 src/link.c:94 src/logname.c:91 src/mknod.c:169
- #: src/readlink.c:136 src/seq.c:380 src/split.c:533 src/tr.c:1842
--#: src/uname.c:215 src/unlink.c:95 src/uptime.c:247 src/users.c:171
-+#: src/uname.c:217 src/unlink.c:95 src/uptime.c:247 src/users.c:171
- #: src/who.c:805
- msgid "too many arguments"
- msgstr "za du¿o argumentów"
-@@ -554,6 +555,95 @@
- msgid "closing standard output"
- msgstr "zamkniêcie standardowego wyj¶cia"
-
-+#: src/chcon.c:101
-+#, c-format
-+msgid "context of %s changed to %s\n"
-+msgstr "kontekst %s zmieniony na %s\n"
-+
-+#: src/chcon.c:104
-+#, c-format
-+msgid "failed to change context of %s to %s\n"
-+msgstr "nie mo¿na zmieniæ kontekstu %s na %s\n"
-+
-+#: src/chcon.c:107
-+#, c-format
-+msgid "context of %s retained as %s\n"
-+msgstr "kontekst %s zachowany jako %s\n"
-+
-+#: src/chcon.c:172
-+#, c-format
-+msgid "can't apply partial context to unlabeled file %s"
-+msgstr "nie mo¿na zastosowaæ czê¶ciowego kontekstu na nieoznakowanym pliku %s"
-+
-+#: src/chcon.c:180
-+#, c-format
-+msgid "couldn't compute security context from %s"
-+msgstr "nie mo¿na obliczyæ kontekstu bezpieczeñstwa z %s"
-+
-+#: src/chcon.c:188
-+#, c-format
-+msgid "invalid context: %s"
-+msgstr "b³êdny kontekst: %s"
-+
-+#: src/chcon.c:210
-+#, c-format
-+msgid "failed to change context of %s to %s"
-+msgstr "nie mo¿na zmieniæ kontekstu %s na %s"
-+
-+#: src/chcon.c:258
-+msgid "virtual memory exhausted"
-+msgstr "pamiêæ wirtualna wyczerpana"
-+
-+#: src/chcon.c:292
-+#, c-format
-+msgid ""
-+"Usage: %s [OPTION]... CONTEXT FILE...\n"
-+" or: %s [OPTION]... [-u USER] [-r ROLE] [-l RANGE] [-t TYPE] FILE...\n"
-+" or: %s [OPTION]... --reference=RFILE FILE...\n"
-+msgstr ""
-+"Sk³adnia: %s [OPCJA]... KONTEKST PLIK...\n"
-+" albo: %s [OPCJA]... [-u U¯YTKOWNIK] [-r ROLA] [-l ZAKRES] [-t TYP] PLIK...\n"
-+" albo: %s [OPCJA]... --reference=PLIK_WZ PLIK...\n"
-+
-+#: src/chcon.c:298
-+#, c-format
-+msgid ""
-+"Change the security context of each FILE to CONTEXT.\n"
-+"\n"
-+" -c, --changes like verbose but report only when a change is made\n"
-+" -h, --no-dereference affect symbolic links instead of any referenced file\n"
-+" (available only on systems with lchown system call)\n"
-+" -f, --silent, --quiet suppress most error messages\n"
-+" --reference=RFILE use RFILE's group instead of using a CONTEXT value\n"
-+" -u, --user=USER set user USER in the target security context\n"
-+" -r, --role=ROLE set role ROLE in the target security context\n"
-+" -t, --type=TYPE set type TYPE in the target security context\n"
-+" -l, --range=RANGE set range RANGE in the target security context\n"
-+" -R, --recursive change files and directories recursively\n"
-+" -v, --verbose output a diagnostic for every file processed\n"
-+" --help display this help and exit\n"
-+" --version output version information and exit\n"
-+msgstr ""
-+"Zmiana kontekstu bezpieczeñstwa ka¿dego PLIKU na KONTEKST.\n"
-+"\n"
-+" -c, --changes jak verbose, ale raportowanie tylko wykonanych zmian\n"
-+" -h, --no-dereference zmiana dowi±zañ symbolicznych zamiast wskazywanych\n"
-+" plików (dostêpne tylko na systemach z lchown)\n"
-+" -f, --silent, --quiet pominiêcie wiêkszo¶ci komunikatów o b³êdach\n"
-+" --reference=PLIK u¿ycie grupy PLIKU zamiast warto¶ci KONTEKSTU\n"
-+" -u, --user=U¯YTKOWNIK ustawienie U¯YTKOWNIK w kontek¶cie bezpieczeñstwa\n"
-+" -r, --role=ROLA ustawienie ROLI w kontek¶cie bezpieczeñstwa\n"
-+" -t, --type=TYP ustawienie TYPU w kontek¶cie bezpieczeñstwa\n"
-+" -l, --range=ZAKRES ustawienie ZAKRESU w kontek¶cie bezpieczeñstwa\n"
-+" -R, --recursive zmiana plików i katalogów rekursywnie\n"
-+" -v, --verbose wypisywanie diagnostyki dla ka¿dego pliku\n"
-+" --help wy¶wietlenie tego opisu i zakoñczenie\n"
-+" --version wy¶wietlenie informacji o wersji i zakoñczenie\n"
-+
-+#: src/chcon.c:393
-+msgid "conflicting security context specifiers given"
-+msgstr "konflikt miêdzy podanymi okre¶leniami kontekstu bezpieczeñstwa"
-+
- #: src/chgrp.c:86
- msgid "cannot change to null group"
- msgstr "nie mo¿na zmieniæ grupy na pust±"
-@@ -658,7 +748,8 @@
- "\n"
-
- #: src/chgrp.c:254 src/chmod.c:408 src/chmod.c:416 src/chown.c:272
--#: src/chown.c:299 src/cp.c:296 src/rm.c:241 src/touch.c:164 src/touch.c:366
-+#: src/chown.c:299 src/cp.c:309 src/cp.c:445 src/cp.c:469 src/rm.c:241
-+#: src/touch.c:164 src/touch.c:366
- #, c-format
- msgid "failed to get attributes of %s"
- msgstr "nie uda³o siê odczytaæ atrybutów %s"
-@@ -683,7 +774,7 @@
- msgid "mode of %s retained as %04lo (%s)\n"
- msgstr "uprawnienia do %s zachowane jako %04lo (%s)\n"
-
--#: src/chmod.c:167 src/chown-core.c:189 src/copy.c:158 src/du.c:341
-+#: src/chmod.c:167 src/chown-core.c:189 src/copy.c:143 src/du.c:341
- #, c-format
- msgid "cannot access %s"
- msgstr "nie ma dostêpu do %s"
-@@ -991,250 +1082,266 @@
- " -2 bez pokazania linii, które s± tylko w PLIKU2\n"
- " -3 bez pokazania linii, które s± w obu plikach\n"
-
--#: src/copy.c:222 src/fmt.c:435 src/head.c:866 src/tail.c:1268
-+#: src/copy.c:207 src/fmt.c:435 src/head.c:866 src/tail.c:1268
- #, c-format
- msgid "cannot open %s for reading"
- msgstr "nie mo¿na otworzyæ %s do czytania"
-
--#: src/copy.c:228 src/copy.c:282 src/copy.c:302 src/dd.c:1209 src/tail.c:1098
-+#: src/copy.c:213 src/copy.c:267 src/copy.c:287 src/dd.c:1209 src/tail.c:1098
- #: src/tail.c:1170
- #, c-format
- msgid "cannot fstat %s"
- msgstr "nie mo¿na wykonaæ fstat na %s"
-
--#: src/copy.c:238
-+#: src/copy.c:223
- #, c-format
- msgid "skipping file %s, as it was replaced while being copied"
- msgstr "plik %s zosta³ ominiêty, bo zosta³ zmieniony w trakcie kopiowania"
-
--#: src/copy.c:258 src/copy.c:892 src/copy.c:1076 src/copy.c:1179 src/ln.c:297
-+#: src/copy.c:243 src/copy.c:875 src/copy.c:1059 src/copy.c:1162 src/ln.c:297
- #: src/remove.c:727 src/remove.c:781 src/remove.c:902 src/remove.c:1009
- #, c-format
- msgid "cannot remove %s"
- msgstr "nie mo¿na usun±æ %s"
-
--#: src/copy.c:273
-+#: src/copy.c:258
- #, c-format
- msgid "cannot create regular file %s"
- msgstr "nie mo¿na utworzyæ zwyk³ego pliku %s"
-
--#: src/copy.c:329 src/dd.c:825 src/dd.c:1019
-+#: src/copy.c:314 src/dd.c:825 src/dd.c:1019
- #, c-format
- msgid "reading %s"
- msgstr "czytanie %s"
-
--#: src/copy.c:363 src/head.c:437
-+#: src/copy.c:348 src/head.c:437
- #, c-format
- msgid "cannot lseek %s"
- msgstr "nie mo¿na wykonaæ lseek na %s"
-
--#: src/copy.c:378 src/copy.c:402 src/dd.c:1063 src/dd.c:1124
-+#: src/copy.c:363 src/copy.c:387 src/dd.c:1063 src/dd.c:1124
- #, c-format
- msgid "writing %s"
- msgstr "zapis %s"
-
--#: src/copy.c:410 src/copy.c:416 src/head.c:874
-+#: src/copy.c:395 src/copy.c:401 src/head.c:874
- #, c-format
- msgid "closing %s"
- msgstr "zamykanie %s"
-
--#: src/copy.c:635
-+#: src/copy.c:620
- #, c-format
- msgid "%s: overwrite %s, overriding mode %04lo? "
- msgstr "%s: zamazanie %s, obej¶æ uprawnienia %04lo? "
-
--#: src/copy.c:641
-+#: src/copy.c:626
- #, c-format
- msgid "%s: overwrite %s? "
- msgstr "%s: zamazaæ %s? "
-
--#: src/copy.c:836 src/copy.c:874 src/df.c:492 src/stat.c:655
-+#: src/copy.c:821 src/copy.c:857 src/copy.c:1362 src/copy.c:1614 src/df.c:492
-+#: src/stat.c:695
- #, c-format
- msgid "cannot stat %s"
- msgstr "nie mo¿na wykonaæ stat na %s"
-
--#: src/copy.c:846
-+#: src/copy.c:829
- #, c-format
- msgid "omitting directory %s"
- msgstr "katalog %s zosta³ pominiêty"
-
--#: src/copy.c:860
-+#: src/copy.c:843
- #, c-format
- msgid "warning: source file %s specified more than once"
- msgstr "uwaga: plik ¼ród³owy %s pojawi³ siê wiêcej ni¿ raz"
-
--#: src/copy.c:905 src/ln.c:241
-+#: src/copy.c:888 src/ln.c:241
- #, c-format
- msgid "%s and %s are the same file"
- msgstr "%s i %s to ten sam plik"
-
--#: src/copy.c:915
-+#: src/copy.c:898
- #, c-format
- msgid "cannot overwrite non-directory %s with directory %s"
- msgstr "nie mo¿na zamazaæ nie-katalogu %s katalogiem %s"
-
--#: src/copy.c:932
-+#: src/copy.c:915
- #, c-format
- msgid "will not overwrite just-created %s with %s"
- msgstr "nie mo¿na zamazaæ w³a¶nie utworzonego %s plikiem %s"
-
--#: src/copy.c:943
-+#: src/copy.c:926
- #, c-format
- msgid "cannot overwrite directory %s with non-directory"
- msgstr "nie mo¿na zamazaæ katalogu %s nie-katalogiem"
-
--#: src/copy.c:1004
-+#: src/copy.c:987
- #, c-format
- msgid "cannot overwrite directory %s"
- msgstr "nie mo¿na zamazaæ katalogu %s"
-
--#: src/copy.c:1013
-+#: src/copy.c:996
- #, c-format
- msgid "cannot move directory onto non-directory: %s -> %s"
- msgstr "nie mo¿na przenie¶æ katalogu do nie-katalogu: %s -> %s"
-
--#: src/copy.c:1036
-+#: src/copy.c:1019
- #, c-format
- msgid "backing up %s would destroy source; %s not moved"
- msgstr ""
- "utworzenie kopii zapasowej %s zniszczy³oby ¿ród³o; %s nie zosta³ "
- "przeniesiony"
-
--#: src/copy.c:1037
-+#: src/copy.c:1020
- #, c-format
- msgid "backing up %s would destroy source; %s not copied"
- msgstr ""
- "utworzenie kopii zapasowej %s zniszczy³oby ¿ród³o; %s nie zosta³ skopiowany"
-
--#: src/copy.c:1055 src/ln.c:279
-+#: src/copy.c:1038 src/ln.c:279
- #, c-format
- msgid "cannot backup %s"
- msgstr "nie mo¿na utworzyæ kopii zapasowej %s"
-
--#: src/copy.c:1091 src/ln.c:314
-+#: src/copy.c:1074 src/ln.c:314
- #, c-format
- msgid " (backup: %s)"
- msgstr " (kopia zapasowa: %s)"
-
--#: src/copy.c:1154
-+#: src/copy.c:1137
- #, c-format
- msgid "cannot copy a directory, %s, into itself, %s"
- msgstr "nie mo¿na skopiowaæ katalogu %s do siebie samego %s"
-
--#: src/copy.c:1161
-+#: src/copy.c:1144
- #, c-format
- msgid "will not create hard link %s to directory %s"
- msgstr "nie mo¿na utworzyæ dowi±zania zwyk³ego %s do katalogu %s"
-
--#: src/copy.c:1187
-+#: src/copy.c:1170
- #, c-format
- msgid "cannot create hard link %s to %s"
- msgstr "nie mo¿na utworzyæ dowi±zania zwyk³ego %s do %s"
-
--#: src/copy.c:1241
-+#: src/copy.c:1224
- #, c-format
- msgid "cannot move %s to a subdirectory of itself, %s"
- msgstr "nie mo¿na przenie¶æ %s do w³asnego podkatalogu %s"
-
--#: src/copy.c:1284
-+#: src/copy.c:1267
- #, c-format
- msgid "cannot move %s to %s"
- msgstr "nie mo¿na przenie¶æ %s do %s"
-
--#: src/copy.c:1296
-+#: src/copy.c:1279
- #, c-format
- msgid "inter-device move failed: %s to %s; unable to remove target"
- msgstr ""
- "nie uda³o siê przeniesienie miêdzy urz±dzeniami: %s do %s; nie uda³o siê "
