--- /dev/null
+--- findutils-4.1.20/find/Makefile.am.orig Mon May 26 20:02:34 2003
++++ findutils-4.1.20/find/Makefile.am Wed Jan 28 15:15:13 2004
+@@ -3,8 +3,9 @@
+ bin_PROGRAMS = find
+ find_SOURCES = find.c fstype.c parser.c pred.c tree.c util.c version.c
+ EXTRA_DIST = defs.h $(man_MANS)
++DEFS = @DEFS@ -I. -I$(srcdir) -I.. -DWITH_SELINUX
+ INCLUDES = -I../gnulib/lib -I$(top_srcdir)/lib -I$(top_srcdir)/gnulib/lib -I../intl -DLOCALEDIR=\"$(localedir)\"
+-LDADD = ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@
++LDADD = ../lib/libfind.a ../gnulib/lib/libgnulib.a @INTLLIBS@ -lselinux
+ man_MANS = find.1
+ SUBDIRS = testsuite
+
+--- findutils-4.1.7/find/defs.h.selinux 2001-05-20 16:39:37.000000000 -0400
++++ findutils-4.1.7/find/defs.h 2003-10-10 13:06:11.451070520 -0400
+@@ -118,6 +118,10 @@
+ #define MODE_RWX (S_IXUSR | S_IXGRP | S_IXOTH | MODE_RW)
+ #define MODE_ALL (S_ISUID | S_ISGID | S_ISVTX | MODE_RWX)
+
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++#endif /*WITH_SELINUX*/
++
+ /* Not char because of type promotion; NeXT gcc can't handle it. */
+ typedef int boolean;
+ #define true 1
+@@ -265,6 +269,9 @@
+ struct perm_val perm; /* perm */
+ mode_t type; /* type */
+ FILE *stream; /* fprint fprint0 */
++#ifdef WITH_SELINUX
++ security_context_t scontext; /* scontext */
++#endif /*WITH_SELINUX*/
+ struct format_val printf_vec; /* printf fprintf */
+ } args;
+
+@@ -310,6 +317,11 @@
+ VOID *xmalloc PARAMS((size_t n));
+ VOID *xrealloc PARAMS((VOID *p, size_t n));
+
++#ifdef WITH_SELINUX
++boolean pred_scontext PARAMS((char *pathname, struct stat *stat_buf, struct predicate *pred_ptr));
++extern int (*x_getfilecon) ();
++#endif /*WITH_SELINUX*/
++
+ /* xstrdup.c */
+ char *xstrdup PARAMS((char *string));
+
+--- findutils-4.1.7/find/find.1.selinux 2003-10-10 13:06:11.334084221 -0400
++++ findutils-4.1.7/find/find.1 2003-10-10 13:06:11.555058342 -0400
+@@ -230,6 +230,9 @@
+ file of type \fIc\fR; if \-follow has been given, true if \fIc\fR is
+ `l'. In other words, for symbolic links, \-xtype checks the type of
+ the file that \-type does not check.
++.IP "\-context \fIscontext\fR"
++.IP "\--context \fIscontext\fR"
++(SELinux only) File has the security context \fIscontext\fR.
+ .SS ACTIONS
+ .IP "\-exec \fIcommand\fR ;"
+ Execute \fIcommand\fR; true if 0 status is returned. All following
+@@ -419,6 +422,8 @@
+ File's user name, or numeric user ID if the user has no name.
+ .IP %U
+ File's numeric user ID.
++.IP %Z
++(SELinux only) file's security context.
+ .PP
+ A `%' character followed by any other character is discarded (but the
+ other character is printed).
