+/* vi: set sw=4 ts=4: */
/*
- * Copyright (C) 2003 by Glenn McGrath <bug1@optushome.com.au>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Library General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * Copyright (C) 2003 by Glenn McGrath <bug1@iinet.net.au>
+ * SELinux support: by Yuichi Nakamura <ynakam@hitachisoft.jp>
*
+ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
*
* TODO: -d option, need a way of recursively making directories and changing
* owner/group, will probably modify bb_make_directory(...)
- * Use bb_getopt_ulflags(...) ?
- *
*/
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <errno.h>
-#include <getopt.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
+#include <libgen.h>
+#include <getopt.h> /* struct option */
#include "libbb.h"
+#include "libcoreutils/coreutils.h"
+
+#if ENABLE_FEATURE_INSTALL_LONG_OPTIONS
+static const struct option install_long_options[] = {
+ { "directory", 0, NULL, 'd' },
+ { "preserve-timestamps", 0, NULL, 'p' },
+ { "strip", 0, NULL, 's' },
+ { "group", 0, NULL, 'g' },
+ { "mode", 0, NULL, 'm' },
+ { "owner", 0, NULL, 'o' },
+#if ENABLE_SELINUX
+ { "context", 1, NULL, 'Z' },
+ { "preserve_context", 0, NULL, 0xff },
+ { "preserve-context", 0, NULL, 0xff },
+#endif
+ { 0, 0, 0, 0 }
+};
+#endif
-extern int install_main(int argc, char **argv)
+
+#if ENABLE_SELINUX
+static bool use_default_selinux_context = 1;
+
+static void setdefaultfilecon(const char *path)
{
- struct stat statbuf;
- int i;
- int ret = EXIT_SUCCESS;
- uid_t uid = -1;
- gid_t gid = -1;
- int copy_flags = 0;
- int strip_flag = 0;
- int dir_flag = 0;
- mode_t mode = 0755;
-
- /* -c exists for backwards compatability, its needed */
- while ((i = getopt(argc, argv, "cdg:m:o:ps")) != -1) {
- switch (i) {
- case 'd': /* Create directories */
- dir_flag = 1;
- break;
- case 'g': /* group */
- gid = get_ug_id(optarg, my_getgrnam);
- break;
- case 'm': /* mode */
- bb_parse_mode(optarg, &mode);
- break;
- case 'o': /* owner */
- uid = get_ug_id(optarg, my_getpwnam);
- break;
- case 'p': /* preserve access and modification time, this is GNU behaviour, BSD only preserves modification time */
- copy_flags |= FILEUTILS_PRESERVE_STATUS;
- break;
- case 's': /* Strip binaries */
- strip_flag = 1;
- /* Fall through */
- case 'c':
- /* do nothing */
- break;
- default:
- bb_show_usage();
+ struct stat s;
+ security_context_t scontext = NULL;
+
+ if (!is_selinux_enabled()) {
+ return;
+ }
+ if (lstat(path, &s) != 0) {
+ return;
+ }
+
+ if (matchpathcon(path, s.st_mode, &scontext) < 0) {
+ goto out;
+ }
+ if (strcmp(scontext, "<<none>>") == 0) {
+ goto out;
+ }
+
+ if (lsetfilecon(path, scontext) < 0) {
+ if (errno != ENOTSUP) {
+ bb_perror_msg("warning: failed to change context of %s to %s", path, scontext);
}
}
- if (dir_flag) {
- for (argv += optind; *argv; argv++) {
- unsigned char *dir_name = *argv;
- unsigned char *argv_ptr;
+ out:
+ freecon(scontext);
+}
- ret |= bb_make_directory(dir_name, mode, FILEUTILS_RECUR);
- do {
- argv_ptr = strrchr(dir_name, '/');
+#endif
- /* Skip the "." and ".." directories */
- if ((dir_name[0] == '.') && ((dir_name[1] == '\0') || ((dir_name[1] == '.') && (dir_name[2] == '\0')))) {
- break;
+int install_main(int argc, char **argv);
+int install_main(int argc, char **argv)
+{
+ struct stat statbuf;
+ mode_t mode;
+ uid_t uid;
+ gid_t gid;
+ const char *gid_str;
+ const char *uid_str;
+ const char *mode_str;
+ int copy_flags = FILEUTILS_DEREFERENCE | FILEUTILS_FORCE;
+ int ret = EXIT_SUCCESS, flags, i, isdir;
+#if ENABLE_SELINUX
+ security_context_t scontext;
+#endif
+ enum {
+ OPT_CMD = 0x1,
+ OPT_DIRECTORY = 0x2,
+ OPT_PRESERVE_TIME = 0x4,
+ OPT_STRIP = 0x8,
+ OPT_GROUP = 0x10,
+ OPT_MODE = 0x20,
+ OPT_OWNER = 0x40,