- "usunaæ pliku docelowego"
-
--#: src/copy.c:1324
-+#: src/copy.c:1305
-+#, c-format
-+msgid "cannot set setfscreatecon %s"
-+msgstr "nie mo¿na ustawiæ setfscreatecon %s"
-+
-+#: src/copy.c:1315
-+#, c-format
-+msgid "warning: security context not preserved %s"
-+msgstr "uwaga: nie zachowano kontekstu bezpieczeñstwa %s"
-+
-+#: src/copy.c:1317
-+#, c-format
-+msgid "cannot lgetfilecon %s"
-+msgstr "nie mo¿na wykonaæ lgetfilecon %s"
-+
-+#: src/copy.c:1335
- #, c-format
- msgid "cannot copy cyclic symbolic link %s"
- msgstr "nie mo¿na skopiowaæ cyklicznego dowi±zania symbolicznego %s"
-
--#: src/copy.c:1401
-+#: src/copy.c:1375 src/cp.c:496
-+#, c-format
-+msgid "setting permissions for %s"
-+msgstr "nie mo¿na ustawiæ uprawnieñ do %s"
-+
-+#: src/copy.c:1439
- #, c-format
- msgid "%s: can make relative symbolic links only in current directory"
- msgstr ""
- "%s: mo¿na zrobiæ tylko wzglêdne dowi±zanie symboliczne w bie¿±cym katalogu"
-
--#: src/copy.c:1408
-+#: src/copy.c:1446
- #, c-format
- msgid "cannot create symbolic link %s to %s"
- msgstr "nie mo¿na utworzyæ dowi±zania symbolicznego %s do %s"
-
--#: src/copy.c:1419
-+#: src/copy.c:1457
- #, c-format
- msgid "cannot create link %s"
- msgstr "nie mo¿na utworzyæ dowi±zania %s"
-
--#: src/copy.c:1441 src/mkfifo.c:134
-+#: src/copy.c:1478 src/mkfifo.c:162
- #, c-format
- msgid "cannot create fifo %s"
- msgstr "nie mo¿na utworzyæ potoku %s"
-
--#: src/copy.c:1452
-+#: src/copy.c:1489
- #, c-format
- msgid "cannot create special file %s"
- msgstr "nie mo¿na utworzyæ pliku specjalnego %s"
-
--#: src/copy.c:1464 src/ls.c:2554 src/stat.c:439
-+#: src/copy.c:1501 src/ls.c:2648 src/stat.c:450
- #, c-format
- msgid "cannot read symbolic link %s"
- msgstr "nie mo¿na przeczytaæ dowi±zania symbolicznego %s"
-
--#: src/copy.c:1489
-+#: src/copy.c:1526
- #, c-format
- msgid "cannot create symbolic link %s"
- msgstr "nie mo¿na utworzyæ dowi±zania symbolicznego %s"
-
--#: src/copy.c:1505 src/copy.c:1566 src/cp.c:330
-+#: src/copy.c:1547 src/copy.c:1626 src/cp.c:343
- #, c-format
- msgid "failed to preserve ownership for %s"
- msgstr "nie uda³o siê zachowaæ w³asno¶ci %s"
-
--#: src/copy.c:1520
-+#: src/copy.c:1562
- #, c-format
- msgid "%s has unknown file type"
- msgstr "%s to nieznany typ pliku"
-
--#: src/copy.c:1553
-+#: src/copy.c:1595
- #, c-format
- msgid "preserving times for %s"
- msgstr "zachowanie czasu %s"
-
--#: src/copy.c:1578
-+#: src/copy.c:1638
- #, c-format
- msgid "failed to lookup file %s"
- msgstr "nie uda³o siê znale¼æ pliku %s"
-
--#: src/copy.c:1583
-+#: src/copy.c:1643
- #, c-format
- msgid "failed to preserve authorship for %s"
- msgstr "nie uda³o siê zachowaæ autorstwa %s"
-
--#: src/copy.c:1602
--#, c-format
--msgid "setting permissions for %s"
--msgstr "nie mo¿na ustawiæ uprawnieñ do %s"
--
--#: src/copy.c:1568
-+#: src/copy.c:1664
- #, c-format
- msgid "preserving permissions for %s"
- msgstr "nie mo¿na zachowaæ uprawnieñ do %s"
-
--#: src/copy.c:1624 src/ln.c:332
-+#: src/copy.c:1692 src/ln.c:332
- #, c-format
- msgid "cannot un-backup %s"
- msgstr "nie mo¿na przywróciæ kopii zapasowej %s"
-
--#: src/copy.c:1628
-+#: src/copy.c:1696
- #, c-format
- msgid "%s -> %s (unbackup)\n"
- msgstr "%s -> %s (przywrócenie kopii zapasowej)\n"
-
--#: src/cp.c:158 src/mv.c:305
-+#: src/cp.c:167 src/mv.c:307
- #, c-format
- msgid ""
- "Usage: %s [OPTION]... SOURCE DEST\n"
-@@ -1245,7 +1352,7 @@
- " albo: %s [OPCJA]... ¬RÓD£O... KATALOG\n"
- " albo: %s [OPCJA]... --target-directory=KATALOG ¬RÓD£O...\n"
-
--#: src/cp.c:164
-+#: src/cp.c:173
- msgid ""
- "Copy SOURCE to DEST, or multiple SOURCE(s) to DIRECTORY.\n"
- "\n"
-@@ -1253,10 +1360,10 @@
- "Skopiowanie ¬RÓD£A do CELU lub ¬RÓD£A/¬RÓDE£ do KATALOGU.\n"
- "\n"
-
--#: src/cp.c:168 src/csplit.c:1414 src/cut.c:190 src/df.c:733 src/du.c:172
-+#: src/cp.c:177 src/csplit.c:1414 src/cut.c:190 src/df.c:733 src/du.c:172
- #: src/expand.c:117 src/fmt.c:277 src/fold.c:75 src/head.c:123
--#: src/install.c:604 src/kill.c:104 src/ln.c:360 src/ls.c:3911 src/mkdir.c:66
--#: src/mkfifo.c:60 src/mknod.c:61 src/mv.c:315 src/nl.c:185 src/paste.c:406
-+#: src/install.c:746 src/kill.c:104 src/ln.c:360 src/ls.c:4023 src/mkdir.c:78
-+#: src/mkfifo.c:72 src/mknod.c:73 src/mv.c:317 src/nl.c:185 src/paste.c:406
- #: src/pr.c:2761 src/ptx.c:1882 src/shred.c:165 src/sort.c:286 src/split.c:109
- #: src/tac.c:135 src/tail.c:248 src/touch.c:253 src/unexpand.c:386
- #: src/uniq.c:143
-@@ -1265,7 +1372,7 @@
- msgstr ""
- "Argumenty obowi±zkowe dla opcji d³ugich obowi±zuj± równie¿ dla krótkich.\n"
-
--#: src/cp.c:171
-+#: src/cp.c:180
- msgid ""
- " -a, --archive same as -dpR\n"
- " --backup[=CONTROL] make a backup of each existing destination "
-@@ -1285,7 +1392,7 @@
- " przypadku rekursji\n"
- " -d to samo co --no-dereference --preserve=link\n"
-
--#: src/cp.c:178
-+#: src/cp.c:187
- msgid ""
- " --no-dereference never follow symbolic links\n"
- " -f, --force if an existing destination file cannot be\n"
-@@ -1300,7 +1407,7 @@
- " -i, --interactive pytanie przed zamazaniem\n"
- " -H rozwi±zywanie argumentów - dowi±zañ symb.\n"
-
--#: src/cp.c:185
-+#: src/cp.c:194
- msgid ""
- " -l, --link link files instead of copying\n"
- " -L, --dereference always follow symbolic links\n"
-@@ -1321,7 +1428,11 @@
- " atrybutów: links (dowi±zania), all "
- "(wszystkie))\n"
-
--#: src/cp.c:193
-+#: src/cp.c:202
-+msgid " -c same as --preserve=context\n"
-+msgstr " -c to samo co --preserve=context\n"
-+
-+#: src/cp.c:205
- msgid ""
- " --no-preserve=ATTR_LIST don't preserve the specified attributes\n"
- " --parents append source path to DIRECTORY\n"
-@@ -1331,7 +1442,7 @@
- " --parents dodanie ¶cie¿ki ¼ród³owej do KATALOGU\n"
- " -P to samo co `--no-dereference'\n"
-
--#: src/cp.c:198
-+#: src/cp.c:210
- msgid ""
- " -R, -r, --recursive copy directories recursively\n"
- " --remove-destination remove each existing destination file before\n"
-@@ -1343,7 +1454,7 @@
- "docelowego\n"
- " przed prób± jego otwarcia (por. z --force)\n"
-
--#: src/cp.c:203
-+#: src/cp.c:215
- msgid ""
- " --reply={yes,no,query} specify how to handle the prompt about an\n"
- " existing destination file\n"
-@@ -1358,7 +1469,7 @@
- "z\n"
- " nazw argumentów ¬RÓD£OWYCH\n"
-
--#: src/cp.c:210
-+#: src/cp.c:222
- msgid ""
- " -s, --symbolic-link make symbolic links instead of copying\n"
- " -S, --suffix=SUFFIX override the usual backup suffix\n"
-@@ -1370,21 +1481,22 @@
- " --target-directory=KATALOG przeniesienie wszystkich ¬RÓDE£ do "
- "KATALOGU\n"
-
--#: src/cp.c:215
-+#: src/cp.c:227
- msgid ""
- " -u, --update copy only when the SOURCE file is newer\n"
- " than the destination file or when the\n"
- " destination file is missing\n"
- " -v, --verbose explain what is being done\n"
- " -x, --one-file-system stay on this file system\n"
-+" -Z, --context=CONTEXT set security context of copy to CONTEXT\n"
- msgstr ""
- " -u, --update kopiowanie tylko plików, dla których ¬RÓD£O\n"
- " jest nowsze ni¿ CEL albo brakuje CELU\n"
- " -v, --verbose wyja¶nianie co siê dzieje\n"
- " -x, --one-file-system pozostanie w jednym systemie plików\n"
--"\n"
-+" -Z, --context=KONTEKST ustawienie KONTEKSTU bezpieczeñstwa kopii\n"
-
--#: src/cp.c:224
-+#: src/cp.c:237
- msgid ""
- "\n"
- "By default, sparse SOURCE files are detected by a crude heuristic and the\n"
-@@ -1404,7 +1516,7 @@
- "U¿yj --sparse=never (nigdy) ¿eby zakazaæ tworzenia plików rzadkich.\n"
- "\n"
-
--#: src/cp.c:233
-+#: src/cp.c:246
- msgid ""
- "The backup suffix is `~', unless set with --suffix or SIMPLE_BACKUP_SUFFIX.\n"
- "The version control method may be selected via the --backup option or "
-@@ -1420,7 +1532,7 @@
- "Mo¿liwe warto¶ci:\n"
- "\n"
-
--#: src/cp.c:239 src/install.c:637 src/ln.c:392 src/mv.c:349
-+#: src/cp.c:252 src/install.c:787 src/ln.c:392 src/mv.c:351
- msgid ""
- " none, off never make backups (even if --backup is given)\n"
- " numbered, t make numbered backups\n"
-@@ -1434,7 +1546,7 @@
- " existing, nil numerowane je¿eli takie ju¿ istniej±, je¿eli nie - proste\n"
- " simple, never tworzenie zawsze prostych kopii zapasowych\n"
-
--#: src/cp.c:245
-+#: src/cp.c:258
- msgid ""
- "\n"
- "As a special case, cp makes a backup of SOURCE when the force and backup\n"
-@@ -1446,54 +1558,54 @@
- "opcje force i backup, a ¬RÓD£O i CEL s± t± sam± nazw± istniej±cego pliku\n"
- "zwyk³ego\n"
-
--#: src/cp.c:316
-+#: src/cp.c:329
- #, c-format
- msgid "failed to preserve times for %s"
- msgstr "nie uda³o siê zachowaæ czasu %s"
-
--#: src/cp.c:340
-+#: src/cp.c:358
- #, c-format
- msgid "failed to preserve permissions for %s"
- msgstr "nie uda³o siê zachowaæ uprawnieñ do %s"
-
--#: src/cp.c:423
-+#: src/cp.c:453
- #, c-format
- msgid "cannot make directory %s"
- msgstr "nie mo¿na utworzyæ katalogu %s"
-
--#: src/cp.c:482 src/ln.c:496 src/mv.c:454 src/shred.c:1601
-+#: src/cp.c:552 src/ln.c:496 src/mv.c:460 src/shred.c:1601
- msgid "missing file argument"
- msgstr "brakuj±cy argument plikowy"
-
--#: src/cp.c:487
-+#: src/cp.c:557
- msgid "missing destination file"
- msgstr "brakuj±cy plik docelowy"
-
--#: src/cp.c:512 src/ln.c:165 src/ln.c:188 src/ln.c:215 src/ln.c:303
-+#: src/cp.c:582 src/ln.c:165 src/ln.c:188 src/ln.c:215 src/ln.c:303
- #, c-format
- msgid "accessing %s"
- msgstr "dostêp do %s"
-
--#: src/cp.c:537
-+#: src/cp.c:607
- #, c-format
- msgid "%s: specified destination directory does not exist"
- msgstr "%s: podany katalog docelowy nie istnieje"
-
--#: src/cp.c:539
-+#: src/cp.c:609
- #, c-format
- msgid "%s: specified target is not a directory"
- msgstr "%s: podany CEL nie jest katalogiem"
-
--#: src/cp.c:542
-+#: src/cp.c:612
- #, c-format
- msgid "copying multiple files, but last argument %s is not a directory"
- msgstr "kopiowanie wielu plików, ostatni argument %s nie jest katalogiem"
-
--#: src/cp.c:645
-+#: src/cp.c:709
- msgid "when preserving paths, the destination must be a directory"
- msgstr "je¿eli s± zachowane ¶cie¿ki, ostatni argument musi byæ katalogiem"
-
--#: src/cp.c:872 src/install.c:216 src/ln.c:443 src/mv.c:400
-+#: src/cp.c:948 src/install.c:318 src/ln.c:443 src/mv.c:406
- #, c-format
- msgid ""
- "warning: --version-control (-V) is obsolete; support for it\n"
-@@ -1502,15 +1614,35 @@
- "uwaga: opcja --version-control (-V) jest przestarza³a i zostanie usuniêta\n"
- "w jednej z nastêpnych wersji. U¿ywaj --backup=%s ."
