|
Jindrich Novy |
30ccf0 |
Index: dump/configure.in
|
|
Jindrich Novy |
30ccf0 |
===================================================================
|
|
Jindrich Novy |
30ccf0 |
RCS file: /cvsroot/dump/dump/configure.in,v
|
|
Jindrich Novy |
30ccf0 |
retrieving revision 1.40
|
|
Jindrich Novy |
30ccf0 |
diff -u -p -r1.40 configure.in
|
|
Jindrich Novy |
30ccf0 |
--- dump/configure.in 2 May 2005 15:10:44 -0000 1.40
|
|
Jindrich Novy |
30ccf0 |
+++ dump/configure.in 17 Jun 2006 01:14:39 -0000
|
|
Jindrich Novy |
30ccf0 |
@@ -253,6 +253,29 @@ fi
|
|
Jindrich Novy |
30ccf0 |
echo "Not including Mac OSX restore compatibility code by default"
|
|
Jindrich Novy |
30ccf0 |
)
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
+dnl
|
|
Jindrich Novy |
30ccf0 |
+dnl Handle --enable-transselinux
|
|
Jindrich Novy |
30ccf0 |
+dnl
|
|
Jindrich Novy |
30ccf0 |
+AC_ARG_ENABLE([transselinux],
|
|
Jindrich Novy |
30ccf0 |
+[ --enable-transselinux restore can translate SELinux EAs (default is YES)],
|
|
Jindrich Novy |
30ccf0 |
+if test "$enableval" = "yes"
|
|
Jindrich Novy |
30ccf0 |
+then
|
|
Jindrich Novy |
30ccf0 |
+ LTRANSSELINUX="-lselinux"
|
|
Jindrich Novy |
30ccf0 |
+ CCTRANSSELINUX="-DTRANSSELINUX"
|
|
Jindrich Novy |
30ccf0 |
+ echo "restore can translate SELinux EAs"
|
|
Jindrich Novy |
30ccf0 |
+else
|
|
Jindrich Novy |
30ccf0 |
+ LTRANSSELINUX=""
|
|
Jindrich Novy |
30ccf0 |
+ CCTRANSSELINUX=""
|
|
Jindrich Novy |
30ccf0 |
+ echo "restore can not translate SELinux EAs"
|
|
Jindrich Novy |
30ccf0 |
+fi
|
|
Jindrich Novy |
30ccf0 |
+,
|
|
Jindrich Novy |
30ccf0 |
+LTRANSSELINUX="-lselinux"
|
|
Jindrich Novy |
30ccf0 |
+CCTRANSSELINUX="-DTRANSSELINUX"
|
|
Jindrich Novy |
30ccf0 |
+echo "restore can translate SELinux EAs by default"
|
|
Jindrich Novy |
30ccf0 |
+)
|
|
Jindrich Novy |
30ccf0 |
+AC_SUBST(LTRANSSELINUX)
|
|
Jindrich Novy |
30ccf0 |
+AC_SUBST(CCTRANSSELINUX)
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
dnl
|
|
Jindrich Novy |
30ccf0 |
dnl set $(CC) from --with-cc=value
|
|
Jindrich Novy |
30ccf0 |
Index: dump/restore/Makefile.in
|
|
Jindrich Novy |
30ccf0 |
===================================================================
|
|
Jindrich Novy |
30ccf0 |
RCS file: /cvsroot/dump/dump/restore/Makefile.in,v
|
|
Jindrich Novy |
30ccf0 |
retrieving revision 1.13
|
|
Jindrich Novy |
30ccf0 |
diff -u -p -r1.13 Makefile.in
|
|
Jindrich Novy |
30ccf0 |
--- dump/restore/Makefile.in 2 May 2005 15:10:46 -0000 1.13
|
|
Jindrich Novy |
30ccf0 |
+++ dump/restore/Makefile.in 17 Jun 2006 01:14:39 -0000
|
|
Jindrich Novy |
30ccf0 |
@@ -7,9 +7,9 @@ top_builddir= ..
