1 --- findutils-4.4.0/find/Makefile.am.orig 2007-07-22 14:29:31.000000000 +0200
2 +++ findutils-4.4.0/find/Makefile.am 2008-03-16 01:19:36.539333465 +0100
6 EXTRA_DIST = defs.h $(man_MANS)
7 +DEFS = @DEFS@ -DWITH_SELINUX
8 INCLUDES = -I../gnulib/lib -I$(top_srcdir)/lib -I$(top_srcdir)/gnulib/lib -I../intl -DLOCALEDIR=\"$(localedir)\"
9 -LDADD = ./libfindtools.a ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@ @LIB_CLOCK_GETTIME@ @FINDLIBS@
10 +LDADD = ./libfindtools.a ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@ @LIB_CLOCK_GETTIME@ @FINDLIBS@ -lselinux
14 --- findutils-4.4.0/find/defs.h.orig 2008-03-10 10:37:21.000000000 +0100
15 +++ findutils-4.4.0/find/defs.h 2008-03-16 01:22:53.718566717 +0100
17 #include <stdint.h> /* for uintmax_t */
18 #include <sys/stat.h> /* S_ISUID etc. */
21 +#include <selinux/selinux.h>
22 +#endif /*WITH_SELINUX*/
27 struct perm_val perm; /* perm */
28 struct samefile_file_id samefileid; /* samefile */
29 mode_t type; /* type */
31 + security_context_t scontext; /* scontext */
32 +#endif /*WITH_SELINUX*/
33 struct format_val printf_vec; /* printf fprintf fprint ls fls print0 fprint0 print */
37 /* Pointer to the function used to stat files. */
38 int (*xstat) (const char *name, struct stat *statbuf);
41 + int (*x_getfilecon) ();
42 +#endif /* WITH_SELINUX */
45 /* Indicate if we can implement safely_chdir() using the O_NOFOLLOW
48 extern char *program_name;
52 +PREDICATEFUNCTION pred_scontext;
53 +extern int (*x_getfilecon) ();
54 +#endif /*WITH_SELINUX*/
57 --- findutils-4.4.0/find/find.1.orig 2007-12-19 20:53:14.000000000 +0100
58 +++ findutils-4.4.0/find/find.1 2008-03-16 01:24:14.939206112 +0100
63 +.IP "\-context \fIscontext\fR"
64 +.IP "\-\-context \fIscontext\fR"
65 +(SELinux only) File has the security context \fIscontext\fR.
69 Delete files; true if removal succeeded. If the removal failed, an
71 U=unknown type (shouldn't happen)
73 File's type (like %y), plus follow symlinks: L=loop, N=nonexistent
75 +(SELinux only) file's security context.
77 A `%' character followed by any other character is discarded, but the
78 other character is printed (don't rely on this, as further format
79 --- findutils-4.4.0/find/parser.c.orig 2008-03-10 10:37:21.000000000 +0100
80 +++ findutils-4.4.0/find/parser.c 2008-03-17 20:23:52.047453360 +0100
86 +#include <selinux/selinux.h>
87 +#endif /*WITH_SELINUX*/
91 # define _(Text) gettext (Text)
93 static boolean parse_warn PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
94 static boolean parse_xtype PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
95 static boolean parse_quit PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
97 +static boolean parse_scontext PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
98 +#endif /*WITH_SELINUX*/
100 boolean parse_print PARAMS((const struct parser_table*, char *argv[], int *arg_ptr));
103 {ARG_TEST, "writable", parse_accesscheck, pred_writable}, /* GNU, 4.3.0+ */
104 PARSE_OPTION ("xdev", xdev), /* POSIX */
105 PARSE_TEST ("xtype", xtype), /* GNU */
107 + PARSE_TEST ("context", scontext), /* SELINUX */
108 + PARSE_TEST ("-context", scontext), /* SELINUX */
109 +#endif /*WITH_SELINUX*/
110 #ifdef UNIMPLEMENTED_UNIX
111 /* It's pretty ugly for find to know about archive formats.