-
--#: src/cp.c:966 src/ln.c:473
-+#: src/cp.c:1017
-+#, c-format
-+msgid "%s: cannot force target context <-- %s and preserve it\n"
-+msgstr "%s: nie mo¿na wymusiæ docelowego kontekstu <-- %s i zachowaæ go\n"
++
++ specified_context = ref_context;
++ }
++ else if (!component_specified) {
++ specified_context = argv[optind++];
++ }
++ for (; optind < argc; ++optind)
++ errors |= change_file_context (argv[optind]);
+
-+#: src/cp.c:1027
-+#, c-format
-+msgid "Warning: ignoring --context (-Z). It requires a SELinux enabled kernel.\n"
-+msgstr "Uwaga: zignorowano --context (-Z). Ta opcja wymaga j±dra z obs³ug± SELinuksa.\n"
++ if (verbosity != V_off)
++ close_stdout ();
++ if (ref_context != NULL)
++ freecon(ref_context);
++ exit (errors);
++}
+diff -Nur coreutils-6.4/src/copy.c coreutils-6.4.selinux/src/copy.c
+--- coreutils-6.4/src/copy.c 2006-10-22 16:54:15.000000000 +0000
++++ coreutils-6.4.selinux/src/copy.c 2006-10-31 23:39:34.000000000 +0000
+@@ -53,6 +53,11 @@
+ #include "xreadlink.h"
+ #include "yesno.h"
+
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h> /* for is_selinux_enabled() */
++extern int selinux_enabled;
++#endif
+
-+#: src/cp.c:1031 src/install.c:369
-+#, c-format
-+msgid "%s: cannot force target context to '%s' and preserve it\n"
-+msgstr "%s: nie mo¿na wymusiæ docelowego kontekstu na '%s' i zachowaæ go\n"
+ #ifndef HAVE_FCHOWN
+ # define HAVE_FCHOWN false
+ # define fchown(fd, uid, gid) (-1)
+@@ -1473,6 +1478,34 @@
+ In such cases, set this variable to zero. */
+ preserve_metadata = true;
+
++#ifdef WITH_SELINUX
++ if (x->preserve_security_context && selinux_enabled)
++ {
++ security_context_t con;
+
-+#: src/cp.c:1038
-+#, c-format
-+msgid "cannot set default security context %s"
-+msgstr "nie mo¿na ustawiæ domy¶lnego kontekstu bezpieczeñstwa %s"
++ if (lgetfilecon (src_name, &con) >= 0)
++ {
++ if (setfscreatecon(con) < 0)
++ {
++ error (0, errno, _("cannot set setfscreatecon %s"), quote (con));
++ if (x->require_preserve) {
++ freecon(con);
++ return 1;
++ }
++ }
++ freecon(con);
++ }
++ else {
++ if ( errno == ENOTSUP ) {
++ error (0, errno, _("warning: security context not preserved %s"), quote (src_name));
++ } else {
++ error (0, errno, _("cannot lgetfilecon %s"), quote (src_name));
++ return 1;
++ }
++ }
++ }
++#endif
+
-+#: src/cp.c:1071 src/ln.c:473
- msgid "symbolic links are not supported on this system"
- msgstr "ten system nie ma dowi±zañ symbolicznych"
-
--#: src/cp.c:1002
-+#: src/cp.c:1107
- msgid "cannot make both hard and symbolic links"
- msgstr "nie mo¿na zrobiæ dowi±zania symbolicznego i zwyk³ego równocze¶nie"
-
--#: src/cp.c:1010 src/install.c:272 src/ln.c:539 src/mv.c:478
-+#: src/cp.c:1115 src/install.c:408 src/ln.c:539 src/mv.c:484
- msgid "backup type"
- msgstr "rodzaj kopii zapasowej"
-
-@@ -1707,7 +1839,7 @@
- "PRZESUNIÊCIE linii musi siê sk³adaæ z `+' albo `-' oraz liczby ca³kowitej.\n"
-
- #: src/cut.c:182 src/df.c:727 src/du.c:167 src/expand.c:108 src/fold.c:66
--#: src/head.c:113 src/ls.c:3905 src/nl.c:176 src/paste.c:396 src/pr.c:2752
-+#: src/head.c:113 src/ls.c:4017 src/nl.c:176 src/paste.c:396 src/pr.c:2752
- #: src/sort.c:276 src/sum.c:59 src/tac.c:126 src/tail.c:238 src/tee.c:62
- #: src/unexpand.c:377 src/wc.c:135
- #, c-format
-@@ -2083,7 +2215,7 @@
- msgid "time %s is out of range"
- msgstr "czas %s jest spoza zakresu"
-
--#: src/dd.c:287 src/tty.c:68 src/uname.c:109 src/whoami.c:53
-+#: src/dd.c:287 src/tty.c:68 src/uname.c:111 src/whoami.c:53
- #, c-format
- msgid "Usage: %s [OPTION]...\n"
- msgstr "Sk³adnia: %s [OPCJA]...\n"
-@@ -2381,7 +2513,7 @@
- " -x, --exclude-type=TYP pokazanie tylko systemów plików nie tego TYPU\n"
- " -v (ignorowane)\n"
-
--#: src/df.c:758 src/du.c:212 src/ls.c:4023
-+#: src/df.c:758 src/du.c:212 src/ls.c:4145
- msgid ""
- "\n"
- "SIZE may be (or may be an integer optionally followed by) one of following:\n"
-@@ -2590,7 +2722,7 @@
- " poni¿ej podanego jako argument komendy;\n"
- " --max-depth=0 jest tym samym co -summarize\n"
+ if (S_ISDIR (src_mode))
+ {
+ struct dir_list *dir;
+@@ -1544,6 +1577,10 @@
+ {
+ /* Here, we are crossing a file system boundary and cp's -x option
+ is in effect: so don't copy the contents of this directory. */
++#ifdef WITH_SELINUX
++ if (x->preserve_security_context && selinux_enabled)
++ setfscreatecon(NULL);
++#endif
+ }
+ else
+ {
+@@ -1689,6 +1728,11 @@
+ }
+ }
--#: src/du.c:526 src/ls.c:2224 src/wc.c:674
-+#: src/du.c:526 src/ls.c:2299 src/wc.c:674
- msgid "total"
- msgstr "razem"
++#ifdef WITH_SELINUX
++ if (x->preserve_security_context && selinux_enabled)
++ setfscreatecon(NULL);
++#endif
++
+ /* There's no need to preserve timestamps or permissions. */
+ preserve_metadata = false;
-@@ -3036,7 +3168,7 @@
- msgid "invalid number of columns: `%s'"
- msgstr "b³êdna liczba kolumn: `%s'"
+@@ -1789,6 +1833,11 @@
--#: src/getgid.c:37
-+#: src/getgid.c:41
- #, c-format
- msgid ""
- "Usage:\n"
-@@ -3206,16 +3338,17 @@
- msgid "cannot determine hostname"
- msgstr "uzyskanie nazwy systemu jest niemo¿liwe"
+ un_backup:
--#: src/id.c:86
-+#: src/id.c:106
- #, c-format
- msgid "Usage: %s [OPTION]... [USERNAME]\n"
- msgstr "Sk³adnia: %s [OPCJA]... [U¯YTKOWNIK]\n"
++#ifdef WITH_SELINUX
++ if (x->preserve_security_context && selinux_enabled)
++ setfscreatecon(NULL);
++#endif
++
+ /* We have failed to create the destination file.
+ If we've just added a dev/ino entry via the remember_copied
+ call above (i.e., unless we've just failed to create a hard link),
+diff -Nur coreutils-6.4/src/copy.h coreutils-6.4.selinux/src/copy.h
+--- coreutils-6.4/src/copy.h 2006-10-22 16:54:15.000000000 +0000
++++ coreutils-6.4.selinux/src/copy.h 2006-10-31 23:39:34.000000000 +0000
+@@ -128,6 +128,9 @@
+ bool preserve_mode;
+ bool preserve_timestamps;
--#: src/id.c:87
-+#: src/id.c:107
- msgid ""
- "Print information for USERNAME, or the current user.\n"
- "\n"
- " -a ignore, for compatibility with other versions\n"
-+" -Z, --context print only the context\n"
- " -g, --group print only the effective group ID\n"
- " -G, --groups print all group IDs\n"
- " -n, --name print a name instead of a number, for -ugG\n"
-@@ -3224,8 +3357,8 @@
- msgstr ""
- "Wy¶wietla informacjê o U¯YTKOWNIKU lub o aktualnym u¿ytkowniku.\n"
- "\n"
--" -a ignorowane, dla zachowania kompatybilno¶ci z innymi "
--"wersjami\n"
-+" -a ignorowane, dla zachowania kompatybilno¶ci z innymi wersjami\n"
-+" -Z, --context wy¶wietlenie tylko kontekstu\n"
- " -g, --group wy¶wietlenie tylko efektywnego identyfikatora grupy\n"
- " -G, --groups wy¶wietlenie pe³nej listy grup\n"
- " -n, --name wy¶wietlenie nazw zamiast numerów, dla -ugG\n"
-@@ -3233,7 +3366,7 @@
- "ugG\n"
- " -u, --user wy¶wietlenie tylko efektywnego identyfikatora u¿ytkownika\n"
++#ifdef WITH_SELINUX
++ bool preserve_security_context;
++#endif
+ /* Enabled for mv, and for cp by the --preserve=links option.
+ If true, attempt to preserve in the destination files any
+ logical hard links between the source files. If used with cp's
+diff -Nur coreutils-6.4/src/cp.c coreutils-6.4.selinux/src/cp.c
+--- coreutils-6.4/src/cp.c 2006-10-22 16:54:15.000000000 +0000
++++ coreutils-6.4.selinux/src/cp.c 2006-10-31 23:39:34.000000000 +0000
+@@ -51,6 +51,11 @@
--#: src/id.c:99
-+#: src/id.c:120
- msgid ""
- "\n"
- "Without any OPTION, print some useful set of identified information.\n"
-@@ -3242,101 +3375,143 @@
- "Bez ¿adnych OPCJI wy¶wietla zestaw u¿ytecznych informacji, które uda³o siê\n"
- "zidentyfikowaæ.\n"
+ #define AUTHORS "Torbjorn Granlund", "David MacKenzie", "Jim Meyering"
--#: src/id.c:162
--msgid "cannot print only user and only group"
--msgstr "nie mo¿na wypisaæ tylko u¿ytkownika i tylko grupê równocze¶nie"
-+#: src/id.c:165 src/mkdir.c:136 src/mkfifo.c:124 src/mknod.c:135
-+#, c-format
-+msgid "Sorry, --context (-Z) can be used only on a SELinux-enabled kernel.\n"
-+msgstr "Niestety --context (-Z) mo¿na u¿ywaæ tylko na j±drze z obs³ug± SELinuksa.\n"
-+
-+#: src/id.c:198
-+msgid ""
-+"cannot display context when SELinux not enabled or when displaying the id\n"
-+"of a different user"
-+msgstr ""
-+"nie mo¿na wy¶wietliæ kontekstu kiedy SELinux nie jest w³±czony lub przy\n"
-+"wy¶wietlaniu identyfikatora innego u¿ytkownika"
-+
-+#: src/id.c:209
-+msgid "can't get process context"
-+msgstr "nie mo¿na uzyskaæ kontekstu procesu"
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h> /* for is_selinux_enabled() */
++int selinux_enabled=0;
++#endif
+
-+#: src/id.c:214
-+msgid "cannot print \"only\" of more than one choice"
-+msgstr "nie mo¿na wypisaæ \"tylko czego¶\" dla wiêcej ni¿ jednej rzeczy"
-
--#: src/id.c:166
-+#: src/id.c:218
- msgid "cannot print only names or real IDs in default format"
- msgstr ""
- "nie da siê wypisaæ tylko nazw lub rzeczywistych ID w domy¶lnym formacie"
+ /* Used by do_copy, make_dir_parents_private, and re_protect
+ to keep a list of leading directories whose protections
+ need to be fixed after copying. */
+@@ -141,6 +146,9 @@
+ {"target-directory", required_argument, NULL, 't'},
+ {"update", no_argument, NULL, 'u'},
+ {"verbose", no_argument, NULL, 'v'},
++#ifdef WITH_SELINUX
++ {"context", required_argument, NULL, 'Z'},
++#endif
+ {GETOPT_HELP_OPTION_DECL},
+ {GETOPT_VERSION_OPTION_DECL},
+ {NULL, 0, NULL, 0}
+@@ -194,6 +202,9 @@
+ additional attributes: links, all\n\
+ "), stdout);
+ fputs (_("\
++ -c same as --preserve=context\n\
++"), stdout);
++ fputs (_("\
+ --no-preserve=ATTR_LIST don't preserve the specified attributes\n\
+ --parents use full source file name under DIRECTORY\n\
+ "), stdout);
+@@ -219,6 +230,7 @@
+ destination file is missing\n\
+ -v, --verbose explain what is being done\n\
+ -x, --one-file-system stay on this file system\n\
++ -Z, --context=CONTEXT set security context of copy to CONTEXT\n\
+ "), stdout);
+ fputs (HELP_OPTION_DESCRIPTION, stdout);
+ fputs (VERSION_OPTION_DESCRIPTION, stdout);
+@@ -729,6 +741,10 @@
+ x->preserve_mode = false;
+ x->preserve_timestamps = false;
--#: src/id.c:175
-+#: src/id.c:227
- #, c-format
- msgid "%s: No such user"
- msgstr "%s: Nie ma takiego u¿ytkownika"
++#ifdef WITH_SELINUX
++ x->preserve_security_context = false;
++#endif
++
+ x->require_preserve = false;
+ x->recursive = false;
+ x->sparse_mode = SPARSE_AUTO;
+@@ -756,18 +772,19 @@
+ PRESERVE_TIMESTAMPS,
+ PRESERVE_OWNERSHIP,
+ PRESERVE_LINK,
++ PRESERVE_CONTEXT,
+ PRESERVE_ALL
+ };
+ static enum File_attribute const preserve_vals[] =
+ {
+ PRESERVE_MODE, PRESERVE_TIMESTAMPS,
+- PRESERVE_OWNERSHIP, PRESERVE_LINK, PRESERVE_ALL
++ PRESERVE_OWNERSHIP, PRESERVE_LINK, PRESERVE_CONTEXT, PRESERVE_ALL
+ };
+ /* Valid arguments to the `--preserve' option. */
+ static char const* const preserve_args[] =
+ {
+ "mode", "timestamps",
+- "ownership", "links", "all", NULL
++ "ownership", "links", "context", "all", NULL
+ };
+ ARGMATCH_VERIFY (preserve_args, preserve_vals);
--#: src/id.c:212
-+#: src/id.c:268
- #, c-format
- msgid "cannot find name for user ID %u"
- msgstr "nie mo¿na znale¼æ nazwy u¿ytkownika o ID %u"
+@@ -803,11 +820,16 @@
+ x->preserve_links = on_off;
+ break;
--#: src/id.c:235
-+#: src/id.c:291
- #, c-format
- msgid "cannot find name for group ID %u"
- msgstr "nie mo¿na znale¼æ nazwy grupy o ID %u"
++ case PRESERVE_CONTEXT:
++ x->preserve_security_context = on_off;
++ break;
++
+ case PRESERVE_ALL:
+ x->preserve_mode = on_off;
+ x->preserve_timestamps = on_off;
+ x->preserve_ownership = on_off;
+ x->preserve_links = on_off;
++ x->preserve_security_context = on_off;
+ break;
--#: src/id.c:273
-+#: src/id.c:329
- msgid "cannot get supplemental group list"
- msgstr "uzyskanie pe³nej listy grup niemo¿liwe"
+ default:
+@@ -832,6 +854,10 @@
+ bool copy_contents = false;
+ char *target_directory = NULL;
+ bool no_target_directory = false;
++#ifdef WITH_SELINUX
++ security_context_t scontext = NULL;
++ selinux_enabled= (is_selinux_enabled()>0);
++#endif
--#: src/id.c:385
-+#: src/id.c:441
- msgid " groups="
- msgstr " grupy="
+ initialize_main (&argc, &argv);
+ program_name = argv[0];
+@@ -847,7 +873,13 @@
+ we'll actually use backup_suffix_string. */
+ backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
--#: src/install.c:266
-+#: src/id.c:458
-+#, c-format
-+msgid " context=%s"
-+msgstr " kontekst=%s"
