[packages/vim.git] / vim-selinux.patch

--- vim62/src/configure.in.selinux	2003-12-17 11:37:19.480620103 -0500
+++ vim62/src/configure.in	2003-12-17 11:37:19.830641688 -0500
@@ -2101,6 +2101,20 @@
   AC_MSG_RESULT(yes)
 fi
 
+dnl vim: set sw=2 tw=78 fo+=l:
+dnl Link with -lselinux for SELinux stuff; if not found
+AC_MSG_CHECKING(--disable-selinux argument)
+AC_ARG_ENABLE(selinux,
+	[  --disable-selinux	  Don't check for SELinux support.],
+	, [enable_selinux="yes"])
+if test "$enable_selinux" = "yes"; then
+   AC_MSG_RESULT(no)
+   AC_CHECK_LIB(selinux, is_selinux_enabled, [LIBS="$LIBS -lselinux"])
+   AC_DEFINE(HAVE_SELINUX)
+else
+   AC_MSG_RESULT(yes)
+fi
+
 AC_MSG_CHECKING(--disable-gpm argument)
 AC_ARG_ENABLE(gpm,
 	[  --disable-gpm           Don't use gpm (Linux mouse daemon).], ,
--- vim62/src/config.h.in.selinux	2003-05-25 12:07:42.000000000 -0400
+++ vim62/src/config.h.in	2003-12-17 11:37:19.840642305 -0500
@@ -155,6 +155,7 @@
 #undef HAVE_READLINK
 #undef HAVE_RENAME
 #undef HAVE_SELECT
+#undef HAVE_SELINUX
 #undef HAVE_SETENV
 #undef HAVE_SETPGID
 #undef HAVE_SETSID
--- vim62/src/fileio.c.selinux	2003-12-17 11:37:19.120597902 -0500
+++ vim62/src/fileio.c	2003-12-17 12:08:00.694335982 -0500
@@ -1,3 +1,4 @@
+
 /* vi:set ts=8 sts=4 sw=4:
  *
  * VIM - Vi IMproved	by Bram Moolenaar
@@ -3079,6 +3080,9 @@
 						)
 			    mch_setperm(backup,
 					  (perm & 0707) | ((perm & 07) << 3));
+#ifdef HAVE_SELINUX
+			mch_copy_sec(backup, fname);
+#endif
 #endif
 
 			/*
@@ -3115,6 +3119,9 @@
 #ifdef HAVE_ACL
 			mch_set_acl(backup, acl);
 #endif
+#ifdef HAVE_SELINUX
+			mch_copy_sec(backup,fname);
+#endif
 			break;
 		    }
 		}
@@ -3719,6 +3726,12 @@
 	mch_set_acl(wfname, acl);
 #endif
 
+#ifdef HAVE_SELINUX
+    /* Probably need to set the security context */
+    if (!backup_copy)
+	mch_copy_sec(backup, wfname);
+#endif
+
 #ifdef UNIX
     /* When creating a new file, set its owner/group to that of the original
      * file.  Get the new device and inode number. */
--- vim62/src/os_unix.c.selinux	2003-12-17 11:37:18.540562133 -0500
+++ vim62/src/os_unix.c	2003-12-17 12:11:54.558800808 -0500
@@ -41,6 +41,10 @@
 # include <X11/SM/SMlib.h>
 #endif
 
+#ifdef HAVE_SELINUX
+#include <selinux/selinux.h>
+static int selinux_enabled=-1;
+#endif
 /*
  * Use this prototype for select, some include files have a wrong prototype
  */
@@ -2279,6 +2283,45 @@
 } vim_acl_solaris_T;
 # endif
 
