From 25f1036bdbb13f25211664d0eb6a8797e9c4a634 Mon Sep 17 00:00:00 2001 From: Rahul Sandhu Date: Sun, 20 Oct 2024 16:54:15 +0100 Subject: [PATCH] id(1): add selinux support --- meson.build | 5 +++++ meson_options.txt | 5 +++++ src.freebsd/coreutils/id/id.c | 14 ++++++++++++++ src.freebsd/coreutils/id/meson.build | 7 +++++++ 4 files changed, 31 insertions(+) diff --git a/meson.build b/meson.build index 7714fc18..d2ddb6b0 100644 --- a/meson.build +++ b/meson.build @@ -146,6 +146,11 @@ libpthread = dependency('threads') # meson at the moment provides no way to rename installed executables install_as = files('install-as.sh') +libselinux = dependency('libselinux', required: get_option('selinux')) +if libselinux.found() + add_project_arguments('-DHAVE_SELINUX', language: 'c') +endif + # Include all of the relevant subdirectories subdir('include') subdir('src.freebsd') diff --git a/meson_options.txt b/meson_options.txt index 6ab2ff6a..a94d28a8 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -57,3 +57,8 @@ option('install-lib', type: 'boolean', value: 'true', description: 'Whether to install chimerautils library' ) + +option('selinux', + type: 'feature', value: 'auto', + description: 'Whether to enable SELinux awareness' +) diff --git a/src.freebsd/coreutils/id/id.c b/src.freebsd/coreutils/id/id.c index 158ae8c9..05efdd5a 100644 --- a/src.freebsd/coreutils/id/id.c +++ b/src.freebsd/coreutils/id/id.c @@ -54,6 +54,10 @@ static char sccsid[] = "@(#)id.c 8.2 (Berkeley) 2/16/94"; #include #include +#ifdef HAVE_SELINUX +#include +#endif + static void id_print(struct passwd *, int, int, int); static void pline(struct passwd *); static void pretty(struct passwd *); @@ -408,6 +412,16 @@ maclabel(void) (void)printf("%s\n", string); mac_free(label); free(string); +#elif defined(HAVE_SELINUX) + char *context; + if (is_selinux_enabled() > 0) { + if (getcon(&context) == 0) { + (void)printf("%s\n", context); + freecon(context); + } else + errx(1, "getcon failed: %s", strerror(errno)); + } else + errx(1, "-M works only on an SELinux-enabled kernel"); #else errx(1, "-M requires a MAC-enabled build"); #endif diff --git a/src.freebsd/coreutils/id/meson.build b/src.freebsd/coreutils/id/meson.build index 3a807105..70e7151d 100644 --- a/src.freebsd/coreutils/id/meson.build +++ b/src.freebsd/coreutils/id/meson.build @@ -1,7 +1,14 @@ +id_deps = [] + +if libselinux.found() + id_deps += [libselinux] +endif + id_prog = executable( 'id', [ 'id.c' ], include_directories : inc, + dependencies : id_deps, install : true, )