-+
-+#: src/install.c:365
-+#, c-format
-+msgid "Warning: ignoring --preserve_context (-P) because the kernel is not SELinux-enabled.\n"
-+msgstr "Uwaga: zignorowano --preserve_context (-P), poniewa¿ j±dro nie ma obs³ugi SELinuksa.\n"
-+
-+#: src/install.c:377
-+#, c-format
-+msgid "Warning: ignoring --context (-Z) because the kernel is not SELinux-enabled.\n"
-+msgstr "Uwaga: zignorowano --context (-Z), poniewa¿ j±dro nie ma obs³ugi SELinuksa.\n"
-+
-+#: src/install.c:382
-+#, c-format
-+msgid "%s: cannot force target context == '%s' and preserve it\n"
-+msgstr "%s: nie mo¿na wymusiæ docelowego kontekstu '%s' i zachowaæ go\n"
-+
-+#: src/install.c:387
-+#, c-format
-+msgid "%s: cannot setup default context == '%s'\n"
-+msgstr "%s: nie mo¿na ustawiæ domy¶lnego kontekstu '%s'\n"
+- while ((c = getopt_long (argc, argv, "abdfHilLprst:uvxPRS:T",
++
++ while ((c = getopt_long (argc, argv,
++#ifdef WITH_SELINUX
++ "abcdfHilLprst:uvxPRS:TZ:",
++#else
++ "abdfHilLprst:uvxPRS:T",
++#endif
+ long_opts, NULL))
+ != -1)
+ {
+@@ -938,6 +970,35 @@
+ case 'R':
+ x.recursive = true;
+ break;
++#ifdef WITH_SELINUX
++ case 'c':
++ if ( scontext != NULL ) {
++ (void) fprintf(stderr, _("%s: cannot force target context <-- %s and preserve it\n"), argv[0], scontext);
++ exit( 1 );
++ }
++ else if (selinux_enabled)
++ x.preserve_security_context = true;
++ break;
+
-+#: src/install.c:402
- msgid "the strip option may not be used when installing a directory"
- msgstr "opcja obcinania (strip) nie mo¿e byæ u¿yta przy instalowaniu katalogu"
-
--#: src/install.c:289 src/mkdir.c:141
-+#: src/install.c:425 src/mkdir.c:170
- #, c-format
- msgid "invalid mode %s"
- msgstr "b³êdne uprawnienia %s"
-
--#: src/install.c:304 src/install.c:368
-+#: src/install.c:440 src/install.c:504
- #, c-format
- msgid "creating directory %s"
- msgstr "tworzenie katalogu %s"
-
--#: src/install.c:329
-+#: src/install.c:465
- #, c-format
- msgid "installing multiple files, but last argument, %s is not a directory"
- msgstr ""
- "próba instalowania wielu plików gdy ostatni argument %s nie jest katalogiem"
-
--#: src/install.c:432
-+#: src/install.c:568
- #, c-format
- msgid "%s is a directory"
- msgstr "%s jest katalogiem"
-
--#: src/install.c:468
-+#: src/install.c:610
- #, c-format
- msgid "cannot change ownership of %s"
- msgstr "nie mo¿na zmieniæ w³a¶ciciela na %s"
++ case 'Z':
++ /* politely decline if we're not on a selinux-enabled kernel. */
++ if( !selinux_enabled ) {
++ fprintf( stderr, _("Warning: ignoring --context (-Z). It requires a SELinux enabled kernel.\n") );
++ break;
++ }
++ if ( x.preserve_security_context ) {
++ (void) fprintf(stderr, _("%s: cannot force target context to '%s' and preserve it\n"), argv[0], optarg);
++ exit( 1 );
++ }
++ scontext = optarg;
++ /* if there's a security_context given set new path
++ components to that context, too */
++ if ( setfscreatecon(scontext) < 0 ) {
++ (void) fprintf(stderr, _("cannot set default security context %s"), scontext);
++ exit( 1 );
++ }
++ break;
++#endif
--#: src/install.c:492
-+#: src/install.c:634
- #, c-format
- msgid "cannot obtain time stamps for %s"
- msgstr "nie mo¿na odczytaæ czasów %s"
+ case REPLY_OPTION: /* Deprecated */
+ x.interactive = XARGMATCH ("--reply", optarg,
+diff -Nur coreutils-6.4/src/id.c coreutils-6.4.selinux/src/id.c
+--- coreutils-6.4/src/id.c 2006-10-22 16:54:15.000000000 +0000
++++ coreutils-6.4.selinux/src/id.c 2006-10-31 23:39:34.000000000 +0000
+@@ -37,6 +37,20 @@
--#: src/install.c:502
-+#: src/install.c:644
- #, c-format
- msgid "cannot set time stamps for %s"
- msgstr "nie mo¿na ustawiæ czasów %s"
+ int getugroups ();
--#: src/install.c:523
-+#: src/install.c:665
- msgid "fork system call failed"
- msgstr "nie powiiod³o siê wywo³anie systemowe fork"
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++static void print_context (char* context);
++/* Print the SELinux context */
++static void
++print_context(char *context)
++{
++ printf ("%s", context);
++}
++
++/* If nonzero, output only the SELinux context. -Z */
++static int just_context = 0;
++
++#endif
+ static void print_user (uid_t uid);
+ static void print_group (gid_t gid);
+ static void print_group_list (const char *username);
+@@ -55,8 +69,14 @@
+ /* True unless errors have been encountered. */
+ static bool ok = true;
--#: src/install.c:527
-+#: src/install.c:669
- msgid "cannot run strip"
- msgstr "nie uda³o siê uruchomiæ strip"
++/* The SELinux context */
++/* Set `context' to a known invalid value so print_full_info() will *
++ * know when `context' has not been set to a meaningful value. */
++static security_context_t context=NULL;
++
+ static struct option const longopts[] =
+ {
++ {"context", no_argument, NULL, 'Z'},
+ {"group", no_argument, NULL, 'g'},
+ {"groups", no_argument, NULL, 'G'},
+ {"name", no_argument, NULL, 'n'},
+@@ -80,6 +100,7 @@
+ Print information for USERNAME, or the current user.\n\
+ \n\
+ -a ignore, for compatibility with other versions\n\
++ -Z, --context print only the context\n\
+ -g, --group print only the effective group ID\n\
+ -G, --groups print all group IDs\n\
+ -n, --name print a name instead of a number, for -ugG\n\
+@@ -101,6 +122,7 @@
+ main (int argc, char **argv)
+ {
+ int optc;
++ int selinux_enabled=(is_selinux_enabled()>0);
--#: src/install.c:534
-+#: src/install.c:676
- msgid "strip failed"
- msgstr "b³±d strip"
+ /* If true, output the list of all group IDs. -G */
+ bool just_group_list = false;
+@@ -119,13 +141,23 @@
--#: src/install.c:555
-+#: src/install.c:697
- #, c-format
- msgid "invalid user %s"
- msgstr "b³êdny u¿ytkownik %s"
+ atexit (close_stdout);
--#: src/install.c:573
-+#: src/install.c:715
- #, c-format
- msgid "invalid group %s"
- msgstr "b³êdna grupa %s"
+- while ((optc = getopt_long (argc, argv, "agnruG", longopts, NULL)) != -1)
++ while ((optc = getopt_long (argc, argv, "agnruGZ", longopts, NULL)) != -1)
+ {
+ switch (optc)
+ {
+ case 'a':
+ /* Ignore -a, for compatibility with SVR4. */
+ break;
++#ifdef WITH_SELINUX
++ case 'Z':
++ /* politely decline if we're not on a selinux-enabled kernel. */
++ if( !selinux_enabled ) {
++ fprintf( stderr, _("Sorry, --context (-Z) can be used only on a SELinux-enabled kernel.\n") );
++ exit( 1 );
++ }
++ just_context = 1;
++ break;
++#endif
+ case 'g':
+ just_group = true;
+ break;
+@@ -148,8 +180,28 @@
+ }
+ }
--#: src/install.c:592
-+#: src/install.c:734
- #, c-format
- msgid ""
- "Usage: %s [OPTION]... SOURCE DEST (1st format)\n"
-@@ -3347,7 +3522,7 @@
- " albo: %s [OPCJA]... ¬RÓD£O... KATALOG (format 2-gi)\n"
- " albo: %s -d [OPCJA]... KATALOG... (format 3-ci)\n"
+- if (just_user + just_group + just_group_list > 1)
+- error (EXIT_FAILURE, 0, _("cannot print only user and only group"));
++#ifdef WITH_SELINUX
++ if (argc - optind == 1)
++ selinux_enabled = 0;
++
++ if( just_context && !selinux_enabled)
++ error (1, 0, _("\
++cannot display context when SELinux not enabled or when displaying the id\n\
++of a different user"));
++
++ /* If we are on a selinux-enabled kernel, get our context. *
++ * Otherwise, leave the context variable alone - it has *
++ * been initialized known invalid value; if we see this invalid *
++ * value later, we will know we are on a non-selinux kernel. */
++ if( selinux_enabled )
++ {
++ if (getcon(&context))
++ error (1, 0, _("can't get process context"));
++ }
++#endif
++
++ if (just_user + just_group + just_group_list + just_context > 1)
++ error (EXIT_FAILURE, 0, _("cannot print \"only\" of more than one choice"));
--#: src/install.c:598
-+#: src/install.c:740
- msgid ""
- "In the first two formats, copy SOURCE to DEST or multiple SOURCE(s) to\n"
- "the existing DIRECTORY, while setting permission modes and owner/group.\n"
-@@ -3360,12 +3535,13 @@
- "trzecim formacie tworzone s± wszystkie katalogi sk³adowe ¶cie¿ki KATALOG.\n"
- "\n"
+ if (just_user + just_group + just_group_list == 0 && (use_real | use_name))
+ error (EXIT_FAILURE, 0,
+@@ -183,6 +235,10 @@
+ print_group (use_real ? rgid : egid);
+ else if (just_group_list)
+ print_group_list (argv[optind]);
++#ifdef WITH_SELINUX
++ else if (just_context)
++ print_context (context);
++#endif
+ else
+ print_full_info (argv[optind]);
+ putchar ('\n');
+@@ -385,4 +441,9 @@
+ free (groups);
+ }
+ #endif /* HAVE_GETGROUPS */
++#ifdef WITH_SELINUX
++ if ( context != NULL ) {
++ printf(_(" context=%s"),context);
++ }
++#endif
+ }
+diff -Nur coreutils-6.4/src/install.c coreutils-6.4.selinux/src/install.c
+--- coreutils-6.4/src/install.c 2006-10-31 23:38:15.000000000 +0000
++++ coreutils-6.4.selinux/src/install.c 2006-10-31 23:39:34.000000000 +0000
+@@ -50,6 +50,11 @@
+ # include <sys/wait.h>
+ #endif
--#: src/install.c:607
-+#: src/install.c:749
- msgid ""
- " --backup[=CONTROL] make a backup of each existing destination file\n"
- " -b like --backup but does not accept an argument\n"
- " -c (ignored)\n"
--" -C install file, unless the target already exists and is the\n"
-+" -C install file, unless the target already exists and is "
-+"the\n"
- " same, in which case mtime will remain unchanged\n"
- " (for compatibility with *BSD)\n"
- " -d, --directory treat all arguments as directory names; create all\n"
-@@ -3374,14 +3550,16 @@
- " --backup[=TRYB] robienie kopii zapasowej przed zamazaniem pliku\n"
- " -b jak --backup, ale bez podawania argumentu\n"
- " -c (ignorowane)\n"
--" -C instalowanie pliku, chyba ¿e plik docelowy ju¿ istnieje\n"
--" i jest taki sam - wtedy mtime pozostanie nie zmieniony\n"
-+" -C instalowanie pliku, chyba ¿e plik docelowy ju¿ "
-+"istnieje\n"
-+" i jest taki sam - wtedy mtime pozostanie nie "
-+"zmieniony\n"
- " (dla kompatybilno¶ci z *BSD)\n"
- " -d, --directory traktowanie wszystkich argumentów jako nazw "
- "katalogów;\n"
- " tworzenie katalogów sk³adowych podanych katalogów\n"
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h> /* for is_selinux_enabled() */
++int selinux_enabled=0;
++#endif
++
+ #if ! HAVE_ENDGRENT
+ # define endgrent() ((void) 0)
+ #endif
+@@ -128,12 +133,18 @@
+ static struct option const long_options[] =
+ {
+ {"backup", optional_argument, NULL, 'b'},
++#ifdef WITH_SELINUX
++ {"context", required_argument, NULL, 'Z'},
++#endif
+ {"directory", no_argument, NULL, 'd'},
+ {"group", required_argument, NULL, 'g'},
+ {"mode", required_argument, NULL, 'm'},
+ {"no-target-directory", no_argument, NULL, 'T'},
+ {"owner", required_argument, NULL, 'o'},
+ {"preserve-timestamps", no_argument, NULL, 'p'},
++#ifdef WITH_SELINUX
++ {"preserve_context", no_argument, NULL, 'P'},
++#endif
+ {"strip", no_argument, NULL, 's'},
+ {"suffix", required_argument, NULL, 'S'},
+ {"target-directory", required_argument, NULL, 't'},
+@@ -250,6 +261,9 @@
--#: src/install.c:614
-+#: src/install.c:759
- msgid ""
- " -D create all leading components of DEST except the "
- "last,\n"
-@@ -3401,7 +3579,7 @@
- "xr-x\n"
- " -o, --owner=W£A¦CICIEL ustawienie W£A¦CICIELA (tylko super-user)\n"
+ x->update = false;
+ x->verbose = false;
++#ifdef WITH_SELINUX
++ x->preserve_security_context = false;
++#endif
+ x->dest_info = NULL;
+ x->src_info = NULL;
+ }
+@@ -302,6 +316,11 @@
+ bool no_target_directory = false;
+ int n_files;
+ char **file;
++#ifdef WITH_SELINUX
++ security_context_t scontext = NULL;
++ /* set iff kernel has extra selinux system calls */
++ selinux_enabled = (is_selinux_enabled()>0);
++#endif
--#: src/install.c:621
-+#: src/install.c:766
- msgid ""
- " -p, --preserve-timestamps apply access/modification times of SOURCE "
- "files\n"
-@@ -3416,7 +3594,15 @@
- " -S, --suffix=ROZSZERZ zmiana domy¶lnego ROZSZERZENIA kopii zapasowej\n"
- " -v, --verbose wypisanie nazwy ka¿dego tworzonego katalogu\n"
+ initialize_main (&argc, &argv);
+ program_name = argv[0];
+@@ -323,8 +342,13 @@
+ we'll actually use backup_suffix_string. */
+ backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
--#: src/install.c:630 src/ln.c:385 src/mv.c:342
-+#: src/install.c:773
-+msgid ""
-+" -P, --preserve_context (SELinux) Preserve security context\n"
-+" -Z, --context=CONTEXT (SELinux) Set security context of files and directories\n"
-+msgstr ""
-+" -P, --preserve_context (SELinux) zachowanie kontekstu bezpieczeñstwa\n"
-+" -Z, --context=KONTEKST (SELinux) ustawienie kontekstu plików i katalogów\n"