+mch_copy_sec(from_file, to_file)
+     char_u	*from_file;
+     char_u	*to_file;
+{
+  if (from_file == NULL)
+    return;
+  
+#ifdef HAVE_SELINUX
+  if (selinux_enabled == -1)
+    selinux_enabled = (is_selinux_enabled () > 0);
+
+  if (selinux_enabled)
+    {
+      security_context_t scontext;
+      if (getfilecon (from_file, &scontext) < 0)
+	{
+	  /* If the filesystem doesn't support extended attributes,
+	     the original had no special security context and the
+	     target cannot have one either.  */
+	  if (errno == EOPNOTSUPP)
+	    return ;
+	  
+	  MSG_PUTS(_("\nCould not get security context for "));
+	  msg_outtrans(from_file);
+	  msg_putchar('\n');
+	  return ;
+	}
+      if (setfilecon (to_file, scontext) < 0)
+	{
+	  MSG_PUTS(_("\nCould not set security context for "));
+	  msg_outtrans(to_file);
+	  msg_putchar('\n');
+	  freecon (scontext);
+	  return ;
+	}
+      freecon (scontext);
+    }
+#endif /* HAVE_SELINUX */
+}
 /*
  * Return a pointer to the ACL of file "fname" in allocated memory.
  * Return NULL if the ACL is not available for whatever reason.
;--- vim64/src/po/pl.po.orig	2004-06-11 10:58:45.000000000 +0200
;+++ vim64/src/po/pl.po	2005-10-28 23:34:15.523950872 +0200
;@@ -4826,6 +4826,22 @@
; msgid "Opening the X display timed out"
Commit	Line	Data
c3d54a24 AM	1	--- vim62/src/configure.in.selinux 2003-12-17 11:37:19.480620103 -0500
	2	+++ vim62/src/configure.in 2003-12-17 11:37:19.830641688 -0500
	3	@@ -2101,6 +2101,20 @@
	4	AC_MSG_RESULT(yes)
	5	fi
	6
	7	+dnl vim: set sw=2 tw=78 fo+=l:
	8	+dnl Link with -lselinux for SELinux stuff; if not found
	9	+AC_MSG_CHECKING(--disable-selinux argument)
	10	+AC_ARG_ENABLE(selinux,
	11	+ [ --disable-selinux Don't check for SELinux support.],
	12	+ , [enable_selinux="yes"])
	13	+if test "$enable_selinux" = "yes"; then
	14	+ AC_MSG_RESULT(no)
	15	+ AC_CHECK_LIB(selinux, is_selinux_enabled, [LIBS="$LIBS -lselinux"])
	16	+ AC_DEFINE(HAVE_SELINUX)
	17	+else
	18	+ AC_MSG_RESULT(yes)
	19	+fi
	20	+
	21	AC_MSG_CHECKING(--disable-gpm argument)
	22	AC_ARG_ENABLE(gpm,
	23	[ --disable-gpm Don't use gpm (Linux mouse daemon).], ,
	24	--- vim62/src/config.h.in.selinux 2003-05-25 12:07:42.000000000 -0400
	25	+++ vim62/src/config.h.in 2003-12-17 11:37:19.840642305 -0500
	26	@@ -155,6 +155,7 @@
	27	#undef HAVE_READLINK
	28	#undef HAVE_RENAME
	29	#undef HAVE_SELECT
	30	+#undef HAVE_SELINUX
	31	#undef HAVE_SETENV
	32	#undef HAVE_SETPGID
	33	#undef HAVE_SETSID
	34	--- vim62/src/fileio.c.selinux 2003-12-17 11:37:19.120597902 -0500
	35	+++ vim62/src/fileio.c 2003-12-17 12:08:00.694335982 -0500
	36	@@ -1,3 +1,4 @@
	37	+
	38	/* vi:set ts=8 sts=4 sw=4:
	39	*
	40	* VIM - Vi IMproved by Bram Moolenaar
	41	@@ -3079,6 +3080,9 @@
	42	)
	43	mch_setperm(backup,
	44	(perm & 0707) \| ((perm & 07) << 3));
	45	+#ifdef HAVE_SELINUX
	46	+ mch_copy_sec(backup, fname);
	47	+#endif
	48	#endif
	49
	50	/*
	51	@@ -3115,6 +3119,9 @@
	52	#ifdef HAVE_ACL
	53	mch_set_acl(backup, acl);
	54	#endif
	55	+#ifdef HAVE_SELINUX
	56	+ mch_copy_sec(backup,fname);
	57	+#endif
	58	break;
	59	}
	60	}
	61	@@ -3719,6 +3726,12 @@
	62	mch_set_acl(wfname, acl);
	63	#endif
	64
65	+#ifdef HAVE_SELINUX
66	+ /* Probably need to set the security context */
67	+ if (!backup_copy)
68	+ mch_copy_sec(backup, wfname);
69	+#endif
70	+
71	#ifdef UNIX
72	/* When creating a new file, set its owner/group to that of the original
73	* file. Get the new device and inode number. */
74	--- vim62/src/os_unix.c.selinux 2003-12-17 11:37:18.540562133 -0500
75	+++ vim62/src/os_unix.c 2003-12-17 12:11:54.558800808 -0500
76	@@ -41,6 +41,10 @@
77	# include <X11/SM/SMlib.h>
78	#endif
79
80	+#ifdef HAVE_SELINUX
81	+#include <selinux/selinux.h>
82	+static int selinux_enabled=-1;
83	+#endif
84	/*
85	* Use this prototype for select, some include files have a wrong prototype
86	*/
87	@@ -2279,6 +2283,45 @@
88	} vim_acl_solaris_T;
89	# endif
90
91	+mch_copy_sec(from_file, to_file)
92	+ char_u *from_file;
93	+ char_u *to_file;
94	+{
95	+ if (from_file == NULL)
96	+ return;
97	+
98	+#ifdef HAVE_SELINUX
99	+ if (selinux_enabled == -1)
9809fadc	100	+ selinux_enabled = (is_selinux_enabled () > 0);
c3d54a24 AM	101	+
	102	+ if (selinux_enabled)
	103	+ {
	104	+ security_context_t scontext;
	105	+ if (getfilecon (from_file, &scontext) < 0)
	106	+ {
	107	+ /* If the filesystem doesn't support extended attributes,
	108	+ the original had no special security context and the
	109	+ target cannot have one either. */
	110	+ if (errno == EOPNOTSUPP)
	111	+ return ;
	112	+
	113	+ MSG_PUTS(_("\nCould not get security context for "));
	114	+ msg_outtrans(from_file);
	115	+ msg_putchar('\n');
	116	+ return ;
	117	+ }
	118	+ if (setfilecon (to_file, scontext) < 0)
	119	+ {
	120	+ MSG_PUTS(_("\nCould not set security context for "));
	121	+ msg_outtrans(to_file);
	122	+ msg_putchar('\n');
	123	+ freecon (scontext);
	124	+ return ;
	125	+ }
	126	+ freecon (scontext);
	127	+ }
	128	+#endif /* HAVE_SELINUX */
	129	+}
	130	/*
	131	* Return a pointer to the ACL of file "fname" in allocated memory.
	132	* Return NULL if the ACL is not available for whatever reason.
e6b208ac AM	133	;--- vim64/src/po/pl.po.orig 2004-06-11 10:58:45.000000000 +0200
	134	;+++ vim64/src/po/pl.po 2005-10-28 23:34:15.523950872 +0200
	135	;@@ -4826,6 +4826,22 @@
	136	; msgid "Opening the X display timed out"
	137