|
|
Jindrich Novy |
30ccf0 |
@MCONFIG@
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
INC= -I$(top_srcdir)/restore
|
|
Jindrich Novy |
30ccf0 |
-ALL_CFLAGS= @CPPFLAGS@ @CFLAGS@ @CCOPTS@ -pipe $(OPT) $(GINC) $(INC) $(DEFS) @RESTOREDEBUG@
|
|
Jindrich Novy |
30ccf0 |
+ALL_CFLAGS= @CPPFLAGS@ @CFLAGS@ @CCOPTS@ @CCTRANSSELINUX@ -pipe $(OPT) $(GINC) $(INC) $(DEFS) @RESTOREDEBUG@
|
|
Jindrich Novy |
30ccf0 |
ALL_LDFLAGS= @LDFLAGS@ @LDOPTS@ @STATIC@
|
|
Jindrich Novy |
30ccf0 |
-LIBS= $(GLIBS) -le2p @READLINE@ @ZLIB@ @BZLIB@
|
|
Jindrich Novy |
30ccf0 |
+LIBS= $(GLIBS) -le2p @READLINE@ @ZLIB@ @BZLIB@ @LTRANSSELINUX@
|
|
Jindrich Novy |
30ccf0 |
DEPLIBS= ../compat/lib/libcompat.a
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
PROG= restore
|
|
Jindrich Novy |
30ccf0 |
Index: dump/restore/main.c
|
|
Jindrich Novy |
30ccf0 |
===================================================================
|
|
Jindrich Novy |
30ccf0 |
RCS file: /cvsroot/dump/dump/restore/main.c,v
|
|
Jindrich Novy |
30ccf0 |
retrieving revision 1.50
|
|
Jindrich Novy |
30ccf0 |
diff -u -p -r1.50 main.c
|
|
Jindrich Novy |
30ccf0 |
--- dump/restore/main.c 7 Jul 2005 09:16:08 -0000 1.50
|
|
Jindrich Novy |
30ccf0 |
+++ dump/restore/main.c 17 Jun 2006 01:14:39 -0000
|
|
Jindrich Novy |
30ccf0 |
@@ -127,6 +127,11 @@ unsigned long qfadumpdate;
|
|
Jindrich Novy |
30ccf0 |
long long curtapepos;
|
|
Jindrich Novy |
30ccf0 |
#endif /* USE_QFA */
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
+int transselinuxflag = 0;
|
|
Jindrich Novy |
30ccf0 |
+char *transselinuxarg = NULL;
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
long smtc_errno;
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
#if defined(__linux__) || defined(sunos)
|
|
Jindrich Novy |
30ccf0 |
@@ -157,6 +162,9 @@ main(int argc, char *argv[])
|
|
Jindrich Novy |
30ccf0 |
tapeposflag = 0;
|
|
Jindrich Novy |
30ccf0 |
createtapeposflag = 0;
|
|
Jindrich Novy |
30ccf0 |
#endif /* USE_QFA */
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
+ char transselinuxopt;
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
/* Temp files should *not* be readable. We set permissions later. */
|
|
Jindrich Novy |
30ccf0 |
orig_umask = umask(FORCED_UMASK);
|
|
Jindrich Novy |
30ccf0 |
@@ -178,7 +186,11 @@ main(int argc, char *argv[])
|
|
Jindrich Novy |
30ccf0 |
;
|
|
Jindrich Novy |
30ccf0 |
obsolete(&argc, &argv);
|
|
Jindrich Novy |
30ccf0 |
while ((ch = getopt(argc, argv,
|
|
Jindrich Novy |
30ccf0 |
- "aA:b:CcdD:f:F:hH:i"
|
|
Jindrich Novy |
30ccf0 |
+ "aA:b:CcdD:"
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
+ "eE:"
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
+ "f:F:hH:i"
|
|
Jindrich Novy |
30ccf0 |
#ifdef KERBEROS
|
|
Jindrich Novy |
30ccf0 |
"k"
|
|
Jindrich Novy |
30ccf0 |
#endif
|
|
Jindrich Novy |
30ccf0 |
@@ -211,6 +223,17 @@ main(int argc, char *argv[])
|
|
Jindrich Novy |
30ccf0 |
strncpy(filesys, optarg, NAMELEN);
|
|
Jindrich Novy |
30ccf0 |