+- while ((optc = getopt_long (argc, argv, "bcCsDdg:m:o:pt:TvS:", long_options,
+- NULL)) != -1)
++ while ((optc = getopt_long (argc, argv,
++#ifdef WITH_SELINUX
++ "bcCsDdg:m:o:pPt:TvS:Z:",
++#else
++ "bcCsDdg:m:o:pt:TvS:",
++#endif
++ long_options, NULL)) != -1)
+ {
+ switch (optc)
+ {
+@@ -388,6 +412,37 @@
+ case 'T':
+ no_target_directory = true;
+ break;
++#ifdef WITH_SELINUX
++ case 'P':
++ /* politely decline if we're not on a selinux-enabled kernel. */
++ if( !selinux_enabled ) {
++ fprintf( stderr, _("Warning: ignoring --preserve_context (-P) because the kernel is not SELinux-enabled.\n") );
++ break;
++ }
++ if ( scontext!=NULL ) { /* scontext could be NULL because of calloc() failure */
++ (void) fprintf(stderr, _("%s: cannot force target context to '%s' and preserve it\n"), argv[0], scontext);
++ exit( 1 );
++ }
++ x.preserve_security_context = true;
++ break ;
++ case 'Z':
++ /* politely decline if we're not on a selinux-enabled kernel. */
++ if( !selinux_enabled) {
++ fprintf( stderr, _("Warning: ignoring --context (-Z) because the kernel is not SELinux-enabled.\n") );
++ break;
++ }
++ if ( x.preserve_security_context ) {
+
-+#: src/install.c:780 src/ln.c:385 src/mv.c:344
- msgid ""
- "\n"
- "The backup suffix is `~', unless set with --suffix or SIMPLE_BACKUP_SUFFIX.\n"
-@@ -3802,82 +3988,87 @@
- msgid "no login name"
- msgstr "brak nazwy u¿ytkownika"
-
--#: src/ls.c:648
-+#: src/ls.c:129
-+#, c-format
-+msgid "Sorry, this option can only be used on a SELinux-enabled kernel.\n"
-+msgstr "Niestety tej opcji mo¿na u¿yæ tylko na j±drze z obs³ug± SELinuksa.\n"
++ (void) fprintf(stderr, _("%s: cannot force target context == '%s' and preserve it\n"), argv[0], optarg);
++ exit( 1 );
++ }
++ scontext = optarg;
++ if (setfscreatecon(scontext)) {
++ (void) fprintf(stderr, _("%s: cannot setup default context == '%s'\n"), argv[0], scontext);
++ exit(1);
++ }
++ break;
++#endif
+ case_GETOPT_HELP_CHAR;
+ case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
+ default:
+@@ -781,6 +836,11 @@
+ -T, --no-target-directory treat DEST as a normal file\n\
+ -v, --verbose print the name of each directory as it is created\n\
+ "), stdout);
++ fputs (_("\
++ -P, --preserve_context (SELinux) Preserve security context\n\
++ -Z, --context=CONTEXT (SELinux) Set security context of files and directories\n\
++"), stdout);
+
-+#: src/ls.c:669
- msgid "%b %e %Y"
- msgstr "%b %e %Y"
-
--#: src/ls.c:656
-+#: src/ls.c:677
- msgid "%b %e %H:%M"
- msgstr "%b %e %H:%M"
-
--#: src/ls.c:1283
-+#: src/ls.c:1332
- #, c-format
- msgid "ignoring invalid value of environment variable QUOTING_STYLE: %s"
- msgstr "ignorujê b³êdny rozmiar zmiennej ¶rodowiskowej QUOTING_STYLE: %s"
-
--#: src/ls.c:1310
-+#: src/ls.c:1359
- #, c-format
- msgid "ignoring invalid width in environment variable COLUMNS: %s"
- msgstr "ignorujê b³êdn± d³ugo¶æ w zmiennej ¶rodowiskowej COLUMNS: %s"
-
--#: src/ls.c:1342
-+#: src/ls.c:1391
- #, c-format
- msgid "ignoring invalid tab size in environment variable TABSIZE: %s"
- msgstr "ignorujê b³êdny rozmiar tab-a w zmiennej ¶rodowiska TABSIZE: %s"
-
--#: src/ls.c:1459
-+#: src/ls.c:1508
- #, c-format
- msgid "invalid line width: %s"
- msgstr "b³êdna szeroko¶æ linii: %s"
-
--#: src/ls.c:1533
-+#: src/ls.c:1589
- #, c-format
- msgid "invalid tab size: %s"
- msgstr "b³êdny rozmiar TAB-a: %s"
-
--#: src/ls.c:1701
-+#: src/ls.c:1776
- #, c-format
- msgid "invalid time style format %s"
- msgstr "b³êdny format stylu czasu %s"
-
--#: src/ls.c:2037
-+#: src/ls.c:2112
- #, c-format
- msgid "unrecognized prefix: %s"
- msgstr "nierozpoznany prefiks: %s"
-
--#: src/ls.c:2060
-+#: src/ls.c:2135
- msgid "unparsable value for LS_COLORS environment variable"
- msgstr "niezrozumia³a warto¶æ zmiennej ¶rodowiska LS_COLORS"
-
--#: src/ls.c:2128
-+#: src/ls.c:2203
- #, c-format
- msgid "cannot determine device and inode of %s"
- msgstr "nie mo¿na ustaliæ urz±dzenia i i-wêz³a %s"
-
--#: src/ls.c:2138
-+#: src/ls.c:2213
- #, c-format
- msgid "not listing already-listed directory: %s"
- msgstr "nie bêdzie wylistowany katalog %s ju¿ wylistowany poprzednio"
-
--#: src/ls.c:2191 src/remove.c:938
-+#: src/ls.c:2266 src/remove.c:938
- #, c-format
- msgid "reading directory %s"
- msgstr "czytanie katalogu %s"
+ fputs (HELP_OPTION_DESCRIPTION, stdout);
+ fputs (VERSION_OPTION_DESCRIPTION, stdout);
+ fputs (_("\
+diff -Nur coreutils-6.4/src/ls.c coreutils-6.4.selinux/src/ls.c
+--- coreutils-6.4/src/ls.c 2006-10-22 16:54:15.000000000 +0000
++++ coreutils-6.4.selinux/src/ls.c 2006-10-31 23:39:34.000000000 +0000
+@@ -110,6 +110,17 @@
--#: src/ls.c:2671
-+#: src/ls.c:2765
- #, c-format
- msgid "cannot compare file names %s and %s"
- msgstr "nie mo¿na porównaæ nazw plików %s i %s"
+ #define AUTHORS "Richard Stallman", "David MacKenzie"
--#: src/ls.c:3013
-+#: src/ls.c:3117
- msgid "User name too long"
- msgstr "Za d³uga nazwa u¿ytkownika"
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++int selinux_enabled= 0;
++static int print_scontext = 0;
++#define check_selinux() if (!selinux_enabled) { \
++ fprintf( stderr, _("Sorry, this option can only be used on a SELinux-enabled kernel.\n") ); \
++ exit( EXIT_FAILURE ); \
++}
++
++#endif
++
+ #define obstack_chunk_alloc malloc
+ #define obstack_chunk_free free
--#: src/ls.c:3034
-+#: src/ls.c:3138
- msgid "Group name too long"
- msgstr "Za d³uga nazwa grupy"
+@@ -175,6 +186,10 @@
+ /* For long listings, true if the file has an access control list. */
+ bool have_acl;
+ #endif
++
++#ifdef WITH_SELINUX
++ security_context_t scontext;
++#endif
+ };
--#: src/ls.c:3906
-+#: src/ls.c:4018
- msgid ""
- "List information about the FILEs (the current directory by default).\n"
- "Sort entries alphabetically if none of -cftuSUX nor --sort.\n"
-@@ -3887,7 +4078,7 @@
- "alfabetyczne, je¿eli nie jest podana ¿adna z opcji -cftuSUX ani --sort.\n"
- "\n"
+ #if USE_ACL
+@@ -245,6 +260,9 @@
+ static void sort_files (void);
+ static void parse_ls_color (void);
+ void usage (int status);
++#ifdef WITH_SELINUX
++static void print_scontext_format (const struct fileinfo *f);
++#endif
--#: src/ls.c:3914
-+#: src/ls.c:4026
- msgid ""
- " -a, --all do not hide entries starting with .\n"
- " -A, --almost-all do not list implied . and ..\n"
-@@ -3899,7 +4090,7 @@
- " --author wypisanie autora ka¿dego pliku\n"
- " -b, --escape wypisanie znaków niegraficznych ósemkowo\n"
+ /* The name this program was run with. */
+ char *program_name;
+@@ -353,7 +371,10 @@
+ one_per_line, /* -1 */
+ many_per_line, /* -C */
+ horizontal, /* -x */
+- with_commas /* -m */
++#ifdef WITH_SELINUX
++ security_format, /* -Z */
++#endif
++ with_commas /* -m */
+ };
--#: src/ls.c:3920
-+#: src/ls.c:4032
- msgid ""
- " --block-size=SIZE use SIZE-byte blocks\n"
- " -B, --ignore-backups do not list implied entries ending with ~\n"
-@@ -3916,7 +4107,7 @@
- " z -l: wypisanie ctime i sortowanie wg nazw\n"
- " w przeciwnym przypadku: sortowanie wg ctime\n"
+ static enum format format;
+@@ -734,6 +755,11 @@
+ SHOW_CONTROL_CHARS_OPTION,
+ SI_OPTION,
+ SORT_OPTION,
++#ifdef WITH_SELINUX
++ CONTEXT_OPTION,
++ LCONTEXT_OPTION,
++ SCONTEXT_OPTION,
++#endif
+ TIME_OPTION,
+ TIME_STYLE_OPTION
+ };
+@@ -780,6 +806,11 @@
+ {"time-style", required_argument, NULL, TIME_STYLE_OPTION},
+ {"color", optional_argument, NULL, COLOR_OPTION},
+ {"block-size", required_argument, NULL, BLOCK_SIZE_OPTION},
++#ifdef WITH_SELINUX
++ {"context", no_argument, 0, CONTEXT_OPTION},
++ {"lcontext", no_argument, 0, LCONTEXT_OPTION},
++ {"scontext", no_argument, 0, SCONTEXT_OPTION},
++#endif
+ {"author", no_argument, NULL, AUTHOR_OPTION},
+ {GETOPT_HELP_OPTION_DECL},
+ {GETOPT_VERSION_OPTION_DECL},
+@@ -789,11 +820,18 @@
+ static char const *const format_args[] =
+ {
+ "verbose", "long", "commas", "horizontal", "across",
+- "vertical", "single-column", NULL
++ "vertical", "single-column",
++#ifdef WITH_SELINUX
++ "context",
++#endif
++ NULL
+ };
+ static enum format const format_types[] =
+ {
+ long_format, long_format, with_commas, horizontal, horizontal,
++#ifdef WITH_SELINUX
++ security_format,
++#endif
+ many_per_line, one_per_line
+ };
+ ARGMATCH_VERIFY (format_args, format_types);
+@@ -1218,6 +1256,9 @@
--#: src/ls.c:3928
-+#: src/ls.c:4040
- msgid ""
- " -C list entries by columns\n"
- " --color[=WHEN] control whether color is used to distinguish "
-@@ -3937,7 +4128,7 @@
- " rozwi±zywania dowi±zañ symbolicznych\n"
- " -D, --dired dane wyj¶ciowe dla trybu dired Emacsa\n"
+ format_needs_stat = sort_type == sort_time || sort_type == sort_size
+ || format == long_format
++#ifdef WITH_SELINUX
++ || format == security_format || print_scontext
++#endif
+ || print_block_size;
+ format_needs_type = (! format_needs_stat
+ && (recursive
+@@ -1361,6 +1402,11 @@
+ /* Record whether there is an option specifying sort type. */
+ bool sort_type_specified = false;
--#: src/ls.c:3936
-+#: src/ls.c:4048
- msgid ""
- " -f do not sort, enable -aU, disable -lst\n"
- " -F, --classify append indicator (one of */=@|) to entries\n"
-@@ -3957,7 +4148,7 @@
- " kolumnach) -C\n"
- " --full-time jak -l --time-style=full-iso\n"
++#ifdef WITH_SELINUX
++ /* 1 iff kernel has new selinux system calls */
++ selinux_enabled= (is_selinux_enabled()>0);
++#endif
++
+ qmark_funny_chars = false;
--#: src/ls.c:3943
-+#: src/ls.c:4055
- msgid ""
- " -g like -l, but do not list owner\n"
- " -G, --no-group inhibit display of group information\n"
-@@ -3982,7 +4173,7 @@
- " rozwi±zywanie dowi±zañ symbolicznych podanych\n"
- " jako argumenty je¿eli wskazuj± na katalogi\n"
+ /* initialize all switches to default settings */
+@@ -1411,6 +1457,9 @@
+ ignore_mode = IGNORE_DEFAULT;
+ ignore_patterns = NULL;
+ hide_patterns = NULL;
++#ifdef WITH_SELINUX
++ print_scontext = 0;
++#endif
--#: src/ls.c:3954
-+#: src/ls.c:4066
- msgid ""
- " --indicator-style=WORD append indicator with style WORD to entry "
- "names:\n"
-@@ -4002,7 +4193,7 @@
- "WZORU\n"
- " -k jak --block-size=1K\n"
+ /* FIXME: put this in a function. */
+ {
+@@ -1486,7 +1535,7 @@
+ }
--#: src/ls.c:3961
-+#: src/ls.c:4073
- msgid ""
- " -l use a long listing format\n"
- " -L, --dereference when showing file information for a symbolic\n"
-@@ -4017,7 +4208,7 @@
- " -m pisanie do pe³nej szeroko¶ci, oddzielanie "
- "przecinkami\n"
+ while ((c = getopt_long (argc, argv,
+- "abcdfghiklmnopqrstuvw:xABCDFGHI:LNQRST:UX1",
++ "abcdfghiklmnopqrstuvw:xABCDFGHI:LNQRST:UX1Z",
+ long_options, NULL)) != -1)
+ {
+ switch (c)
+@@ -1609,6 +1658,13 @@
+ format = horizontal;
+ break;
--#: src/ls.c:3968
-+#: src/ls.c:4080
- msgid ""
- " -n, --numeric-uid-gid like -l, but list numeric UIDs and GIDs\n"
- " -N, --literal print raw entry names (don't treat e.g. "
-@@ -4033,7 +4224,7 @@
- " -p, --file-type dopisanie znaku wskazuj±cego typ pliku (z /"
- "=@|)\n"
++#ifdef WITH_SELINUX
++ case 'Z':
++ check_selinux();
++ print_scontext = 1;
++ format = security_format;
++ break;
++#endif
+ case 'A':
+ if (ignore_mode == IGNORE_DEFAULT)
+ ignore_mode = IGNORE_DOT_AND_DOTDOT;
+@@ -1789,6 +1845,25 @@
--#: src/ls.c:3975
-+#: src/ls.c:4087
- msgid ""
- " -q, --hide-control-chars print ? instead of non graphic characters\n"
- " --show-control-chars show non graphic characters as-is (default\n"
-@@ -4055,7 +4246,7 @@
- " literal, locale, shell, shell-always, c, "
- "escape\n"
+ case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
--#: src/ls.c:3983
-+#: src/ls.c:4095
- msgid ""
- " -r, --reverse reverse order while sorting\n"
- " -R, --recursive list subdirectories recursively\n"
-@@ -4066,7 +4257,7 @@
- " -s, --size wypisanie liczby bloków zajêtych przez ka¿dy "
- "plik\n"
++#ifdef WITH_SELINUX
++
++ case CONTEXT_OPTION: /* new security format */
++ check_selinux();
++ print_scontext = 1;
++ format = security_format;
++ break;
++ case LCONTEXT_OPTION: /* long format plus security context */
++ check_selinux();
++ print_scontext = 1;
++ format = long_format;
++ break;
++ case SCONTEXT_OPTION: /* short form of new security format */
++ check_selinux();
++ print_scontext = 0;
++ format = security_format;
++ break;
++#endif
++
+ default:
+ usage (LS_FAILURE);
+ }
+@@ -2485,6 +2558,12 @@
+ struct fileinfo *f = sorted_file[i];
+ free (f->name);
