From 49622d784672bf2f7b2fe80589714cdef5adde0c Mon Sep 17 00:00:00 2001 From: Denis Vlasenko Date: Sat, 10 Mar 2007 16:58:49 +0000 Subject: selinux support by Yuichi Nakamura (HitachiSoft) --- libbb/copy_file.c | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) (limited to 'libbb/copy_file.c') diff --git a/libbb/copy_file.c b/libbb/copy_file.c index bd785b71c..6391824aa 100644 --- a/libbb/copy_file.c +++ b/libbb/copy_file.c @@ -3,6 +3,7 @@ * Mini copy_file implementation for busybox * * Copyright (C) 2001 by Matt Kraai + * SELinux support by Yuichi Nakamura * * Licensed under GPLv2 or later, see file LICENSE in this tarball for details. * @@ -62,6 +63,26 @@ int copy_file(const char *source, const char *dest, int flags) dest_exists = 1; } +#if ENABLE_SELINUX + if ((flags & FILEUTILS_PRESERVE_SECURITY_CONTEXT) && is_selinux_enabled() > 0) { + security_context_t con; + if (lgetfilecon(source, &con) >= 0) { + if (setfscreatecon(con) < 0) { + bb_perror_msg("cannot set setfscreatecon %s", con); + freecon(con); + return -1; + } + } else { + if (errno == ENOTSUP || errno == ENODATA) { + setfscreatecon(NULL); + } else { + bb_perror_msg("cannot lgetfilecon %s", source); + return -1; + } + } + } +#endif + if (S_ISDIR(source_stat.st_mode)) { DIR *dp; struct dirent *d; @@ -204,6 +225,25 @@ int copy_file(const char *source, const char *dest, int flags) } } +#if ENABLE_SELINUX + if (((flags & FILEUTILS_PRESERVE_SECURITY_CONTEXT) + || (flags & FILEUTILS_SET_SECURITY_CONTEXT)) + && is_selinux_enabled() > 0) { + security_context_t con; + if (getfscreatecon(&con) == -1) { + bb_perror_msg("getfscreatecon"); + return -1; + } + if (con) { + if(setfilecon(dest, con) == -1) { + bb_perror_msg("setfilecon:%s,%s", dest, con); + freecon(con); + return -1; + } + freecon(con); + } + } +#endif if (bb_copyfd_eof(src_fd, dst_fd) == -1) status = -1; if (close(dst_fd) < 0) { -- cgit v1.2.3