+--- findutils-4.1.7/find/find.c.selinux 2001-05-20 16:39:37.000000000 -0400
++++ findutils-4.1.7/find/find.c 2003-10-10 13:06:11.556058225 -0400
+@@ -135,6 +135,9 @@
+
+ /* Pointer to the function used to stat files. */
+ int (*xstat) ();
++#ifdef WITH_SELINUX
++int (*x_getfilecon) ();
++#endif /* WITH_SELINUX */
+
+ /* Status value to return to system. */
+ int exit_status;
+@@ -181,6 +184,10 @@
+ xstat = debug_stat;
+ #else /* !DEBUG_STAT */
+ xstat = lstat;
++#ifdef WITH_SELINUX
++ int is_selinux_enabled_flag = is_selinux_enabled();
++ x_getfilecon = lgetfilecon;
++#endif /* WITH_SELINUX */
+ #endif /* !DEBUG_STAT */
+
+ human_block_size (getenv ("FIND_BLOCK_SIZE"), 0, &output_block_size);
+@@ -202,6 +209,14 @@
+ if (strchr ("-!(),", argv[i][0]) == NULL)
+ usage (_("paths must precede expression"));
+ predicate_name = argv[i];
++#ifdef WITH_SELINUX
++ if (! is_selinux_enabled_flag) {
++ if ((strncmp(predicate_name,"-context",strlen("-context"))==0) ||
++ (strncmp(predicate_name,"--context",strlen("--context"))==0)) {
++ error (1, 0,_("Error: invalid predicate %s: the kernel is not SELinux-enabled.\n"),predicate_name);
++ }
++ }
++#endif
+ parse_function = find_parser (predicate_name);
+ if (parse_function == NULL)
+ /* Command line option not recognized */
+--- findutils-4.1.7/find/parser.c.selinux 2001-05-20 16:39:37.000000000 -0400
++++ findutils-4.1.7/find/parser.c 2003-10-10 13:06:11.558057991 -0400
+@@ -23,6 +23,10 @@
+ #include "modetype.h"
+ #include "xstrtol.h"
+
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++#endif /*WITH_SELINUX*/
++
+ #if ENABLE_NLS
+ # include <libintl.h>
+ # define _(Text) gettext (Text)
+@@ -113,6 +117,9 @@
+ static boolean parse_version PARAMS((char *argv[], int *arg_ptr));
+ static boolean parse_xdev PARAMS((char *argv[], int *arg_ptr));
+ static boolean parse_xtype PARAMS((char *argv[], int *arg_ptr));
++#ifdef WITH_SELINUX
++static boolean parse_scontext PARAMS((char *argv[], int *arg_ptr));
++#endif /*WITH_SELINUX*/
+
+ static boolean insert_regex PARAMS((char *argv[], int *arg_ptr, boolean ignore_case));
+ static boolean insert_type PARAMS((char *argv[], int *arg_ptr, boolean (*which_pred )()));
+@@ -215,7 +222,11 @@
+ {"-version", parse_version}, /* GNU */
+ {"xdev", parse_xdev},
+ {"xtype", parse_xtype}, /* GNU */
+- {0, 0}
++#ifdef WITH_SELINUX
++ {"context", parse_scontext}, /* SELINUX */
++ {"-context", parse_scontext}, /* SELINUX */
++#endif /*WITH_SELINUX*/
++ {0, 0}
+ };
+ \f
+ /* Return a pointer to the parser function to invoke for predicate
+@@ -465,7 +476,10 @@
+ {
+ dereference = true;
+ xstat = stat;
+- no_leaf_check = true;
++#ifdef WITH_SELINUX
++ x_getfilecon = getfilecon;
++#endif /* WITH_SELINUX */
++ no_leaf_check = true;
+ return (true);
+ }
+
+@@ -570,6 +584,10 @@
+ -nouser -nogroup -path PATTERN -perm [+-]MODE -regex PATTERN\n\
+ -size N[bckw] -true -type [bcdpfls] -uid N -used N -user NAME\n\
+ -xtype [bcdpfls]\n"));
++#ifdef WITH_SELINUX
++ puts (_("\
++ -context CONTEXT\n"));
++#endif /*WITH_SELINUX*/
+ puts (_("\
+ actions: -exec COMMAND ; -fprint FILE -fprint0 FILE -fprintf FILE FORMAT\n\
+ -ok COMMAND ; -print -print0 -printf FORMAT -prune -ls\n"));
+@@ -1200,6 +1218,32 @@
+ return true;
+ }
+
++#ifdef WITH_SELINUX
++
++static boolean
++parse_scontext ( argv, arg_ptr )
++ char *argv[];
++ int *arg_ptr;
++{
++ struct predicate *our_pred;
++
++ if ( (argv == NULL) || (argv[*arg_ptr] == NULL) )
++ return( false );
++
++ our_pred = insert_primary(pred_scontext);
++ our_pred->need_stat = false;
++#ifdef DEBUG
++ our_pred->p_name = find_pred_name (pred_scontext);
++#endif /*DEBUG*/
++
++ our_pred->args.scontext = argv[*arg_ptr];;
++
++ (*arg_ptr)++;
++ return( true );
++}
++
++#endif /*WITH_SELINUX*/
++
+ static boolean
+ parse_xtype (char **argv, int *arg_ptr)
+ {
+@@ -1358,7 +1402,11 @@
+ if (*scan2 == '.')