+ free (f->linkname);
++#ifdef WITH_SELINUX
++ if (f->scontext) {
++ freecon (f->scontext);
++ f->scontext=NULL;
++ }
++#endif
+ }
--#: src/ls.c:3988
-+#: src/ls.c:4100
- msgid ""
- " -S sort by file size\n"
- " --sort=WORD extension -X, none -U, size -S, time -t,\n"
-@@ -4091,7 +4282,7 @@
- " albo status; u¿ycie podanego czasu do\n"
- " sortowania gdy podano --sort=time\n"
+ cwd_n_used = 0;
+@@ -2527,6 +2608,9 @@
+ memset (f, '\0', sizeof *f);
+ f->stat.st_ino = inode;
+ f->filetype = type;
++#ifdef WITH_SELINUX
++ f->scontext = NULL;
++#endif
--#: src/ls.c:3997
-+#: src/ls.c:4109
- msgid ""
- " --time-style=STYLE show times using style STYLE:\n"
- " full-iso, long-iso, iso, locale, +FORMAT\n"
-@@ -4115,7 +4306,7 @@
- " -t sortowanie wg czasu modyfikacji\n"
- " -T, --tabsize=KOLUMNA TAB co tyle KOLUMN, zamiast co 8\n"
+ if (command_line_arg
+ || format_needs_stat
+@@ -2582,7 +2666,12 @@
+ {
+ bool need_lstat;
+ err = stat (absolute_name, &f->stat);
+-
++#ifdef WITH_SELINUX
++ if (err>=0)
++ if (selinux_enabled && (format == security_format || print_scontext))
++ getfilecon(absolute_name, &f->scontext);
++#endif
++
+ if (dereference == DEREF_COMMAND_LINE_ARGUMENTS)
+ break;
--#: src/ls.c:4008
-+#: src/ls.c:4120
- msgid ""
- " -u with -lt: sort by, and show, access time\n"
- " with -l: show access time and sort by name\n"
-@@ -4131,7 +4322,7 @@
- "katalogu\n"
- " -v sortowanie wg wersji\n"
+@@ -2600,6 +2689,11 @@
--#: src/ls.c:4015
-+#: src/ls.c:4127
- msgid ""
- " -w, --width=COLS assume screen width instead of current value\n"
- " -x list entries by lines instead of by columns\n"
-@@ -4144,7 +4335,35 @@
- " -X sortowanie alfabetyczne wg rozszerzeñ\n"
- " -1 listowanie po jednym pliku w linii\n"
+ default: /* DEREF_NEVER */
+ err = lstat (absolute_name, &f->stat);
++#ifdef WITH_SELINUX
++ if (err>=0)
++ if (selinux_enabled && (format == security_format || print_scontext))
++ lgetfilecon(absolute_name, &f->scontext);
++#endif
+ break;
+ }
--#: src/ls.c:4027
-+#: src/ls.c:4134
-+#, c-format
-+msgid ""
-+"\n"
-+"SELinux options:\n"
-+"\n"
-+" --lcontext Display security context. Enable -l. Lines\n"
-+" will probably be too wide for most displays.\n"
-+" -Z, --context Display security context so it fits on most\n"
-+" displays. Displays only mode, user, group,\n"
-+" security context and file name.\n"
-+" --scontext Display only security context and file name.\n"
-+"\n"
-+"\n"
-+msgstr ""
-+"\n"
-+"Opcje dla SELinuksa:\n"
-+"\n"
-+" --lcontext wy¶wietlanie kontekstu bezpieczeñstwa; w³±cza -l,\n"
-+" linie mog± byæ zbyt d³ugie dla wielu terminali\n"
-+" --context wy¶wietlanie kontekstu tak, ¿eby zmie¶ci³ siê na\n"
-+" wiêkszo¶ci terminali; wy¶wietlane s± tylko\n"
-+" uprawnienia, w³a¶ciciel, grupa, kontekst\n"
-+" bezpieczeñstwa i nazwa pliku\n"
-+" --scontext wy¶wietlanie tylko kontekstu i nazwy pliku\n"
-+"\n"
-+"\n"
+@@ -3158,6 +3252,16 @@
+ DIRED_PUTCHAR ('\n');
+ }
+ break;
+
-+#: src/ls.c:4149
- msgid ""
- "\n"
- "By default, color is not used to distinguish types of files. That is\n"
-@@ -4318,12 +4537,12 @@
- msgid "only one argument may be specified when using --check"
- msgstr "je¿eli jest u¿ywana opcja --check mo¿na podaæ tylko jeden argument"
-
--#: src/mkdir.c:61
-+#: src/mkdir.c:68
- #, c-format
- msgid "Usage: %s [OPTION] DIRECTORY...\n"
- msgstr "Sk³adnia: %s [OPCJA] KATALOG...\n"
++#ifdef WITH_SELINUX
++ case security_format:
++ for (i = 0; i < files_index; i++)
++ {
++ print_scontext_format (files + i);
++ DIRED_PUTCHAR ('\n');
++ }
++ break;
++#endif
+ }
+ }
--#: src/mkdir.c:62
-+#: src/mkdir.c:69
- msgid ""
- "Create the DIRECTORY(ies), if they do not already exist.\n"
- "\n"
-@@ -4331,7 +4550,12 @@
- "Utworzenie KATALOGU/ÓW, je¿eli jeszcze nie istniej±.\n"
- "\n"
+@@ -3412,6 +3516,14 @@
+ The latter is wrong when nlink_width is zero. */
+ p += strlen (p);
--#: src/mkdir.c:69
-+#: src/mkdir.c:74
-+#, c-format
-+msgid " -Z, --context=CONTEXT (SELinux) set security context to CONTEXT\n"
-+msgstr " -Z, --context=KONTEKST (SELinux) ustawienie KONTEKSTU bezpieczeñstwa\n"
++#ifdef WITH_SELINUX
++
++ if ( print_scontext ) {
++ sprintf (p, "%-32s ", f->scontext);
++ p += strlen (p);
++ }
++#endif
+
-+#: src/mkdir.c:81
- msgid ""
- " -m, --mode=MODE set permission mode (as in chmod), not rwxrwxrwx - "
- "umask\n"
-@@ -4343,22 +4567,27 @@
- "katalogów\n"
- " -v, --verbose wypisanie komunikatu o ka¿dym utworzonym katalogu\n"
-
--#: src/mkdir.c:114
-+#: src/mkdir.c:130
- #, c-format
- msgid "created directory %s"
- msgstr "utworzony katalog %s"
+ DIRED_INDENT ();
--#: src/mkdir.c:191
-+#: src/mkdir.c:170 src/mkfifo.c:128 src/mknod.c:139
-+#, c-format
-+msgid "Sorry, cannot set default context to %s.\n"
-+msgstr "Niestety nie mo¿na ustawiæ domy¶lnego kontekstu na %s.\n"
+ if (print_owner | print_group | print_author)
+@@ -4347,6 +4459,16 @@
+ -X sort alphabetically by entry extension\n\
+ -1 list one file per line\n\
+ "), stdout);
++#ifdef WITH_SELINUX
++printf(_("\nSELinux options:\n\n\
++ --lcontext Display security context. Enable -l. Lines\n\
++ will probably be too wide for most displays.\n\
++ -Z, --context Display security context so it fits on most\n\
++ displays. Displays only mode, user, group,\n\
++ security context and file name.\n\
++ --scontext Display only security context and file name.\n\
++\n\n"));
++#endif
+ fputs (HELP_OPTION_DESCRIPTION, stdout);
+ fputs (VERSION_OPTION_DESCRIPTION, stdout);
+ fputs (_("\n\
+@@ -4370,3 +4492,79 @@
+ }
+ exit (status);
+ }
+
-+#: src/mkdir.c:220
- #, c-format
- msgid "cannot set permissions of directory %s"
- msgstr "nie mo¿na ustawiæ uprawnieñ katalogu %s"
-
--#: src/mkfifo.c:55
-+#: src/mkfifo.c:62
- #, c-format
- msgid "Usage: %s [OPTION] NAME...\n"
- msgstr "Sk³adnia: %s [OPCJA] NAZWA...\n"
++#ifdef WITH_SELINUX
++
++static void
++print_scontext_format (const struct fileinfo *f)
++{
++ char modebuf[12];
++
++ /* 7 fields that may require LONGEST_HUMAN_READABLE bytes,
++ 1 10-byte mode string,
++ 9 spaces, one following each of these fields, and
++ 1 trailing NUL byte. */
++
++ char init_bigbuf[7 * LONGEST_HUMAN_READABLE + 10 + 9 + 1];
++ char *buf = init_bigbuf;
++ size_t bufsize = sizeof (init_bigbuf);
++ size_t s;
++ char *p;
++ const char *fmt;
++ char *user_name;
++ char *group_name;
++ int rv;
++ char *scontext;
++
++ p = buf;
++
++ if ( print_scontext ) { /* zero means terse listing */
++ filemodestring (&f->stat, modebuf);
++ modebuf[10] = (FILE_HAS_ACL (f) ? '+' : ' ');
++ modebuf[11] = '\0';
++
++ /* print mode */
++
++ (void) sprintf (p, "%s ", modebuf);
++ p += strlen (p);
++
++ /* print standard user and group */
++
++ user_name = (numeric_ids ? NULL : getuser (f->stat.st_uid));
++ if (user_name)
++ (void) sprintf (p, "%-8.8s ", user_name);
++ else
++ (void) sprintf (p, "%-8u ", (unsigned int) f->stat.st_uid);
++ p += strlen (p);
++
++ if ( print_group ) {
++ group_name = (numeric_ids ? NULL : getgroup (f->stat.st_gid));
++ if (group_name)
++ (void) sprintf (p, "%-8.8s ", group_name);
++ else
++ (void) sprintf (p, "%-8u ", (unsigned int) f->stat.st_gid);
++ p += strlen (p);
++ }
++ }
++
++ (void) sprintf (p, "%-32s ", f->scontext);
++ p += strlen (p);
++
++ DIRED_INDENT ();
++ DIRED_FPUTS (buf, stdout, p - buf);
++ print_name_with_quoting (f->name, f->stat.st_mode, f->linkok, f->stat_ok, f->filetype, &dired_obstack);
++
++ if (f->filetype == symbolic_link) {
++ if (f->linkname) {
++ DIRED_FPUTS_LITERAL (" -> ", stdout);
++ print_name_with_quoting (f->linkname, f->linkmode, f->linkok - 1, f->stat_ok, f->filetype, NULL);
++ if (indicator_style != none)
++ print_type_indicator (f->stat_ok, f->linkmode, f->filetype);
++ }
++ }
++ else {
++ if (indicator_style != none)
++ print_type_indicator (f->stat_ok, f->stat.st_mode, f->filetype);
++ }
++}
++#endif
+diff -Nur coreutils-6.4/src/mkdir.c coreutils-6.4.selinux/src/mkdir.c
+--- coreutils-6.4/src/mkdir.c 2006-10-22 16:54:15.000000000 +0000
++++ coreutils-6.4.selinux/src/mkdir.c 2006-10-31 23:39:34.000000000 +0000
+@@ -35,11 +35,18 @@
--#: src/mkfifo.c:56
-+#: src/mkfifo.c:63
- msgid ""
- "Create named pipes (FIFOs) with the given NAMEs.\n"
- "\n"
-@@ -4366,31 +4595,36 @@
- "Tworzenie nazwanych potoków (pipes, FIFOs) o podanych NAZWACH.\n"
- "\n"
+ #define AUTHORS "David MacKenzie"
--#: src/mkfifo.c:63 src/mknod.c:64
-+#: src/mkfifo.c:68 src/mknod.c:69
-+#, c-format
-+msgid " -Z, --context=CONTEXT set security context (quoted string)\n"
-+msgstr " -Z, --context=KONTEKST ustawienie kontekstu bezpieczeñstwa (³añcuch cytowany)\n"
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h> /* for is_selinux_enabled() */
++#endif
+
-+#: src/mkfifo.c:75 src/mknod.c:76
- msgid ""
- " -m, --mode=MODE set permission mode (as in chmod), not a=rw - umask\n"
- msgstr ""
- " -m, --mode=UPRAWN ustawienie uprawnieñ (jak w chmod), nie a=rw-umask\n"
+ /* The name this program was run with. */
+ char *program_name;
+
+ static struct option const longopts[] =
+ {
++#ifdef WITH_SELINUX
++ {"context", required_argument, NULL, 'Z'},
++#endif
+ {"mode", required_argument, NULL, 'm'},
+ {"parents", no_argument, NULL, 'p'},
+ {"verbose", no_argument, NULL, 'v'},
+@@ -61,6 +68,11 @@
+ Create the DIRECTORY(ies), if they do not already exist.\n\
+ \n\
+ "), stdout);
++#ifdef WITH_SELINUX
++ printf (_("\
++ -Z, --context=CONTEXT (SELinux) set security context to CONTEXT\n\
++"));
++#endif
+ fputs (_("\
+ Mandatory arguments to long options are mandatory for short options too.\n\
+ "), stdout);
+@@ -154,7 +166,11 @@
--#: src/mkfifo.c:94 src/mknod.c:207
-+#: src/mkfifo.c:106 src/mknod.c:236
- msgid "fifo files not supported"
- msgstr "potoki nie s± obs³ugiwane przez ten system"
+ atexit (close_stdout);
--#: src/mkfifo.c:124 src/mknod.c:128
-+#: src/mkfifo.c:152 src/mknod.c:157
- msgid "invalid mode"
- msgstr "b³êdne uprawnienia"
++#ifdef WITH_SELINUX
++ while ((optc = getopt_long (argc, argv, "pm:vZ:", longopts, NULL)) != -1)
++#else
+ while ((optc = getopt_long (argc, argv, "pm:v", longopts, NULL)) != -1)
++#endif
+ {
+ switch (optc)
+ {
+@@ -167,6 +183,19 @@
+ case 'v': /* --verbose */
+ options.created_directory_format = _("created directory %s");
+ break;
++#ifdef WITH_SELINUX
++ case 'Z':
++ /* politely decline if we're not on a selinux-enabled kernel. */
++ if( !(is_selinux_enabled()>0)) {
++ fprintf( stderr, _("Sorry, --context (-Z) can be used only on a SELinux-enabled kernel.\n") );
++ exit( 1 );
++ }
++ if (setfscreatecon(optarg)) {
++ fprintf( stderr, _("Sorry, cannot set default context to %s.\n"), optarg);
++ exit( 1 );
++ }
++ break;
++#endif
+ case_GETOPT_HELP_CHAR;
+ case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
+ default:
+diff -Nur coreutils-6.4/src/mkfifo.c coreutils-6.4.selinux/src/mkfifo.c
+--- coreutils-6.4/src/mkfifo.c 2006-10-22 16:54:15.000000000 +0000
++++ coreutils-6.4.selinux/src/mkfifo.c 2006-10-31 23:39:34.000000000 +0000
+@@ -32,11 +32,18 @@
--#: src/mkfifo.c:143
-+#: src/mkfifo.c:171
- #, c-format
- msgid "cannot set permissions of fifo %s"
- msgstr "nie mo¿na ustawiæ uprawnieñ potoku %s"
+ #define AUTHORS "David MacKenzie"
--#: src/mknod.c:55
-+#: src/mknod.c:62
- #, c-format
- msgid "Usage: %s [OPTION]... NAME TYPE [MAJOR MINOR]\n"
- msgstr "Sk³adnia: %s [OPCJA]... NAZWA TYP [WIÊKSZY MNIEJSZY]\n"
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h> /* for is_selinux_enabled() */
++#endif
++
+ /* The name this program was run with. */
+ char *program_name;
--#: src/mknod.c:57
-+#: src/mknod.c:64
- msgid ""
- "Create the special file NAME of the given TYPE.\n"
- "\n"
-@@ -4398,7 +4632,7 @@
- "Utworzenie pliku specjalnego o podanej NAZWIE i TYPIE.\n"
- "\n"
+ static struct option const longopts[] =
+ {
++#ifdef WITH_SELINUX
++ {"context", required_argument, NULL, 'Z'},
++#endif
+ {"mode", required_argument, NULL, 'm'},
+ {GETOPT_HELP_OPTION_DECL},
+ {GETOPT_VERSION_OPTION_DECL},
+@@ -56,6 +63,11 @@
+ Create named pipes (FIFOs) with the given NAMEs.\n\
+ \n\
+ "), stdout);
++#ifdef WITH_SELINUX
++ printf (_("\
++ -Z, --context=CONTEXT set security context (quoted string)\n\
++"), stdout);
++#endif
+ fputs (_("\
+ Mandatory arguments to long options are mandatory for short options too.\n\
+ "), stdout);
+@@ -85,13 +97,31 @@