filesys[NAMELEN - 1] = '\0';
|
|
Jindrich Novy |
30ccf0 |
break;
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
+ case 'e':
|
|
Jindrich Novy |
30ccf0 |
+ transselinuxflag = 1;
|
|
Jindrich Novy |
30ccf0 |
+ transselinuxopt = ch;
|
|
Jindrich Novy |
30ccf0 |
+ break;
|
|
Jindrich Novy |
30ccf0 |
+ case 'E':
|
|
Jindrich Novy |
30ccf0 |
+ transselinuxflag = 1;
|
|
Jindrich Novy |
30ccf0 |
+ transselinuxarg = optarg;
|
|
Jindrich Novy |
30ccf0 |
+ transselinuxopt = ch;
|
|
Jindrich Novy |
30ccf0 |
+ break;
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
case 'T':
|
|
Jindrich Novy |
30ccf0 |
tmpdir = optarg;
|
|
Jindrich Novy |
30ccf0 |
break;
|
|
Jindrich Novy |
30ccf0 |
@@ -340,6 +363,11 @@ main(int argc, char *argv[])
|
|
Jindrich Novy |
30ccf0 |
if (Afile && command != 'i' && command != 'x' && command != 't')
|
|
Jindrich Novy |
30ccf0 |
errx(1, "A option is not valid for %c command", command);
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
+ if (transselinuxflag && !strchr("CirRx", command))
|
|
Jindrich Novy |
30ccf0 |
+ errx(1, "%c option is not valid for %c command", transselinuxopt, command);
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
if (signal(SIGINT, onintr) == SIG_IGN)
|
|
Jindrich Novy |
30ccf0 |
(void) signal(SIGINT, SIG_IGN);
|
|
Jindrich Novy |
30ccf0 |
if (signal(SIGTERM, onintr) == SIG_IGN)
|
|
Jindrich Novy |
30ccf0 |
@@ -447,7 +475,7 @@ main(int argc, char *argv[])
|
|
Jindrich Novy |
30ccf0 |
comparedirmodes();
|
|
Jindrich Novy |
30ccf0 |
checkrestore();
|
|
Jindrich Novy |
30ccf0 |
if (compare_errors) {
|
|
Jindrich Novy |
30ccf0 |
- printf("Some files were modified!\n");
|
|
Jindrich Novy |
30ccf0 |
+ printf("Some files were modified! %d compare errors\n", compare_errors);
|
|
Jindrich Novy |
30ccf0 |
exit(2);
|
|
Jindrich Novy |
30ccf0 |
}
|
|
Jindrich Novy |
30ccf0 |
break;
|
|
Jindrich Novy |
30ccf0 |
@@ -685,24 +713,31 @@ usage(void)
|
|
Jindrich Novy |
30ccf0 |
#define qfaflag
|
|
Jindrich Novy |
30ccf0 |
#endif
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
+# define tseflag "e"
|
|
Jindrich Novy |
30ccf0 |
+# define tsEflag "[-E mls] "
|
|
Jindrich Novy |
30ccf0 |
+#else
|
|
Jindrich Novy |
30ccf0 |
+# define tseflag
|
|
Jindrich Novy |
30ccf0 |
+# define tsEflag
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
fprintf(stderr,
|
|
Jindrich Novy |
30ccf0 |
"usage:"
|
|
Jindrich Novy |
30ccf0 |
- "\t%s -C [-cdH" kerbflag "lMvVy] [-b blocksize] [-D filesystem] [-f file]\n"
|
|
Jindrich Novy |
30ccf0 |
- "\t%s [-F script] [-L limit] [-s fileno]\n"
|
|
Jindrich Novy |
30ccf0 |
- "\t%s -i [-acdhH" kerbflag "lmMouvVy] [-A file] [-b blocksize] [-f file]\n"
|
|
Jindrich Novy |
30ccf0 |
- "\t%s [-F script] " qfaflag "[-s fileno]\n"
|
|
Jindrich Novy |
30ccf0 |
+ "\t%s -C [-cd" tseflag "H" kerbflag "lMvVy] [-b blocksize] [-D filesystem] " tsEflag"\n"
|
|
Jindrich Novy |
30ccf0 |
+ "\t%s [-f file] [-F script] [-L limit] [-s fileno]\n"
|
|
Jindrich Novy |
30ccf0 |
