id(1): add selinux support

meson.build

@@ -146,6 +146,11 @@ libpthread = dependency('threads')
 # meson at the moment provides no way to rename installed executables
 install_as = files('install-as.sh')
 
+libselinux = dependency('libselinux', required: get_option('selinux'))
+if libselinux.found()
+  add_project_arguments('-DHAVE_SELINUX', language: 'c')
+endif
+
 # Include all of the relevant subdirectories
 subdir('include')
 subdir('src.freebsd')

meson_options.txt

@@ -57,3 +57,8 @@ option('install-lib',
     type: 'boolean', value: 'true',
     description: 'Whether to install chimerautils library'
 )
+
+option('selinux',
+    type: 'feature', value: 'auto',
+    description: 'Whether to enable SELinux awareness'
+)

src.freebsd/coreutils/id/id.c

@@ -54,6 +54,10 @@ static char sccsid[] = "@(#)id.c	8.2 (Berkeley) 2/16/94";
 #include <string.h>
 #include <unistd.h>
 
+#ifdef HAVE_SELINUX
+#include <selinux/selinux.h>
+#endif
+
 static void	id_print(struct passwd *, int, int, int);
 static void	pline(struct passwd *);
 static void	pretty(struct passwd *);
@@ -408,6 +412,16 @@ maclabel(void)
 	(void)printf("%s\n", string);
 	mac_free(label);
 	free(string);
+#elif defined(HAVE_SELINUX)
+	char *context;
+	if (is_selinux_enabled() > 0) {
+		if (getcon(&context) == 0) {
+			(void)printf("%s\n", context);
+			freecon(context);
+		} else
+			errx(1, "getcon failed: %s", strerror(errno));
+	} else
+		errx(1, "-M works only on an SELinux-enabled kernel");
 #else
 	errx(1, "-M requires a MAC-enabled build");
 #endif

src.freebsd/coreutils/id/meson.build

@@ -1,7 +1,14 @@
+id_deps = []
+
+if libselinux.found()
+    id_deps += [libselinux]
+endif
+
 id_prog = executable(
     'id',
     [ 'id.c' ],
     include_directories : inc,
+    dependencies : id_deps,
     install : true,
 )