--#: src/mknod.c:69
-+#: src/mknod.c:81
- msgid ""
- "\n"
- "Both MAJOR and MINOR must be specified when TYPE is b, c, or u, and they\n"
-@@ -4413,7 +4647,7 @@
- "szesnastkowa. Je¿eli zaczyna siê od 0 - jako ósemkowa. W innych wypadkach -\n"
- "jako dziêsi±tkowa. TYP mo¿e byæ:\n"
+ atexit (close_stdout);
--#: src/mknod.c:76
-+#: src/mknod.c:88
- msgid ""
- "\n"
- " b create a block (buffered) special file\n"
-@@ -4425,19 +4659,19 @@
- " c, u specjalny plik znakowy (niebuforowany)\n"
- " p potok (FIFO)\n"
+- while ((optc = getopt_long (argc, argv, "m:", longopts, NULL)) != -1)
++ while ((optc = getopt_long (argc, argv,
++#ifdef WITH_SELINUX
++ "m:Z:",
++#else
++ "m:",
++#endif
++ longopts, NULL)) != -1)
+ {
+ switch (optc)
+ {
+ case 'm':
+ specified_mode = optarg;
+ break;
++#ifdef WITH_SELINUX
++ case 'Z':
++ if( !(is_selinux_enabled()>0)) {
++ fprintf( stderr, _("Sorry, --context (-Z) can be used only on a SELinux-enabled kernel.\n") );
++ exit( 1 );
++ }
++ if (setfscreatecon(optarg)) {
++ fprintf( stderr, _("Sorry, cannot set default context to %s.\n"), optarg);
++ exit( 1 );
++ }
++ break;
++#endif
+ case_GETOPT_HELP_CHAR;
+ case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
+ default:
+diff -Nur coreutils-6.4/src/mknod.c coreutils-6.4.selinux/src/mknod.c
+--- coreutils-6.4/src/mknod.c 2006-10-22 16:54:15.000000000 +0000
++++ coreutils-6.4.selinux/src/mknod.c 2006-10-31 23:39:34.000000000 +0000
+@@ -36,8 +36,15 @@
+ /* The name this program was run with. */
+ char *program_name;
--#: src/mknod.c:142
-+#: src/mknod.c:171
- msgid "wrong number of arguments"
- msgstr "z³a liczba argumentów"
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++#endif
++
+ static struct option const longopts[] =
+ {
++#ifdef WITH_SELINUX
++ {"context", required_argument, NULL, 'Z'},
++#endif
+ {"mode", required_argument, NULL, 'm'},
+ {GETOPT_HELP_OPTION_DECL},
+ {GETOPT_VERSION_OPTION_DECL},
+@@ -58,6 +65,11 @@
+ Create the special file NAME of the given TYPE.\n\
+ \n\
+ "), stdout);
++#ifdef WITH_SELINUX
++ fputs(_("\
++ -Z, --context=CONTEXT set security context (quoted string)\n\
++"), stdout);
++#endif
+ fputs (_("\
+ Mandatory arguments to long options are mandatory for short options too.\n\
+ "), stdout);
+@@ -101,13 +113,30 @@
--#: src/mknod.c:154
-+#: src/mknod.c:183
- msgid "block special files not supported"
- msgstr "specjalne pliki blokowe nie s± obs³ugiwane"
+ atexit (close_stdout);
--#: src/mknod.c:163
-+#: src/mknod.c:192
- msgid "character special files not supported"
- msgstr "specjalne pliki znakowe nie s± obs³ugiwane"
++#ifdef WITH_SELINUX
++ while ((optc = getopt_long (argc, argv, "m:Z:", longopts, NULL)) != -1)
++#else
+ while ((optc = getopt_long (argc, argv, "m:", longopts, NULL)) != -1)
++#endif
+ {
+ switch (optc)
+ {
+ case 'm':
+ specified_mode = optarg;
+ break;
++#ifdef WITH_SELINUX
++ case 'Z':
++ /* politely decline if we're not on a selinux-enabled kernel. */
++ if( !(is_selinux_enabled()>0)) {
++ fprintf( stderr, _("Sorry, --context (-Z) can be used only on a SELinux-enabled kernel.\n") );
++ exit( 1 );
++ }
++ if (setfscreatecon(optarg)) {
++ fprintf( stderr, _("Sorry, cannot set default context to %s.\n"), optarg);
++ exit( 1 );
++ }
++ break;
++#endif
+ case_GETOPT_HELP_CHAR;
+ case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
+ default:
+diff -Nur coreutils-6.4/src/mv.c coreutils-6.4.selinux/src/mv.c
+--- coreutils-6.4/src/mv.c 2006-10-22 16:54:15.000000000 +0000
++++ coreutils-6.4.selinux/src/mv.c 2006-10-31 23:39:34.000000000 +0000
+@@ -33,6 +33,11 @@
+ #include "quote.h"
+ #include "remove.h"
--#: src/mknod.c:172
-+#: src/mknod.c:201
- msgid ""
- "when creating special files, major and minor device\n"
- "numbers must be specified"
-@@ -4445,36 +4679,36 @@
- "dla utworzenia specjalnego pliku blokowego wiêkszy i mniejszy\n"
- "numer urz±dzenia musz± byæ podane"
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h> /* for is_selinux_enabled() */
++int selinux_enabled=0;
++#endif
++
+ /* The official name of this program (e.g., no `g' prefix). */
+ #define PROGRAM_NAME "mv"
--#: src/mknod.c:187
-+#: src/mknod.c:216
- #, c-format
- msgid "invalid major device number %s"
- msgstr "b³êdny wiêkszy numer urz±dzenia %s"
+@@ -125,6 +130,9 @@
+ x->preserve_links = true;
+ x->preserve_mode = true;
+ x->preserve_timestamps = true;
++#ifdef WITH_SELINUX
++ x->preserve_security_context = true;
++#endif
+ x->require_preserve = false; /* FIXME: maybe make this an option */
+ x->recursive = true;
+ x->sparse_mode = SPARSE_AUTO; /* FIXME: maybe make this an option */
+@@ -356,6 +364,10 @@
--#: src/mknod.c:192
-+#: src/mknod.c:221
- #, c-format
- msgid "invalid minor device number %s"
- msgstr "b³êdny mniejszy numer urz±dzenia %s"
+ cp_option_init (&x);
--#: src/mknod.c:197
-+#: src/mknod.c:226
- #, c-format
- msgid "invalid device %s %s"
- msgstr "b³êdne urz±dzenie %s %s"
++#ifdef WITH_SELINUX
++ selinux_enabled= (is_selinux_enabled()>0);
++#endif
++
+ /* FIXME: consider not calling getenv for SIMPLE_BACKUP_SUFFIX unless
+ we'll actually use backup_suffix_string. */
+ backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
+diff -Nur coreutils-6.4/src/runcon.c coreutils-6.4.selinux/src/runcon.c
+--- coreutils-6.4/src/runcon.c 1970-01-01 00:00:00.000000000 +0000
++++ coreutils-6.4.selinux/src/runcon.c 2006-10-31 23:39:34.000000000 +0000
+@@ -0,0 +1,174 @@
++/*
++ * runcon [ context |
++ * ( [ -r role ] [-t type] [ -u user ] [ -l levelrange ] )
++ * command [arg1 [arg2 ...] ]
++ *
++ * attempt to run the specified command with the specified context.
++ *
++ * -r role : use the current context with the specified role
++ * -t type : use the current context with the specified type
++ * -u user : use the current context with the specified user
++ * -l level : use the current context with the specified level range
++ *
++ * Contexts are interpreted as follows:
++ *
++ * Number of MLS
++ * components system?
++ *
++ * 1 - type
++ * 2 - role:type
++ * 3 Y role:type:range
++ * 3 N user:role:type
++ * 4 Y user:role:type:range
++ * 4 N error
++ */
++
++#include <config.h>
++#include <unistd.h>
++#include <stdio.h>
++#include <getopt.h>
++#include <selinux/context.h>
++#include <selinux/selinux.h>
++#include <errno.h>
++#include "system.h"
++extern int errno;
++
++/* The name the program was run with. */
++char *program_name;
++
++void
++usage(char *str)
++{
++ printf(_("Usage: %s [OPTION]... command [args]\n"
++ "Run a program in a different security context.\n\n"
++ " context Complete security context\n"
++ " -t type (for same role as parent)\n"
++ " -u user identity\n"
++ " -r role\n"
++ " -l levelrange\n"
++ " --help display this help and exit\n"),
++ program_name);
++ exit(1);
++}
++
++int
++main(int argc,char **argv,char **envp )
++{
++ char *role = 0;
++ char *range = 0;
++ char *user = 0;
++ char *type = 0;
++ char *context = NULL;
++ security_context_t cur_context = NULL;
++
++ context_t con;
++
++ program_name = argv[0];
++ setlocale (LC_ALL, "");
++ bindtextdomain (PACKAGE, LOCALEDIR);
++ textdomain (PACKAGE);
++
++ while (1) {
++ int c;
++ int this_option_optind = optind ? optind : 1;
++ int option_index = 0;
++ static struct option long_options[] = {
++ { "role", 1, 0, 'r' },
++ { "type", 1, 0, 't' },
++ { "user", 1, 0, 'u' },
++ { "range", 1, 0, 'l' },
++ { "help", 0, 0, '?' },
++ { 0, 0, 0, 0 }
++ };
++ c = getopt_long(argc, argv, "s:r:t:u:l:?", long_options, &option_index);
++ if ( c == -1 ) {
++ break;
++ }
++ switch ( c ) {
++ case 'r':
++ if ( role ) {
++ fprintf(stderr,_("multiple roles\n"));
++ exit(1);
++ }
++ role = optarg;
++ break;
++ case 't':
++ if ( type ) {
++ fprintf(stderr,_("multiple types\n"));
++ exit(1);
++ }
++ type = optarg;
++ break;
++ case 'u':
++ if ( user ) {
++ fprintf(stderr,_("multiple users\n"));
++ exit(1);
++ }
++ user = optarg;
++ break;
++ case 'l':
++ if ( range ) {
++ fprintf(stderr,_("multiple levelranges\n"));
++ exit(1);
++ }
++ range = optarg;
++ break;
++ default:
++ fprintf(stderr,_("unrecognised option %c\n"),c);
++ case '?':
++ usage(0);
++ break;
++ }
++ }
++ if ( !(user || role || type || range)) {
++ if ( optind >= argc ) {
++ usage(_("must specify -t, -u, -l, -r, or context"));
++ }
++ context = argv[optind++];
++ }
++
++ if ( optind >= argc ) {
++ usage(_("no command found"));
++ }
++
++ if ( context ) {
++ con = context_new(context);
++ if (!con) {
++ fprintf(stderr,_("%s is not a valid context\n"), context);
++ exit(1);
++ }
++ }
++ else {
++ getcon(&cur_context);
++ con = context_new(cur_context);
++ if (!con) {
++ fprintf(stderr,_("%s is not a valid context\n"), context);
++ exit(1);
++ }
++ if ( user ) {
++ context_user_set(con,user);
++ }
++ if ( type ) {
++ context_type_set(con,type);
++ }
++ if ( range ) {
++ context_range_set(con,range);
++ }
++ if ( role ) {
++ context_role_set(con,role);
++ }
++ }
++
++ if (setexeccon(context_str(con))!=0) {
++ fprintf(stderr,_("unable to setup security context %s\n"), context_str(con));
++ exit(1);
++ }
++ if (cur_context!=NULL)
++ freecon(cur_context);
++
++ if ( execvp(argv[optind],argv+optind) ) {
++ perror("execvp");
++ exit(1);
++ }
++ return 1; /* can't reach this statement.... */
++}
+diff -Nur coreutils-6.4/src/stat.c coreutils-6.4.selinux/src/stat.c
+--- coreutils-6.4/src/stat.c 2006-10-22 16:54:15.000000000 +0000
++++ coreutils-6.4.selinux/src/stat.c 2006-10-31 23:39:48.000000000 +0000
+@@ -55,6 +55,13 @@
+ # include <fs_info.h>
+ #endif
--#: src/mknod.c:211
-+#: src/mknod.c:240
- msgid "major and minor device numbers may not be specified for fifo files"
- msgstr "wiêkszy i mniejszy numer urz±dzenia nie mo¿e byæ podany dla fifo"
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++#define SECURITY_ID_T security_context_t
++#else
++#define SECURITY_ID_T char *
++#endif
++
+ #include "system.h"
--#: src/mknod.c:221
-+#: src/mknod.c:250
- #, c-format
- msgid "invalid device type %s"
- msgstr "b³êdne typ urz±dzenia %s"
+ #include "error.h"
+@@ -161,6 +168,7 @@
+ {"dereference", no_argument, NULL, 'L'},
+ {"file-system", no_argument, NULL, 'f'},
+ {"filesystem", no_argument, NULL, 'f'}, /* obsolete and undocumented alias */
++ {"context", no_argument, 0, 'Z'},
+ {"format", required_argument, NULL, 'c'},
+ {"printf", required_argument, NULL, PRINTF_OPTION},
+ {"terse", no_argument, NULL, 't'},
+@@ -397,7 +405,7 @@
+ /* print statfs info */
+ static void
+ print_statfs (char *pformat, size_t prefix_len, char m, char const *filename,
+- void const *data)
++ void const *data, SECURITY_ID_T scontext)
+ {
+ STRUCT_STATVFS const *statfsbuf = data;
--#: src/mknod.c:232
-+#: src/mknod.c:261
- #, c-format
- msgid "cannot set permissions of %s"
- msgstr "nie mo¿na ustawiæ uprawnieñ do %s"
+@@ -472,7 +480,9 @@
+ case 'd':
+ out_int (pformat, prefix_len, statfsbuf->f_ffree);
+ break;
+-
++ case 'C':
++ out_string (pformat, prefix_len, scontext);
++ break;
+ default:
+ fputc ('?', stdout);
+ break;
+@@ -482,7 +492,7 @@
+ /* print stat info */
+ static void
+ print_stat (char *pformat, size_t prefix_len, char m,
+- char const *filename, void const *data)
++ char const *filename, void const *data, SECURITY_ID_T scontext)
+ {
+ struct stat *statbuf = (struct stat *) data;
+ struct passwd *pw_ent;
+@@ -595,6 +605,9 @@
+ else
+ out_uint (pformat, prefix_len, statbuf->st_ctime);
+ break;
++ case 'C':
++ out_string (pformat, prefix_len, scontext);
++ break;
+ default:
+ fputc ('?', stdout);
+ break;
+@@ -641,8 +654,8 @@
--#: src/mv.c:311
-+#: src/mv.c:313
- msgid ""
- "Rename SOURCE to DEST, or move SOURCE(s) to DIRECTORY.\n"
- "\n"
-@@ -4483,7 +4717,7 @@
- "do KATALOGU.\n"
- "\n"
+ static void
+ print_it (char const *format, char const *filename,
+- void (*print_func) (char *, size_t, char, char const *, void const *),
+- void const *data)
++ void (*print_func) (char *, size_t, char, char const *, void const *, SECURITY_ID_T),
++ void const *data, SECURITY_ID_T scontext)
+ {
+ /* Add 2 to accommodate our conversion of the stat `%s' format string
+ to the longer printf `%llu' one. */
+@@ -683,7 +696,7 @@
+ putchar ('%');
+ break;
+ default:
+- print_func (dest, len + 1, *fmt_char, filename, data);
++ print_func (dest, len + 1, *fmt_char, filename, data, scontext);