+ "\t%s -i [-acd" tseflag "hH" kerbflag "lmMouvVy] [-A file] [-b blocksize] " tsEflag"\n"
|
|
Jindrich Novy |
30ccf0 |
+ "\t%s [-f file] [-F script] " qfaflag "[-s fileno]\n"
|
|
Jindrich Novy |
30ccf0 |
#ifdef USE_QFA
|
|
Jindrich Novy |
30ccf0 |
"\t%s -P file [-acdhH" kerbflag "lmMuvVy] [-A file] [-b blocksize]\n"
|
|
Jindrich Novy |
30ccf0 |
"\t%s [-f file] [-F script] [-s fileno] [-X filelist] [file ...]\n"
|
|
Jindrich Novy |
30ccf0 |
#endif
|
|
Jindrich Novy |
30ccf0 |
- "\t%s -r [-cdH" kerbflag "lMuvVy] [-b blocksize] [-f file] [-F script]\n"
|
|
Jindrich Novy |
30ccf0 |
- "\t%s [-s fileno] [-T directory]\n"
|
|
Jindrich Novy |
30ccf0 |
- "\t%s -R [-cdH" kerbflag "lMuvVy] [-b blocksize] [-f file] [-F script]\n"
|
|
Jindrich Novy |
30ccf0 |
- "\t%s [-s fileno] [-T directory]\n"
|
|
Jindrich Novy |
30ccf0 |
- "\t%s -t [-cdhH" kerbflag "lMuvVy] [-A file] [-b blocksize] [-f file]\n"
|
|
Jindrich Novy |
30ccf0 |
- "\t%s [-F script] " qfaflag "[-s fileno] [-X filelist] [file ...]\n"
|
|
Jindrich Novy |
30ccf0 |
- "\t%s -x [-acdhH" kerbflag "lmMouvVy] [-A file] [-b blocksize] [-f file]\n"
|
|
Jindrich Novy |
30ccf0 |
- "\t%s [-F script] " qfaflag "[-s fileno] [-X filelist] [file ...]\n",
|
|
Jindrich Novy |
30ccf0 |
+ "\t%s -r [-cd" tseflag "H" kerbflag "lMuvVy] [-b blocksize] " tsEflag"\n"
|
|
Jindrich Novy |
30ccf0 |
+ "\t%s [-f file] [-F script] [-s fileno] [-T directory]\n"
|
|
Jindrich Novy |
30ccf0 |
+ "\t%s -R [-cd" tseflag "H" kerbflag "lMuvVy] [-b blocksize] " tsEflag"\n"
|
|
Jindrich Novy |
30ccf0 |
+ "\t%s [-f file] [-F script] [-s fileno] [-T directory]\n"
|
|
Jindrich Novy |
30ccf0 |
+ "\t%s -t [-cdhH" kerbflag "lMuvVy] [-A file] [-b blocksize]\n"
|
|
Jindrich Novy |
30ccf0 |
+ "\t%s [-f file] [-F script] " qfaflag "[-s fileno] [-X filelist] [file ...]\n"
|
|
Jindrich Novy |
30ccf0 |
+ "\t%s -x [-acd" tseflag "hH" kerbflag "lmMouvVy] [-A file] [-b blocksize] " tsEflag"\n"
|
|
Jindrich Novy |
30ccf0 |
+ "\t%s [-f file] [-F script] " qfaflag "[-s fileno] [-X filelist] [file ...]\n",
|
|
Jindrich Novy |
30ccf0 |
__progname, white,
|
|
Jindrich Novy |
30ccf0 |
__progname, white,
|
|
Jindrich Novy |
30ccf0 |
#ifdef USE_QFA
|
|
Jindrich Novy |
30ccf0 |
Index: dump/restore/restore.h
|
|
Jindrich Novy |
30ccf0 |
===================================================================
|
|
Jindrich Novy |
30ccf0 |
RCS file: /cvsroot/dump/dump/restore/restore.h,v
|
|
Jindrich Novy |
30ccf0 |
retrieving revision 1.33
|
|
Jindrich Novy |
30ccf0 |
diff -u -p -r1.33 restore.h
|
|
Jindrich Novy |
30ccf0 |
--- dump/restore/restore.h 7 Jul 2005 09:16:08 -0000 1.33
|
|
Jindrich Novy |
30ccf0 |
+++ dump/restore/restore.h 17 Jun 2006 01:14:39 -0000
|
|
Jindrich Novy |
30ccf0 |
@@ -190,6 +190,11 @@ char smtcpath[2048];
|
|
Jindrich Novy |
30ccf0 |
#endif
|
|
Jindrich Novy |
30ccf0 |
#endif /* USE_QFA */
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
+extern int transselinuxflag;
|
|
Jindrich Novy |
30ccf0 |
+extern char *transselinuxarg;
