+/* vi: set sw=4 ts=4: */
/*
- * Copyright (C) 2003 by Glenn McGrath <bug1@iinet.net.au>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Library General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * Copyright (C) 2003 by Glenn McGrath <bug1@iinet.net.au>
+ * SELinux support: by Yuichi Nakamura <ynakam@hitachisoft.jp>
*
+ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
*
* TODO: -d option, need a way of recursively making directories and changing
* owner/group, will probably modify bb_make_directory(...)
*/
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
+#include <libgen.h>
#include <getopt.h> /* struct option */
-#include "busybox.h"
+#include "libbb.h"
#include "libcoreutils/coreutils.h"
-#define INSTALL_OPT_CMD 1
-#define INSTALL_OPT_DIRECTORY 2
-#define INSTALL_OPT_PRESERVE_TIME 4
-#define INSTALL_OPT_STRIP 8
-#define INSTALL_OPT_GROUP 16
-#define INSTALL_OPT_MODE 32
-#define INSTALL_OPT_OWNER 64
-
+#if ENABLE_FEATURE_INSTALL_LONG_OPTIONS
static const struct option install_long_options[] = {
- { "directory", 0, NULL, 'd' },
- { "preserve-timestamps", 0, NULL, 'p' },
- { "strip", 0, NULL, 's' },
- { "group", 0, NULL, 'g' },
- { "mode", 0, NULL, 'm' },
- { "owner", 0, NULL, 'o' },
- { 0, 0, 0, 0 }
+ { "directory", 0, NULL, 'd' },
+ { "preserve-timestamps", 0, NULL, 'p' },
+ { "strip", 0, NULL, 's' },
+ { "group", 0, NULL, 'g' },
+ { "mode", 0, NULL, 'm' },
+ { "owner", 0, NULL, 'o' },
+#if ENABLE_SELINUX
+ { "context", 1, NULL, 'Z' },
+ { "preserve_context", 0, NULL, 0xff },
+ { "preserve-context", 0, NULL, 0xff },
+#endif
+ { 0, 0, 0, 0 }
};
+#endif
-extern int install_main(int argc, char **argv)
+
+#if ENABLE_SELINUX
+static bool use_default_selinux_context = 1;
+
+static void setdefaultfilecon(const char *path)
{
+ struct stat s;
+ security_context_t scontext = NULL;
+
+ if (!is_selinux_enabled()) {
+ return;
+ }
+ if (lstat(path, &s) != 0) {
+ return;
+ }
+
+ if (matchpathcon(path, s.st_mode, &scontext) < 0) {
+ goto out;
+ }
+ if (strcmp(scontext, "<<none>>") == 0) {
+ goto out;
+ }
+
+ if (lsetfilecon(path, scontext) < 0) {
+ if (errno != ENOTSUP) {
+ bb_perror_msg("warning: failed to change context of %s to %s", path, scontext);
+ }
+ }
+
+ out:
+ freecon(scontext);
+}
+
+#endif
+
+int install_main(int argc, char **argv);
+int install_main(int argc, char **argv)
+{
+ struct stat statbuf;
mode_t mode;
uid_t uid;
gid_t gid;
- char *gid_str = "-1";
- char *uid_str = "-1";
- char *mode_str = "0755";
+ const char *gid_str;
+ const char *uid_str;
+ const char *mode_str;
int copy_flags = FILEUTILS_DEREFERENCE | FILEUTILS_FORCE;
int ret = EXIT_SUCCESS, flags, i, isdir;
+#if ENABLE_SELINUX
+ security_context_t scontext;
+#endif
+ enum {
+ OPT_CMD = 0x1,
+ OPT_DIRECTORY = 0x2,
+ OPT_PRESERVE_TIME = 0x4,
+ OPT_STRIP = 0x8,
+ OPT_GROUP = 0x10,
+ OPT_MODE = 0x20,
+ OPT_OWNER = 0x40,
+#if ENABLE_SELINUX
+ OPT_SET_SECURITY_CONTEXT = 0x80,
+ OPT_PRESERVE_SECURITY_CONTEXT = 0x100,
+#endif
+ };
+
+#if ENABLE_FEATURE_INSTALL_LONG_OPTIONS
+ applet_long_options = install_long_options;
+#endif
+ opt_complementary = "?:s--d:d--s" USE_SELINUX(":Z--\xff:\xff--Z");
+ /* -c exists for backwards compatibility, it's needed */
- bb_applet_long_options = install_long_options;
- bb_opt_complementally = "?:s--d:d--s";
- /* -c exists for backwards compatability, its needed */