112 Plus what it could do with cpio archives is very limited.
113 @@ -451,11 +462,17 @@
115 case SYMLINK_ALWAYS_DEREF: /* -L */
116 options.xstat = optionl_stat;
118 + options.x_getfilecon = getfilecon;
119 +#endif /* WITH_SELINUX */
120 options.no_leaf_check = true;
123 case SYMLINK_NEVER_DEREF: /* -P (default) */
124 options.xstat = optionp_stat;
126 + options.x_getfilecon = lgetfilecon;
127 +#endif /* WITH_SELINUX */
128 /* Can't turn no_leaf_check off because the user might have specified
133 case SYMLINK_DEREF_ARGSONLY: /* -H */
134 options.xstat = optionh_stat;
136 + options.x_getfilecon = getfilecon;
137 +#endif /* WITH_SELINUX */
138 options.no_leaf_check = true;
141 @@ -1129,6 +1149,10 @@
142 -readable -writable -executable\n\
143 -wholename PATTERN -size N[bcwkMG] -true -type [bcdpflsD] -uid N\n\
144 -used N -user NAME -xtype [bcdpfls]\n"));
147 + -context CONTEXT\n"));
148 +#endif /*WITH_SELINUX*/
150 actions: -delete -print0 -printf FORMAT -fprintf FILE FORMAT -print \n\
151 -fprint0 FILE -fprint FILE -ls -fls FILE -prune -quit\n\
152 @@ -2392,6 +2416,30 @@
159 +parse_scontext (const struct parser_table *entry, char **argv, int *arg_ptr)
161 + struct predicate *our_pred;
163 + if ( (argv == NULL) || (argv[*arg_ptr] == NULL) )
166 + our_pred = insert_primary_withpred (entry, pred_scontext);
167 + our_pred->need_stat = our_pred->need_type = false;
169 + our_pred->p_name = find_pred_name (pred_scontext);
172 + our_pred->args.scontext = argv[*arg_ptr];;
178 +#endif /*WITH_SELINUX*/
181 parse_used (const struct parser_table* entry, char **argv, int *arg_ptr)
183 @@ -2777,7 +2825,11 @@
185 for (scan2++; ISDIGIT (*scan2); scan2++)
188 + if (strchr ("abcdDfFgGhHiklmMnpPsStuUyYZ", *scan2))
189 +#else /* WITH_SELINUX */
190 if (strchr ("abcdDfFgGhHiklmMnpPsStuUyY", *scan2))
191 +#endif /* WITH_SELINUX */
193 segmentp = make_segment (segmentp, format, scan2 - format,
194 KIND_FORMAT, *scan2, 0,
195 --- findutils-4.2.11/find/pred.c.orig 2005-01-03 01:15:48.000000000 +0100
196 +++ findutils-4.2.11/find/pred.c 2005-01-09 18:22:25.204312920 +0100
198 #include "filemode.h"
202 +#include <selinux/selinux.h>
203 +#endif /*WITH_SELINUX*/
205 +#ifndef FNM_CASEFOLD
206 +#define FNM_CASEFOLD (1<<4)
207 +#endif /*FNM_CASEFOLD*/
210 # include <libintl.h>
211 # define _(Text) gettext (Text)
217 /* Get or fake the disk device blocksize.
218 Usually defined by sys/param.h (if at all). */
221 {pred_used, "used "},
222 {pred_user, "user "},
223 {pred_xtype, "xtype "},
225 + {pred_scontext, "context"},
226 +#endif /*WITH_SELINUX*/
235 + case 'Z': /* SELinux security context */
237 + security_context_t scontext;
239 + rv = (*options.x_getfilecon)(state.rel_pathname, &scontext);
242 + (void) fprintf(stderr, "getfileconf(%s): %s",
243 + pathname, strerror(errno));
244 + (void) fflush(stderr);
247 + segment->text[segment->text_len] = 's';
248 + checked_fprintf (dest, segment->text, scontext);
253 +#endif /* WITH_SELINUX */
257 @@ -1366,6 +1396,31 @@
259 return (pred_type (pathname, &sbuf, pred_ptr));
266 +pred_scontext (const char *pathname, struct stat *stat_buf, struct predicate *pred_ptr)
269 + security_context_t scontext;
271 + rv = (*options.x_getfilecon)(state.rel_pathname, &scontext);
274 + (void) fprintf(stderr, "getfilecon(%s): %s\n", pathname, strerror(errno));
275 + (void) fflush(stderr);
279 + rv= (strcmp(scontext, pred_ptr->args.scontext) == 0);
284 +#endif /*WITH_SELINUX*/
287 /* 1) fork to get a child; parent remembers the child pid
288 2) child execs the command requested
289 --- findutils-4.4.0/find/tree.c.orig 2007-12-20 22:40:35.000000000 +0100
290 +++ findutils-4.4.0/find/tree.c 2008-03-17 20:21:28.427267235 +0100
291 @@ -1194,6 +1194,9 @@
292 struct predicate *cur_pred;
293 const struct parser_table *entry_close, *entry_print, *entry_open;
296 + int is_selinux_enabled_flag;
297 +#endif /* WITH_SELINUX */
301 @@ -1230,6 +1233,14 @@
304 predicate_name = argv[i];
306 + if (! is_selinux_enabled_flag) {
307 + if ((strncmp(predicate_name,"-context",strlen("-context"))==0) ||
308 + (strncmp(predicate_name,"--context",strlen("--context"))==0)) {
309 + error (1, 0,_("Error: invalid predicate %s: the kernel is not SELinux-enabled.\n"),predicate_name);
313 parse_entry = find_parser (predicate_name);
314 if (parse_entry == NULL)
316 --- findutils-4.4.0/find/util.c.orig 2008-03-10 10:37:22.000000000 +0100
317 +++ findutils-4.4.0/find/util.c 2008-03-16 01:28:33.177920622 +0100
319 new_pred->pred_func = pred_func;
320 new_pred->p_name = entry->parser_name;
321 new_pred->args.str = NULL;
323 + new_pred->args.scontext = NULL;
325 new_pred->p_type = PRIMARY_TYPE;
326 new_pred->p_prec = NO_PREC;
328 --- findutils-4.4.0/po/pl.po.orig 2008-03-15 12:43:32.000000000 +0100
329 +++ findutils-4.4.0/po/pl.po 2008-03-17 20:28:05.717905863 +0100
331 " -wholename WZORZEC -size N[bcwkMG] -true -type [bcdpflsD] -uid N\n"
332 " -used N -user NAZWA -xtype [bcdpfls]\n"
334 +#: find/parser.c:1154
335 +msgid " -context CONTEXT\n"
336 +msgstr " -context KONTEKST\n"
338 #: find/parser.c:1132
340 "actions: -delete -print0 -printf FORMAT -fprintf FILE FORMAT -print \n"
342 msgid "unknown predicate `%s'"
343 msgstr "nieznane wyra¿enie `%s'"
347 +msgid "Error: invalid predicate %s: the kernel is not SELinux-enabled.\n"
348 +msgstr "B³±d: b³êdne wyra¿enie %s: j±dro nie ma w³±czonej obs³ugi SELinuksa.\n"
352 msgid "invalid predicate `%s'"