+#if ENABLE_SELINUX
+ OPT_SET_SECURITY_CONTEXT = 0x80,
+ OPT_PRESERVE_SECURITY_CONTEXT = 0x100,
+#endif
+ };
+
+#if ENABLE_FEATURE_INSTALL_LONG_OPTIONS
+ applet_long_options = install_long_options;
+#endif
+ opt_complementary = "?:s--d:d--s" USE_SELINUX(":Z--\xff:\xff--Z");
+ /* -c exists for backwards compatibility, it's needed */
+
+ flags = getopt32(argc, argv, "cdpsg:m:o:" USE_SELINUX("Z:"), &gid_str, &mode_str, &uid_str USE_SELINUX(, &scontext));
+
+#if ENABLE_SELINUX
+ if (flags & OPT_PRESERVE_SECURITY_CONTEXT) {
+ use_default_selinux_context = 0;
+ copy_flags |= FILEUTILS_PRESERVE_SECURITY_CONTEXT;
+ selinux_or_die();
+ }
+ if (flags & OPT_SET_SECURITY_CONTEXT) {
+ selinux_or_die();
+ setfscreatecon_or_die(scontext);
+ use_default_selinux_context = 0;
+ copy_flags |= FILEUTILS_SET_SECURITY_CONTEXT;
+ }
+#endif
+
+ /* preserve access and modification time, this is GNU behaviour, BSD only preserves modification time */
+ if (flags & OPT_PRESERVE_TIME) {
+ copy_flags |= FILEUTILS_PRESERVE_STATUS;
+ }
+ mode = 0666;
+ if (flags & OPT_MODE) bb_parse_mode(mode_str, &mode);
+ uid = (flags & OPT_OWNER) ? get_ug_id(uid_str, xuname2uid) : getuid();
+ gid = (flags & OPT_GROUP) ? get_ug_id(gid_str, xgroup2gid) : getgid();
+ if (flags & (OPT_OWNER|OPT_GROUP)) umask(0);
+
+ /* Create directories
+ * don't use bb_make_directory() as it can't change uid or gid
+ * perhaps bb_make_directory() should be improved.
+ */
+ if (flags & OPT_DIRECTORY) {
+ for (argv += optind; *argv; argv++) {
+ char *old_argv_ptr = *argv + 1;
+ char *argv_ptr;
+ do {
+ argv_ptr = strchr(old_argv_ptr, '/');
+ old_argv_ptr = argv_ptr;
+ if (argv_ptr) {
+ *argv_ptr = '\0';
+ old_argv_ptr++;
}
- if (chown(dir_name, uid, gid) == -1) {
- bb_perror_msg("cannot change ownership of %s", argv_ptr);
- ret |= EXIT_FAILURE;
+ if (mkdir(*argv, mode | 0111) == -1) {
+ if (errno != EEXIST) {
+ bb_perror_msg("cannot create %s", *argv);
+ ret = EXIT_FAILURE;
+ break;
+ }
+ }
+ if ((flags & (OPT_OWNER|OPT_GROUP))
+ && lchown(*argv, uid, gid) == -1
+ ) {
+ bb_perror_msg("cannot change ownership of %s", *argv);
+ ret = EXIT_FAILURE;
+ break;
}
if (argv_ptr) {
- *argv_ptr = '\0';
+ *argv_ptr = '/';
}
- } while (argv_ptr);
+ } while (old_argv_ptr);
}
- return(ret);
+ return ret;
}
- if ((stat(argv[argc - 1], &statbuf) == -1) && (errno != ENOENT)) {
- bb_perror_msg_and_die("stat failed for %s: ", argv[argc - 1]);
- }
+ isdir = lstat(argv[argc - 1], &statbuf) < 0 ? 0 : S_ISDIR(statbuf.st_mode);
for (i = optind; i < argc - 1; i++) {
- unsigned char *dest;
+ char *dest;
- if (S_ISDIR(statbuf.st_mode)) {
- dest = concat_path_file(argv[argc - 1], argv[i]);
- } else {
- dest = argv[argc - 1];
- }
+ dest = argv[argc - 1];
+ if (isdir)
+ dest = concat_path_file(argv[argc - 1], basename(argv[i]));
ret |= copy_file(argv[i], dest, copy_flags);
/* Set the file mode */
- if (chmod(dest, mode) == -1) {
+ if ((flags & OPT_MODE) && chmod(dest, mode) == -1) {
bb_perror_msg("cannot change permissions of %s", dest);
- ret |= EXIT_FAILURE;
+ ret = EXIT_FAILURE;
}
-
+#if ENABLE_SELINUX
+ if (use_default_selinux_context)
+ setdefaultfilecon(dest);
+#endif
/* Set the user and group id */
- if (chown(dest, uid, gid) == -1) {
+ if ((flags & (OPT_OWNER|OPT_GROUP))
+ && lchown(dest, uid, gid) == -1
+ ) {
bb_perror_msg("cannot change ownership of %s", dest);
- ret |= EXIT_FAILURE;
+ ret = EXIT_FAILURE;
}
- if (strip_flag) {
- if (execlp("strip", "strip", dest, NULL) == -1) {
- bb_error_msg("strip failed");
- ret |= EXIT_FAILURE;
+ if (flags & OPT_STRIP) {
+ if (BB_EXECLP("strip", "strip", dest, NULL) == -1) {
+ bb_perror_msg("strip");
+ ret = EXIT_FAILURE;
}
}
+ if (ENABLE_FEATURE_CLEAN_UP && isdir) free(dest);
}
-
- return(ret);
+
+ return ret;
}