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
#define do_compare_error \
|
|
Jindrich Novy |
30ccf0 |
if (++compare_errors >= Lflag && Lflag) { \
|
|
Jindrich Novy |
30ccf0 |
printf("Compare errors limit reached, exiting...\n"); \
|
|
Jindrich Novy |
30ccf0 |
Index: dump/restore/tape.c
|
|
Jindrich Novy |
30ccf0 |
===================================================================
|
|
Jindrich Novy |
30ccf0 |
RCS file: /cvsroot/dump/dump/restore/tape.c,v
|
|
Jindrich Novy |
30ccf0 |
retrieving revision 1.90
|
|
Jindrich Novy |
30ccf0 |
diff -u -p -r1.90 tape.c
|
|
Jindrich Novy |
30ccf0 |
--- dump/restore/tape.c 8 Jun 2005 13:24:11 -0000 1.90
|
|
Jindrich Novy |
30ccf0 |
+++ dump/restore/tape.c 17 Jun 2006 01:14:39 -0000
|
|
Jindrich Novy |
30ccf0 |
@@ -570,6 +570,8 @@ again:
|
|
Jindrich Novy |
30ccf0 |
}
|
|
Jindrich Novy |
30ccf0 |
if (haderror || (bot_code && !Mflag)) {
|
|
Jindrich Novy |
30ccf0 |
haderror = 0;
|
|
Jindrich Novy |
30ccf0 |
+ if (compare_errors)
|
|
Jindrich Novy |
30ccf0 |
+ fprintf(stderr, "%d compare errors so far\n", compare_errors);
|
|
Jindrich Novy |
30ccf0 |
#ifdef sunos
|
|
Jindrich Novy |
30ccf0 |
fprintf(stderr, "Mount volume %ld\n", (long)newvol);
|
|
Jindrich Novy |
30ccf0 |
#else
|
|
Jindrich Novy |
30ccf0 |
Index: dump/restore/xattr.c
|
|
Jindrich Novy |
30ccf0 |
===================================================================
|
|
Jindrich Novy |
30ccf0 |
RCS file: /cvsroot/dump/dump/restore/xattr.c,v
|
|
Jindrich Novy |
30ccf0 |
retrieving revision 1.3
|
|
Jindrich Novy |
30ccf0 |
diff -u -p -r1.3 xattr.c
|
|
Jindrich Novy |
30ccf0 |
--- dump/restore/xattr.c 8 Jun 2005 13:24:12 -0000 1.3
|
|
Jindrich Novy |
30ccf0 |
+++ dump/restore/xattr.c 17 Jun 2006 01:14:39 -0000
|
|
Jindrich Novy |
30ccf0 |
@@ -43,6 +43,9 @@ static const char rcsid[] =
|
|
Jindrich Novy |
30ccf0 |
#include <errno.h>
|
|
Jindrich Novy |
30ccf0 |
#include <bsdcompat.h>
|
|
Jindrich Novy |
30ccf0 |
#include <protocols/dumprestore.h>
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
+# include <selinux/selinux.h>
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
#include "restore.h"
|
|
Jindrich Novy |
30ccf0 |
#include "extern.h"
|
|
Jindrich Novy |
30ccf0 |
#include "pathnames.h"
|
|
Jindrich Novy |
30ccf0 |
@@ -195,12 +198,12 @@ struct ext2_xattr_entry {
|
|
Jindrich Novy |
30ccf0 |
static int lsetxattr __P((const char *, const char *, void *, size_t, int));
|
|
Jindrich Novy |
30ccf0 |
static ssize_t lgetxattr __P((const char *, const char *, void *, size_t));
|
|
Jindrich Novy |
30ccf0 |
static ssize_t llistxattr __P((const char *, char *, size_t));
|
|
Jindrich Novy |
30ccf0 |
-static int xattr_cb_list __P((char *, char *, int, void *));
|
|
Jindrich Novy |
30ccf0 |
-static int xattr_cb_set __P((char *, char *, int, void *));
|
|
Jindrich Novy |
30ccf0 |
-static int xattr_cb_compare __P((char *, char *, int, void *));
|
|
Jindrich Novy |
30ccf0 |
+static int xattr_cb_list __P((char *, char *, int, int, void *));
