[PATCH 0/6] busybox -- SELinux option support for coreutils

Yuichi Nakamura ynakam at hitachisoft.jp
Fri Feb 9 07:44:09 UTC 2007 

On Thu, 08 Feb 2007 08:26:04 -0500
Stephen Smalley wrote:
> On Thu, 2007-02-08 at 15:54 +0900, Yuichi Nakamura wrote:
> > Hi.
> > 
> > The following patches provide SELinux options(like -Z) to coreutils 
> > We imported SELinux options from coreutils 5.97(included in Fedora Core6).
> > You have to enable CONFIG_SELINUX to use following feature.
> > Any of them are fundamental one to use SELinux.
> > We are welcoming any comment, and hope to merge it into busybox.
> 
> I'd suggest looking at the upstream coreutils selinux branch (see Jim
> Meyering's prior announcement of it on selinux list) and make sure you
> are consistent with it rather than Fedora Core 6, as I believe some
> aspects have changed (e.g. cp -a handling).
Thanks for information.
I've looked at upstream coreutils, and found some changes in cp and install.
I will fix them later.

> 
> > 
> > 
> > [1/6] busybox-coreutils-common-01.patch
> >  - usage.h for SELinux options
> > 
> > [2/6] busybox-coreutils-02-copy.patch
> >   - cp: -Z,-c option support. 
> >       -c option: security context is preserved during file copy.
> >       -Z option: security context can be set during file copy.
> >   - mv 
> >     In SELinux, it is recommended to preserve security context 
> >     when file is moved. By this patch, file context is preserved 
> >     during file move.
> >   - install
> >     When file is copied by install, security context of installed file 
> >     becomes different from value configured in file_contexts file.
> >     By this patch, security context is set according to file_contexts file.
> > 
> > [3/6] busybox-coreutils-03-mk.patch
> >  - -Z option support for mkdir, mkfifo, mknod. 
> >     By -Z, security context for created file can be set.
> > 
> > [4/6] busybox-coreutils-04-stat.patch
> >  - -Z option support for stat. Security context of file is shown by -Z option.
> > 
> > [5/6]  busybox-coreutils-05-ls.patch
> >  - -Z option support for ls. Security context of file is shown by -Z option.
> >    In current busybox, -k/-K shows security context. However, they are replaced by -Z option in recent coreutils, so -Z have to be added by this patch.
> > 
> > [6/6] busybox-coreutils-06-id.patch
> >  - -Z option support for id. Security context of process is shown by -Z option.
> > 
> > 
> > This project is originated from some of JPSEUG(Japan SELinux User Group). 
> > Now, we are preparing to submit more patches to support SELinux commands/options.
> > 
> > Regards,
> > 
> > Yuichi Nakamura
> > Hitachi Software
> > SELinux Policy Editor: http://seedit.sourceforge.net/
> > 
> > --
> > This message was distributed to subscribers of the selinux mailing list.
> > If you no longer wish to subscribe, send mail to majordomo at tycho.nsa.gov with
> > the words "unsubscribe selinux" without quotes as the message.
> -- 
> Stephen Smalley
> National Security Agency
>

More information about the busybox mailing list