--- /dev/null
+--- vim62/src/configure.in.selinux 2003-12-17 11:37:19.480620103 -0500
++++ vim62/src/configure.in 2003-12-17 11:37:19.830641688 -0500
+@@ -2101,6 +2101,20 @@
+ AC_MSG_RESULT(yes)
+ fi
+
++dnl vim: set sw=2 tw=78 fo+=l:
++dnl Link with -lselinux for SELinux stuff; if not found
++AC_MSG_CHECKING(--disable-selinux argument)
++AC_ARG_ENABLE(selinux,
++ [ --disable-selinux Don't check for SELinux support.],
++ , [enable_selinux="yes"])
++if test "$enable_selinux" = "yes"; then
++ AC_MSG_RESULT(no)
++ AC_CHECK_LIB(selinux, is_selinux_enabled, [LIBS="$LIBS -lselinux"])
++ AC_DEFINE(HAVE_SELINUX)
++else
++ AC_MSG_RESULT(yes)
++fi
++
+ AC_MSG_CHECKING(--disable-gpm argument)
+ AC_ARG_ENABLE(gpm,
+ [ --disable-gpm Don't use gpm (Linux mouse daemon).], ,
+--- vim62/src/config.h.in.selinux 2003-05-25 12:07:42.000000000 -0400
++++ vim62/src/config.h.in 2003-12-17 11:37:19.840642305 -0500
+@@ -155,6 +155,7 @@
+ #undef HAVE_READLINK
+ #undef HAVE_RENAME
+ #undef HAVE_SELECT
++#undef HAVE_SELINUX
+ #undef HAVE_SETENV
+ #undef HAVE_SETPGID
+ #undef HAVE_SETSID
+--- vim62/src/fileio.c.selinux 2003-12-17 11:37:19.120597902 -0500
++++ vim62/src/fileio.c 2003-12-17 12:08:00.694335982 -0500
+@@ -1,3 +1,4 @@
++
+ /* vi:set ts=8 sts=4 sw=4:
+ *
+ * VIM - Vi IMproved by Bram Moolenaar
+@@ -3079,6 +3080,9 @@
+ )
+ mch_setperm(backup,
+ (perm & 0707) | ((perm & 07) << 3));
++#ifdef HAVE_SELINUX
++ mch_copy_sec(backup, fname);
++#endif
+ #endif
+
+ /*
+@@ -3115,6 +3119,9 @@
+ #ifdef HAVE_ACL
+ mch_set_acl(backup, acl);
+ #endif
++#ifdef HAVE_SELINUX
++ mch_copy_sec(backup,fname);
++#endif
+ break;
+ }
+ }
+@@ -3719,6 +3726,12 @@
+ mch_set_acl(wfname, acl);
+ #endif
+
++#ifdef HAVE_SELINUX
++ /* Probably need to set the security context */
++ if (!backup_copy)
++ mch_copy_sec(backup, wfname);
++#endif
++
+ #ifdef UNIX
+ /* When creating a new file, set its owner/group to that of the original
+ * file. Get the new device and inode number. */
+--- vim62/src/os_unix.c.selinux 2003-12-17 11:37:18.540562133 -0500
++++ vim62/src/os_unix.c 2003-12-17 12:11:54.558800808 -0500
+@@ -41,6 +41,10 @@
+ # include <X11/SM/SMlib.h>
+ #endif
+
++#ifdef HAVE_SELINUX
++#include <selinux/selinux.h>
++static int selinux_enabled=-1;
++#endif
+ /*
+ * Use this prototype for select, some include files have a wrong prototype
+ */
+@@ -2279,6 +2283,45 @@
+ } vim_acl_solaris_T;
+ # endif
+
++mch_copy_sec(from_file, to_file)
++ char_u *from_file;
++ char_u *to_file;
++{
++ if (from_file == NULL)
++ return;
++
++#ifdef HAVE_SELINUX
++ if (selinux_enabled == -1)
++ selinux_enabled = is_selinux_enabled ();
++
++ if (selinux_enabled)
++ {
++ security_context_t scontext;
++ if (getfilecon (from_file, &scontext) < 0)
++ {
++ /* If the filesystem doesn't support extended attributes,
++ the original had no special security context and the
++ target cannot have one either. */
++ if (errno == EOPNOTSUPP)
++ return ;
++
++ MSG_PUTS(_("\nCould not get security context for "));
++ msg_outtrans(from_file);
++ msg_putchar('\n');
++ return ;
++ }
++ if (setfilecon (to_file, scontext) < 0)
++ {
++ MSG_PUTS(_("\nCould not set security context for "));
++ msg_outtrans(to_file);
++ msg_putchar('\n');
++ freecon (scontext);
++ return ;
++ }
++ freecon (scontext);
++ }
++#endif /* HAVE_SELINUX */
++}
+ /*
+ * Return a pointer to the ACL of file "fname" in allocated memory.
+ * Return NULL if the ACL is not available for whatever reason.
projects / packages / vim.git / commitdiff