|
|
Jindrich Novy |
30ccf0 |
+static int xattr_cb_set __P((char *, char *, int, int, void *));
|
|
Jindrich Novy |
30ccf0 |
+static int xattr_cb_compare __P((char *, char *, int, int, void *));
|
|
Jindrich Novy |
30ccf0 |
static int xattr_verify __P((char *));
|
|
Jindrich Novy |
30ccf0 |
static int xattr_count __P((char *, int *));
|
|
Jindrich Novy |
30ccf0 |
-static int xattr_walk __P((char *, int (*)(char *, char *, int, void *), void *));
|
|
Jindrich Novy |
30ccf0 |
+static int xattr_walk __P((char *, int (*)(char *, char *, int, int, void *), void *));
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
static int
|
|
Jindrich Novy |
30ccf0 |
lsetxattr(const char *path, const char *name, void *value, size_t size, int flags)
|
|
Jindrich Novy |
30ccf0 |
@@ -406,8 +409,9 @@ fail:
|
|
Jindrich Novy |
30ccf0 |
*/
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
static int
|
|
Jindrich Novy |
30ccf0 |
-xattr_cb_list(char *name, char *value, int valuelen, void *private)
|
|
Jindrich Novy |
30ccf0 |
+xattr_cb_list(char *name, char *value, int valuelen, int isSELinux, void *private)
|
|
Jindrich Novy |
30ccf0 |
{
|
|
Jindrich Novy |
30ccf0 |
+ isSELinux;
|
|
Jindrich Novy |
30ccf0 |
value[valuelen] = '\0';
|
|
Jindrich Novy |
30ccf0 |
printf("EA: %s:%s\n", name, value);
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
@@ -415,37 +419,64 @@ xattr_cb_list(char *name, char *value, i
|
|
Jindrich Novy |
30ccf0 |
}
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
static int
|
|
Jindrich Novy |
30ccf0 |
-xattr_cb_set(char *name, char *value, int valuelen, void *private)
|
|
Jindrich Novy |
30ccf0 |
+xattr_cb_set(char *name, char *value, int valuelen, int isSELinux, void *private)
|
|
Jindrich Novy |
30ccf0 |
{
|
|
Jindrich Novy |
30ccf0 |
char *path = (char *)private;
|
|
Jindrich Novy |
30ccf0 |
-
|
|
Jindrich Novy |
30ccf0 |
- if (lsetxattr(path, name, value, valuelen, 0) < 0) {
|
|
Jindrich Novy |
30ccf0 |
- warn("lsetxattr %s failed", path);
|
|
Jindrich Novy |
30ccf0 |
+ int err;
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
+ isSELinux;
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
+ if (isSELinux)
|
|
Jindrich Novy |
30ccf0 |
+ err = lsetfilecon(path, value);
|
|
Jindrich Novy |
30ccf0 |
+ else
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
+ err = lsetxattr(path, name, value, valuelen, 0);
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
+ if (err) {
|
|
Jindrich Novy |
30ccf0 |
+ warn("%s: EA set %s:%s failed", path, name, value);
|
|
Jindrich Novy |
30ccf0 |
return FAIL;
|
|
Jindrich Novy |
30ccf0 |
}
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
return GOOD;
|
|
Jindrich Novy |
30ccf0 |
}
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
static int
|
|
Jindrich Novy |
30ccf0 |
-xattr_cb_compare(char *name, char *value, int valuelen, void *private)
|
|
Jindrich Novy |
30ccf0 |
+xattr_cb_compare(char *name, char *value, int valuelen, int isSELinux, void *private)