+ for (scan2++; ISDIGIT (*scan2); scan2++)
+ /* Do nothing. */ ;
+- if (strchr ("abcdfFgGhHiklmnpPstuU", *scan2))
++#ifdef WITH_SELINUX
++ if (strchr ("abcdfFgGhHiklmnpPstuUZ", *scan2))
++#else /* WITH_SELINUX */
++ if (strchr ("abcdfFgGhHiklmnpPstuU", *scan2))
++#endif /* WITH_SELINUX */
+ {
+ segmentp = make_segment (segmentp, format, scan2 - format,
+ (int) *scan2);
+--- findutils-4.1.7/find/pred.c.selinux 2001-05-20 16:39:37.000000000 -0400
++++ findutils-4.1.7/find/pred.c 2003-10-10 13:15:13.752422594 -0400
+@@ -27,6 +27,14 @@
+ #include "modetype.h"
+ #include "wait.h"
+
++#ifdef WITH_SELINUX
++#include <selinux/selinux.h>
++#endif /*WITH_SELINUX*/
++
++#ifndef FNM_CASEFOLD
++#define FNM_CASEFOLD (1<<4)
++#endif /*FNM_CASEFOLD*/
++
+ #if ENABLE_NLS
+ # include <libintl.h>
+ # define _(Text) gettext (Text)
+@@ -69,7 +77,6 @@
+
+ extern int yesno ();
+
+-
+ /* Get or fake the disk device blocksize.
+ Usually defined by sys/param.h (if at all). */
+ #ifndef DEV_BSIZE
+@@ -196,6 +203,9 @@
+ {pred_used, "used "},
+ {pred_user, "user "},
+ {pred_xtype, "xtype "},
++#ifdef WITH_SELINUX
++ {pred_scontext, "context"},
++#endif /*WITH_SELINUX*/
+ {0, "none "}
+ };
+
+@@ -719,6 +729,26 @@
+ fprintf (fp, segment->text,
+ human_readable ((uintmax_t) stat_buf->st_uid, hbuf, 1, 1));
+ break;
++#ifdef WITH_SELINUX
++ case 'Z': /* SELinux security context */
++ {
++ security_context_t scontext;
++ int rv;
++ rv = (*x_getfilecon)(rel_pathname, &scontext);
++
++ if ( rv < 0 ) {
++ (void) fprintf(stderr, "getfileconf(%s): %s",
++ pathname, strerror(errno));
++ (void) fflush(stderr);
++ }
++ else {
++ segment->text[segment->text_len] = 's';
++ (void) fprintf (fp, segment->text, scontext);
++ freecon(scontext);
++ }
++ }
++ break ;
++#endif /* WITH_SELINUX */
+ }
+ }
+ return (true);
+@@ -1220,6 +1250,34 @@
+ }
+ return (pred_type (pathname, &sbuf, pred_ptr));
+ }
++
++
++#ifdef WITH_SELINUX
++
++boolean
++pred_scontext ( pathname, stat_buf, pred_ptr )
++ char *pathname;
++ struct stat *stat_buf;
++ struct predicate *pred_ptr;
++{
++ int rv;
++ security_context_t scontext;
++
++ rv = (* x_getfilecon)(rel_pathname, &scontext);
++
++ if ( rv < 0 ) {
++ (void) fprintf(stderr, "getfilecon(%s): %s\n", pathname, strerror(errno));
++ (void) fflush(stderr);
++ return ( false );
++ }
++
++ rv= (strcmp( scontext,pred_ptr->args.scontext) == 0 );
++ freecon(scontext);
++ return rv;
++}
++
++#endif /*WITH_SELINUX*/
++
+ \f
+ /* 1) fork to get a child; parent remembers the child pid
+ 2) child execs the command requested
+--- findutils-4.1.7/find/util.c.selinux 2001-05-20 16:39:37.000000000 -0400
++++ findutils-4.1.7/find/util.c 2003-10-10 13:19:10.869534272 -0400
+@@ -65,6 +65,9 @@
+ last_pred->no_default_print = false;
+ last_pred->need_stat = true;
+ last_pred->args.str = NULL;
++#ifdef WITH_SELINUX
++ last_pred->args.scontext = NULL;
++#endif
+ last_pred->pred_next = NULL;
+ last_pred->pred_left = NULL;
+ last_pred->pred_right = NULL;
+--- findutils-4.1.20/po/pl.po.orig Wed Jan 28 15:12:55 2004
++++ findutils-4.1.20/po/pl.po Wed Jan 28 15:37:07 2004
+@@ -216,6 +216,11 @@
+ msgid "paths must precede expression"
+ msgstr "¶cie¿ki musz± poprzedzaæ wyra¿enie"
+
++#: find/find.c:217
++#, c-format
++msgid "Error: invalid predicate %s: the kernel is not SELinux-enabled.\n"
++msgstr "B³±d: b³êdne wyra¿enie %s: j±dro nie ma w³±czonej obs³ugi SELinuksa.\n"
++
+ #. Command line option not recognized
+ #: find/find.c:209
+ #, c-format
+@@ -316,6 +321,10 @@
+ " -size N[bckw] -true -type [bcdpfls] -uid N -used N -user NAZWA\n"
+ " -xtype [bcdpfls]\n"
+
++#: find/parser.c:590
++msgid " -context CONTEXT\n"
++msgstr " -context KONTEKST\n"
++
+ #: find/parser.c:575
+ msgid ""
+ "actions: -exec COMMAND ; -fprint FILE -fprint0 FILE -fprintf FILE FORMAT\n"