- flags = bb_getopt_ulflags(argc, argv, "cdpsg:m:o:", &gid_str, &mode_str, &uid_str); /* 'a' must be 2nd */
+ flags = getopt32(argc, argv, "cdpsg:m:o:" USE_SELINUX("Z:"), &gid_str, &mode_str, &uid_str USE_SELINUX(, &scontext));
+
+#if ENABLE_SELINUX
+ if (flags & OPT_PRESERVE_SECURITY_CONTEXT) {
+ use_default_selinux_context = 0;
+ copy_flags |= FILEUTILS_PRESERVE_SECURITY_CONTEXT;
+ selinux_or_die();
+ }
+ if (flags & OPT_SET_SECURITY_CONTEXT) {
+ selinux_or_die();
+ setfscreatecon_or_die(scontext);
+ use_default_selinux_context = 0;
+ copy_flags |= FILEUTILS_SET_SECURITY_CONTEXT;
+ }
+#endif
/* preserve access and modification time, this is GNU behaviour, BSD only preserves modification time */
- if (flags & INSTALL_OPT_PRESERVE_TIME) {
+ if (flags & OPT_PRESERVE_TIME) {
copy_flags |= FILEUTILS_PRESERVE_STATUS;
}
- bb_parse_mode(mode_str, &mode);
- gid = get_ug_id(gid_str, bb_xgetgrnam);
- uid = get_ug_id(uid_str, bb_xgetpwnam);
- umask(0);
+ mode = 0666;
+ if (flags & OPT_MODE) bb_parse_mode(mode_str, &mode);
+ uid = (flags & OPT_OWNER) ? get_ug_id(uid_str, xuname2uid) : getuid();
+ gid = (flags & OPT_GROUP) ? get_ug_id(gid_str, xgroup2gid) : getgid();
+ if (flags & (OPT_OWNER|OPT_GROUP)) umask(0);
/* Create directories
- * dont use bb_make_directory() as it cant change uid or gid
+ * don't use bb_make_directory() as it can't change uid or gid
* perhaps bb_make_directory() should be improved.
*/
- if (flags & INSTALL_OPT_DIRECTORY) {
+ if (flags & OPT_DIRECTORY) {
for (argv += optind; *argv; argv++) {
char *old_argv_ptr = *argv + 1;
char *argv_ptr;
*argv_ptr = '\0';
old_argv_ptr++;
}
- if (mkdir(*argv, mode) == -1) {
+ if (mkdir(*argv, mode | 0111) == -1) {
if (errno != EEXIST) {
- bb_perror_msg("coulnt create %s", *argv);
+ bb_perror_msg("cannot create %s", *argv);
ret = EXIT_FAILURE;
break;
}
}
- else if (lchown(*argv, uid, gid) == -1) {
+ if ((flags & (OPT_OWNER|OPT_GROUP))
+ && lchown(*argv, uid, gid) == -1
+ ) {
bb_perror_msg("cannot change ownership of %s", *argv);
ret = EXIT_FAILURE;
break;
}
} while (old_argv_ptr);
}
- return(ret);
+ return ret;
}
- {
- struct stat statbuf;
- isdir = lstat(argv[argc - 1], &statbuf)<0
- ? 0 : S_ISDIR(statbuf.st_mode);
- }
+ isdir = lstat(argv[argc - 1], &statbuf) < 0 ? 0 : S_ISDIR(statbuf.st_mode);
+
for (i = optind; i < argc - 1; i++) {
char *dest;
dest = argv[argc - 1];
- if (isdir) dest = concat_path_file(argv[argc - 1], basename(argv[i]));
+ if (isdir)
+ dest = concat_path_file(argv[argc - 1], basename(argv[i]));
ret |= copy_file(argv[i], dest, copy_flags);
/* Set the file mode */
- if (chmod(dest, mode) == -1) {
+ if ((flags & OPT_MODE) && chmod(dest, mode) == -1) {
bb_perror_msg("cannot change permissions of %s", dest);
ret = EXIT_FAILURE;
}
-
+#if ENABLE_SELINUX
+ if (use_default_selinux_context)
+ setdefaultfilecon(dest);
+#endif
/* Set the user and group id */
- if (lchown(dest, uid, gid) == -1) {
+ if ((flags & (OPT_OWNER|OPT_GROUP))
+ && lchown(dest, uid, gid) == -1
+ ) {
bb_perror_msg("cannot change ownership of %s", dest);
ret = EXIT_FAILURE;
}
- if (flags & INSTALL_OPT_STRIP) {
- if (execlp("strip", "strip", dest, NULL) == -1) {
- bb_error_msg("strip failed");
+ if (flags & OPT_STRIP) {
+ if (BB_EXECLP("strip", "strip", dest, NULL) == -1) {
+ bb_perror_msg("strip");
ret = EXIT_FAILURE;
}
}
- if(ENABLE_FEATURE_CLEAN_UP && isdir) free(dest);
+ if (ENABLE_FEATURE_CLEAN_UP && isdir) free(dest);
}
- return(ret);
+ return ret;
}