|
|
Jindrich Novy |
30ccf0 |
{
|
|
Jindrich Novy |
30ccf0 |
char *path = (char *)private;
|
|
Jindrich Novy |
30ccf0 |
char valuef[XATTR_MAXSIZE];
|
|
Jindrich Novy |
30ccf0 |
int valuesz;
|
|
Jindrich Novy |
30ccf0 |
-
|
|
Jindrich Novy |
30ccf0 |
- valuesz = lgetxattr(path, name, valuef, XATTR_MAXSIZE);
|
|
Jindrich Novy |
30ccf0 |
- if (valuesz < 0) {
|
|
Jindrich Novy |
30ccf0 |
- warn("%s: lgetxattr failed\n", path);
|
|
Jindrich Novy |
30ccf0 |
- return FAIL;
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
+ isSELinux;
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
+ if (isSELinux)
|
|
Jindrich Novy |
30ccf0 |
+ {
|
|
Jindrich Novy |
30ccf0 |
+ security_context_t con = NULL;
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
+ if (lgetfilecon(path, &con) < 0) {
|
|
Jindrich Novy |
30ccf0 |
+ warn("%s: EA compare lgetfilecon failed\n", path);
|
|
Jindrich Novy |
30ccf0 |
+ return FAIL;
|
|
Jindrich Novy |
30ccf0 |
+ }
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
+ valuesz = strlen(con) + 1;
|
|
Jindrich Novy |
30ccf0 |
+ valuef[0] = 0;
|
|
Jindrich Novy |
30ccf0 |
+ strncat(valuef, con, sizeof valuef);
|
|
Jindrich Novy |
30ccf0 |
+ freecon(con);
|
|
Jindrich Novy |
30ccf0 |
}
|
|
Jindrich Novy |
30ccf0 |
-
|
|
Jindrich Novy |
30ccf0 |
- if (valuesz != valuelen) {
|
|
Jindrich Novy |
30ccf0 |
- fprintf(stderr, "%s: EA %s value changed\n", path, value);
|
|
Jindrich Novy |
30ccf0 |
- return FAIL;
|
|
Jindrich Novy |
30ccf0 |
+ else {
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
+ valuesz = lgetxattr(path, name, valuef, XATTR_MAXSIZE);
|
|
Jindrich Novy |
30ccf0 |
+ if (valuesz < 0) {
|
|
Jindrich Novy |
30ccf0 |
+ warn("%s: EA compare lgetxattr failed\n", path);
|
|
Jindrich Novy |
30ccf0 |
+ return FAIL;
|
|
Jindrich Novy |
30ccf0 |
+ }
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
}
|
|
Jindrich Novy |
30ccf0 |
-
|
|
Jindrich Novy |
30ccf0 |
- if (memcmp(value, valuef, valuelen)) {
|
|
Jindrich Novy |
30ccf0 |
- fprintf(stderr, "%s: EA %s value changed\n", path, value);
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
+ if (valuesz != valuelen || memcmp(value, valuef, valuelen)) {
|
|
Jindrich Novy |
30ccf0 |
+ /* GAN24May06: show name and new value for user to compare */
|
|
Jindrich Novy |
30ccf0 |
+ fprintf(stderr, "%s: EA %s:%s value changed to %s\n", path, name, value, valuef);
|
|
Jindrich Novy |
30ccf0 |
return FAIL;
|
|
Jindrich Novy |
30ccf0 |
}
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
@@ -508,7 +539,7 @@ xattr_count(char *buffer, int *count)
|
|
Jindrich Novy |
30ccf0 |
}
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
static int
|
|
Jindrich Novy |
30ccf0 |
-xattr_walk(char *buffer, int (*xattr_cb)(char *, char *, int, void *), void *private)
|
|
Jindrich Novy |
30ccf0 |
+xattr_walk(char *buffer, int (*xattr_cb)(char *, char *, int, int, void *), void *private)
|
|
Jindrich Novy |
30ccf0 |
{
|
|
Jindrich Novy |
30ccf0 |