+ break;
+ }
+ break;
+@@ -746,9 +759,17 @@
+
+ /* Stat the file system and print what we find. */
+ static bool
+-do_statfs (char const *filename, bool terse, char const *format)
++do_statfs (char const *filename, bool terse, bool secure, char const *format)
+ {
+ STRUCT_STATVFS statfsbuf;
++ SECURITY_ID_T scontext = NULL;
++#ifdef WITH_SELINUX
++ if(secure)
++ if (getfilecon(filename,&scontext)<0) {
++ perror (filename);
++ return false;
++ }
++#endif
--#: src/mv.c:318
-+#: src/mv.c:320
- msgid ""
- " --backup[=CONTROL] make a backup of each existing destination "
- "file\n"
-@@ -4503,7 +4737,7 @@
- " -i, --interactive pytanie przed zamazaniem\n"
- " (równowa¿ne --reply=query)\n"
+ if (STATFS (filename, &statfsbuf) != 0)
+ {
+@@ -759,25 +780,45 @@
--#: src/mv.c:326
-+#: src/mv.c:328
- msgid ""
- " --reply={yes,no,query} specify how to handle the prompt about an\n"
- " existing destination file\n"
-@@ -4518,7 +4752,7 @@
- " -S, --suffix=ROZSZERZ zmiana domy¶lnego rozszerzenia kopii "
- "zapasowej\n"
+ if (format == NULL)
+ {
+- format = (terse
+- ? "%n %i %l %t %s %S %b %f %a %c %d\n"
+- : " File: \"%n\"\n"
+- " ID: %-8i Namelen: %-7l Type: %T\n"
+- "Block size: %-10s Fundamental block size: %S\n"
+- "Blocks: Total: %-10b Free: %-10f Available: %a\n"
+- "Inodes: Total: %-10c Free: %d\n");
+- }
++ if (terse) {
++ if(secure)
++ format = "%n %i %l %t %s %S %b %f %a %c %d %C\n";
++ else
++ format = "%n %i %l %t %s %S %b %f %a %c %d\n";
++ }
++ else
++ {
++ if(secure)
++ format = " File: \"%n\"\n"
++ " ID: %-8i Namelen: %-7l Type: %T\n"
++ "Block size: %-10s Fundamental block size: %S\n"
++ "Blocks: Total: %-10b Free: %-10f Available: %a\n"
++ "Inodes: Total: %-10c Free: %d\n"
++ " S_Context: %C\n";
++ else
++ format = " File: \"%n\"\n"
++ " ID: %-8i Namelen: %-7l Type: %T\n"
++ "Block size: %-10s Fundamental block size: %S\n"
++ "Blocks: Total: %-10b Free: %-10f Available: %a\n"
++ "Inodes: Total: %-10c Free: %d\n";
++ }
++ }
++ print_it (format, filename, print_statfs, &statfsbuf, scontext);
++#ifdef WITH_SELINUX
++ if (scontext != NULL)
++ freecon(scontext);
++#endif
--#: src/mv.c:333
-+#: src/mv.c:335
- msgid ""
- " --target-directory=DIRECTORY move all SOURCE arguments into "
- "DIRECTORY\n"
-@@ -4533,12 +4767,12 @@
- " CELU albo nie ma CELU\n"
- " -v, --verbose wyja¶nianie co siê dzieje\n"
+- print_it (format, filename, print_statfs, &statfsbuf);
+ return true;
+ }
--#: src/mv.c:462
-+#: src/mv.c:468
- #, c-format
- msgid "specified target, %s is not a directory"
- msgstr "podany cel %s nie jest katalogiem"
+ /* stat the file and print what we find */
+ static bool
+-do_stat (char const *filename, bool follow_links, bool terse,
++do_stat (char const *filename, bool follow_links, bool terse, bool secure,
+ char const *format)
+ {
+ struct stat statbuf;
++ SECURITY_ID_T scontext = NULL;
--#: src/mv.c:470
-+#: src/mv.c:476
- msgid "when moving multiple files, last argument must be a directory"
- msgstr ""
- "gdy przenoszonych jest wiele plików, ostatni argument musi byæ katalogiem"
-@@ -6037,6 +6271,72 @@
- " -v, --verbose informacja diagnostyczna o ka¿dym przetworzonym\n"
- " katalogu\n"
+ if ((follow_links ? stat : lstat) (filename, &statbuf) != 0)
+ {
+@@ -785,11 +826,29 @@
+ return false;
+ }
-+#: src/runcon.c:42
-+#, c-format
-+msgid ""
-+"Usage: %s [OPTION]... command [args]\n"
-+"Run a program in a different security context.\n"
-+"\n"
-+" context Complete security context\n"
-+" -t type (for same role as parent)\n"
-+" -u user identity\n"
-+" -r role\n"
-+" -l levelrange\n"
-+" --help display this help and exit\n"
-+msgstr ""
-+"Sk³adnia: %s [OPCJA]... polecenie [argumenty]\n"
-+"Uruchomienie programu w innym kontek¶cie bezpieczeñstwa.\n"
-+"\n"
-+" kontekst pe³ny kontekst bezpieczeñstwa\n"
-+" -t typ (dla tej samej roli jako rodzica)\n"
-+" -u identyfikator u¿ytkownika\n"
-+" -r rola\n"
-+" -l zakres poziomów\n"
-+" --help wy¶wietlenie tego opisu i zakoñczenie\n"
-+
-+#: src/runcon.c:90
-+#, c-format
-+msgid "multiple roles\n"
-+msgstr "wiele ról\n"
-+
-+#: src/runcon.c:97
-+#, c-format
-+msgid "multiple types\n"
-+msgstr "wiele typów\n"
-+
-+#: src/runcon.c:104
-+#, c-format
-+msgid "multiple users\n"
-+msgstr "wielu u¿ytkowników\n"
-+
-+#: src/runcon.c:111
-+#, c-format
-+msgid "multiple levelranges\n"
-+msgstr "wiele zakresów poziomów\n"
-+
-+#: src/runcon.c:117
-+#, c-format
-+msgid "unrecognised option %c\n"
-+msgstr "nierozpoznana opcja %c\n"
-+
-+#: src/runcon.c:125
-+msgid "must specify -t, -u, -l, -r, or context"
-+msgstr "trzeba podaæ -t, -u, -l, -r albo kontekst"
-+
-+#: src/runcon.c:131
-+msgid "no command found"
-+msgstr "nie znaleziono polecenia"
-+
-+#: src/runcon.c:137 src/runcon.c:145
-+#, c-format
-+msgid "%s is not a valid context\n"
-+msgstr "%s nie jest poprawnym kontekstem\n"
-+
-+#: src/runcon.c:163
-+#, c-format
-+msgid "unable to setup security context %s\n"
-+msgstr "nie mo¿na ustawiæ kontekstu bezpieczeñstwa %s\n"
++#ifdef WITH_SELINUX
++ if(secure) {
++ int i;
++ if (follow_links)
++ i=lgetfilecon(filename, &scontext);
++ else
++ i=getfilecon(filename, &scontext);
++ if (i == -1)
++ {
++ perror (filename);
++ return false;
++ }
++ }
++#endif
+
- #: src/seq.c:82
- #, c-format
- msgid ""
-@@ -6706,23 +7006,24 @@
- msgid "invalid number of lines: 0"
- msgstr "b³êdna liczba linii: 0"
-
--#: src/stat.c:625
-+#: src/stat.c:648
- #, c-format
- msgid "cannot read file system information for %s"
- msgstr "nie mo¿na przeczytaæ informacji systemowych o %s"
+ if (format == NULL)
+ {
+ if (terse)
+ {
+- format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o\n";
++ if (secure)
++ format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o %C\n";
++ else
++ format = "%n %s %b %f %u %g %D %i %h %t %T %X %Y %Z %o\n";
+ }
+ else
+ {
+@@ -797,7 +856,17 @@
+ implemented. */
+ if (S_ISBLK (statbuf.st_mode) || S_ISCHR (statbuf.st_mode))
+ {
+- format =
++ if (secure)
++ format =
++ " File: %N\n"
++ " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
++ "Device: %Dh/%dd\tInode: %-10i Links: %-5h"
++ " Device type: %t,%T\n"
++ "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n"
++ " S_Context: %C\n"
++ "Access: %x\n" "Modify: %y\n" "Change: %z\n";
++ else
++ format =
+ " File: %N\n"
+ " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
+ "Device: %Dh/%dd\tInode: %-10i Links: %-5h"
+@@ -807,6 +876,15 @@
+ }
+ else
+ {
++ if (secure)
++ format =
++ " File: %N\n"
++ " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
++ "Device: %Dh/%dd\tInode: %-10i Links: %-5h\n"
++ "Access: (%04a/%10.10A) Uid: (%5u/%8U) Gid: (%5g/%8G)\n"
++ "S_Context: %C\n"
++ "Access: %x\n" "Modify: %y\n" "Change: %z\n";
++ else
+ format =
+ " File: %N\n"
+ " Size: %-10s\tBlocks: %-10b IO Block: %-6o %F\n"
+@@ -816,7 +894,11 @@
+ }
+ }
+ }
+- print_it (format, filename, print_stat, &statbuf);
++ print_it (format, filename, print_stat, &statbuf, scontext);
++#ifdef WITH_SELINUX
++ if (scontext)
++ freecon(scontext);
++#endif
+ return true;
+ }
--#: src/stat.c:701
-+#: src/stat.c:781
- #, c-format
- msgid "Usage: %s [OPTION] FILE...\n"
- msgstr "Sk³adnia: %s [OPCJA] PLIK...\n"
+@@ -841,6 +923,7 @@
+ --printf=FORMAT like --format, but interpret backslash escapes,\n\
+ and do not output a mandatory trailing newline.\n\
+ If you want a newline, include \\n in FORMAT.\n\
++ -Z, --context print the security context\n\
+ -t, --terse print the information in terse form\n\
+ "), stdout);
+ fputs (HELP_OPTION_DESCRIPTION, stdout);
+@@ -892,6 +975,7 @@
+ %c Total file nodes in file system\n\
+ %d Free file nodes in file system\n\
+ %f Free blocks in file system\n\
++ %C Security context in SELinux\n\
+ "), stdout);
+ fputs (_("\
+ %i File System ID in hex\n\
+@@ -915,6 +999,7 @@
+ int i;
+ bool follow_links = false;
+ bool fs = false;
++ bool secure = false;
+ bool terse = false;
+ char *format = NULL;
+ bool ok = true;
+@@ -927,7 +1012,7 @@
--#: src/stat.c:702
-+#: src/stat.c:782
- msgid ""
- "Display file or filesystem status.\n"
- "\n"
- " -f, --filesystem display filesystem status instead of file status\n"
- " -c --format=FORMAT use the specified FORMAT instead of the default\n"
- " -L, --dereference follow links\n"
-+" -Z, --context print the security context\n"
- " -t, --terse print the information in terse form\n"
- msgstr ""
- "Pokazanie danych pliku albo systemu plików\n"
-@@ -6730,9 +7031,10 @@
- " -f, --filesystem pokazanie danych systemu plików, a nie pliku\n"
- " -c --format=FORMAT u¿ycie podanego FORMATU zamiast domy¶lnego\n"
- " -L, --dereference rozwi±zywanie dowi±zañ symbolicznych\n"
-+" -Z, --context wypisywanie kontekstu bezpieczeñstwa\n"
- " -t, --terse wypisywanie informacji w skróconej formie\n"
+ atexit (close_stdout);
--#: src/stat.c:713
-+#: src/stat.c:794
- msgid ""
- "\n"
- "The valid format sequences for files (without --filesystem):\n"
-@@ -6750,7 +7052,7 @@
- " %B rozmiar w bajtach ka¿dego bloku podanego przez `%b'\n"
- " %b liczba zajêtych bloków (zobacz %B)\n"
+- while ((c = getopt_long (argc, argv, "c:fLt", long_options, NULL)) != -1)
++ while ((c = getopt_long (argc, argv, "c:fLtZ", long_options, NULL)) != -1)
+ {
+ switch (c)
+ {
+@@ -946,6 +1031,14 @@
+ case 'L':
+ follow_links = true;
+ break;
++ case 'Z':
++ if((is_selinux_enabled()>0))
++ secure = true;
++ else {
++ error (0, 0, _("Kernel is not SELinux enabled"));
++ usage (EXIT_FAILURE);
++ }
++ break;
--#: src/stat.c:721
-+#: src/stat.c:802
- msgid ""
- " %D Device number in hex\n"
- " %d Device number in decimal\n"
-@@ -6766,7 +7068,7 @@
- " %G nazwa grupy w³a¶ciciela pliku\n"
- " %g numer grupy w³a¶ciciela pliku\n"
+ case 'f':
+ fs = true;
+@@ -972,8 +1065,8 @@
--#: src/stat.c:729
-+#: src/stat.c:810
- msgid ""
- " %h Number of hard links\n"
- " %i Inode number\n"
-@@ -6786,7 +7088,7 @@
- " %T mniejszy numer urz±dzenia szesnastkowo\n"
- " %t wiêkszy numer urz±dzenia szesnastkowo\n"
+ for (i = optind; i < argc; i++)
+ ok &= (fs
+- ? do_statfs (argv[i], terse, format)
+- : do_stat (argv[i], follow_links, terse, format));
++ ? do_statfs (argv[i], terse, secure, format)
++ : do_stat (argv[i], follow_links, terse, secure, format));
--#: src/stat.c:739
-+#: src/stat.c:820
- msgid ""
- " %U User name of owner\n"
- " %u User ID of owner\n"
-@@ -6808,7 +7110,7 @@
- " %z czas ostatniej zmiany czasu\n"
- "\n"
+ exit (ok ? EXIT_SUCCESS : EXIT_FAILURE);
+ }
+diff -Nur coreutils-6.4/tests/help-version coreutils-6.4.selinux/tests/help-version
+--- coreutils-6.4/tests/help-version 2006-10-22 16:54:15.000000000 +0000
++++ coreutils-6.4.selinux/tests/help-version 2006-10-31 23:39:34.000000000 +0000
+@@ -70,6 +70,8 @@
--#: src/stat.c:751
-+#: src/stat.c:832
- msgid ""
- "Valid format sequences for file systems:\n"
- "\n"
-@@ -6817,6 +7119,7 @@
- " %c Total file nodes in file system\n"
- " %d Free file nodes in file system\n"
- " %f Free blocks in file system\n"
-+" %C Security context in SELinux\n"
- msgstr ""
- "Prawid³owe specyfikacje formatu dla systemów plików:\n"
- "\n"
-@@ -6825,8 +7128,9 @@
- " %c ca³kowita liczba i-wêz³ów w systemie plików\n"
- " %d liczba wolnych i-wêz³ów w systemie plików\n"
- " %f liczba wolnych bloków w systemie plików\n"
-+" %C kontekst bezpieczeñstwa w SELinuksie\n"
+ # Skip `test'; it doesn't accept --help or --version.
+ test $i = test && continue;
++ test $i = chcon && continue;
++ test $i = runcon && continue;
--#: src/stat.c:760
-+#: src/stat.c:842
- msgid ""
- " %i File System id in hex\n"
- " %l Maximum length of filenames\n"
-@@ -6842,10 +7146,14 @@
- " %T typ w formie czytelnej dla cz³owieka\n"
- " %t typ szesnastkowo\n"
+ # false fails even when invoked with --help or --version.
+ if test $i = false; then
+@@ -190,7 +192,7 @@
--#: src/stat.c:800
-+#: src/stat.c:883
- msgid "Warning: `-l' is deprecated; use `-L' instead"
- msgstr "Uwaga: opcja -l zostanie w przysz³o¶ci usuniêta, u¿ywaj -L"
+ for i in $all_programs; do
+ # Skip these.
+- case $i in chroot|stty|tty|false) continue;; esac
++ case $i in chroot|stty|tty|false|chcon|runcon) continue;; esac
-+#: src/stat.c:900
-+msgid "Kernel is not SELinux enabled"
-+msgstr "J±dro nie ma obs³ugi SELinuksa"
-+
- #: src/stty.c:489
- #, c-format
- msgid ""
+ rm -rf $tmp_in $tmp_in2 $tmp_dir $tmp_out
+ echo > $tmp_in