struct ext2_xattr_entry *entry;
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
@@ -518,6 +549,7 @@ xattr_walk(char *buffer, int (*xattr_cb)
|
|
Jindrich Novy |
30ccf0 |
char name[XATTR_MAXSIZE], value[XATTR_MAXSIZE];
|
|
Jindrich Novy |
30ccf0 |
int off;
|
|
Jindrich Novy |
30ccf0 |
int convertacl = 0;
|
|
Jindrich Novy |
30ccf0 |
+ int convertcon = 0;
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
switch (entry->e_name_index) {
|
|
Jindrich Novy |
30ccf0 |
case EXT2_XATTR_INDEX_USER:
|
|
Jindrich Novy |
30ccf0 |
@@ -539,6 +571,9 @@ xattr_walk(char *buffer, int (*xattr_cb)
|
|
Jindrich Novy |
30ccf0 |
break;
|
|
Jindrich Novy |
30ccf0 |
case EXT2_XATTR_INDEX_SECURITY:
|
|
Jindrich Novy |
30ccf0 |
strcpy(name, "security.");
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
+ convertcon = transselinuxflag;
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
break;
|
|
Jindrich Novy |
30ccf0 |
default:
|
|
Jindrich Novy |
30ccf0 |
fprintf(stderr, "Unknown EA index\n");
|
|
Jindrich Novy |
30ccf0 |
@@ -564,8 +599,36 @@ xattr_walk(char *buffer, int (*xattr_cb)
|
|
Jindrich Novy |
30ccf0 |
entry->e_value_size = size;
|
|
Jindrich Novy |
30ccf0 |
free(acl);
|
|
Jindrich Novy |
30ccf0 |
}
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
+#ifdef TRANSSELINUX /*GAN6May06 SELinux MLS */
|
|
Jindrich Novy |
30ccf0 |
+ if (convertcon && strcmp(name, "security.selinux"))
|
|
Jindrich Novy |
30ccf0 |
+ convertcon = 0; /*GAN24May06 only for selinux */
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
+ if (convertcon)
|
|
Jindrich Novy |
30ccf0 |
+ {
|
|
Jindrich Novy |
30ccf0 |
+ security_context_t con = NULL;
|
|
Jindrich Novy |
30ccf0 |
+ int err;
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
+ if (!transselinuxarg)
|
|
Jindrich Novy |
30ccf0 |
+ err = security_canonicalize_context(value, &con);
|
|
Jindrich Novy |
30ccf0 |
+ else {
|
|
Jindrich Novy |
30ccf0 |
+ strncat(value, transselinuxarg, sizeof value);
|
|
Jindrich Novy |
30ccf0 |
+ err = security_canonicalize_context_raw(value, &con);
|
|
Jindrich Novy |
30ccf0 |
+ }
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
+ if (err < 0) {
|
|
Jindrich Novy |
30ccf0 |
+ warn("%s: EA canonicalize failed\n", value);
|
|
Jindrich Novy |
30ccf0 |
+ return FAIL;
|
|
Jindrich Novy |
30ccf0 |
+ }
|
|
Jindrich Novy |
30ccf0 |
+
|
|
Jindrich Novy |
30ccf0 |
+ entry->e_value_size = strlen(con) + 1;
|
|
Jindrich Novy |
30ccf0 |
+ value[0] = 0;
|
|
Jindrich Novy |
30ccf0 |
+ strncat(value, con, sizeof value);
|
|
Jindrich Novy |
30ccf0 |
+ freecon(con);
|
|
Jindrich Novy |
30ccf0 |
+ }
|
|
Jindrich Novy |
30ccf0 |
+#endif
|
|
Jindrich Novy |
30ccf0 |
|
|
Jindrich Novy |
30ccf0 |
- if (xattr_cb(name, value, entry->e_value_size, private) != GOOD)
|
|
Jindrich Novy |
30ccf0 |
+ if (xattr_cb(name, value, entry->e_value_size, convertcon, private) != GOOD)
|
|
Jindrich Novy |
30ccf0 |
return FAIL;
|
|
Jindrich Novy |
30ccf0 |
}
|
|
Jindrich Novy |
30ccf0 |
|