[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 2/9] cp: -Z: formatting cleanups
|
From: |
Pádraig Brady |
|
Subject: |
[PATCH 2/9] cp: -Z: formatting cleanups |
|
Date: |
Wed, 28 Nov 2012 01:43:12 +0000 |
mostly running through indent
---
src/copy.c | 25 +++++----
src/cp.c | 42 ++++++++------
src/install.c | 27 +++++----
src/local.mk | 3 +-
src/mkdir.c | 16 +++---
src/mkfifo.c | 16 +++---
src/mknod.c | 16 +++---
src/mv.c | 9 ++-
src/runcon.c | 7 +-
src/selinux.c | 175 +++++++++++++++++++++++++++++++--------------------------
src/selinux.h | 7 +-
11 files changed, 187 insertions(+), 156 deletions(-)
diff --git a/src/copy.c b/src/copy.c
index 501801c..2ecc32a 100644
--- a/src/copy.c
+++ b/src/copy.c
@@ -838,18 +838,21 @@ copy_reg (char const *src_name, char const *dst_name,
1) the src context may prohibit writing, and
2) because it's more consistent to use the same context
that is used when the destination file doesn't already exist. */
- if ((x->set_security_context || x->preserve_security_context) && 0 <=
dest_desc)
+ if ((x->set_security_context || x->preserve_security_context)
+ && 0 <= dest_desc)
{
bool all_errors = (!x->data_copy_required
|| x->require_preserve_context);
bool some_errors = !all_errors && !x->reduce_diagnostics;
- if (restorecon(dst_name, 0, x->preserve_security_context) < 0) {
- if (all_errors || (some_errors && !errno_unsupported (errno)))
- error (0, errno, _("failed to set file system context on %s"),
quote_n (0, dst_name));
- return_val = false;
- goto close_src_and_dst_desc;
- }
+ if (restorecon (dst_name, 0, x->preserve_security_context) < 0)
+ {
+ if (all_errors || (some_errors && !errno_unsupported (errno)))
+ error (0, errno, _("failed to set file system context on %s"),
+ quote_n (0, dst_name));
+ return_val = false;
+ goto close_src_and_dst_desc;
+ }
}
if (dest_desc < 0 && x->unlink_dest_after_failed_open)
@@ -871,7 +874,7 @@ copy_reg (char const *src_name, char const *dst_name,
if (*new_dst)
{
if (x->set_security_context && (! x->require_preserve_context))
- defaultcon(dst_name, dst_mode);
+ defaultcon (dst_name, dst_mode);
open_with_O_CREAT:;
@@ -956,7 +959,7 @@ copy_reg (char const *src_name, char const *dst_name,
}
if (x->set_security_context && ! x->preserve_security_context)
- restorecon(dst_name, 1, false);
+ restorecon (dst_name, 1, false);
/* --attributes-only overrides --reflink. */
if (data_copy_required && x->reflink_mode)
@@ -2077,7 +2080,7 @@ copy_internal (char const *src_name, char const *dst_name,
backup_succeeded ? dst_backup : NULL);
if (x->set_security_context)
- restorecon(dst_name, 1, false);
+ restorecon (dst_name, 1, false);
if (rename_succeeded)
*rename_succeeded = true;
@@ -2221,7 +2224,7 @@ copy_internal (char const *src_name, char const *dst_name,
else
{
if (x->set_security_context)
- restorecon(dst_name, 1, false);
+ restorecon (dst_name, 1, false);
}
if (S_ISDIR (src_mode))
diff --git a/src/cp.c b/src/cp.c
index 365fad4..77d04e6 100644
--- a/src/cp.c
+++ b/src/cp.c
@@ -879,10 +879,11 @@ decode_preserve_arg (char const *arg, struct cp_options
*x, bool on_off)
break;
case PRESERVE_CONTEXT:
- if (! x->set_security_context) {
- x->preserve_security_context = on_off;
- x->require_preserve_context = on_off;
- }
+ if (! x->set_security_context)
+ {
+ x->preserve_security_context = on_off;
+ x->require_preserve_context = on_off;
+ }
break;
case PRESERVE_XATTR:
@@ -1098,20 +1099,25 @@ main (int argc, char **argv)
case 'Z':
- /* politely decline if we're not on a selinux-enabled kernel. */
- if( selinux_enabled ) {
- if (optarg) {
- /* if there's a security_context given set new path
- components to that context, too */
- if ( setfscreatecon(optarg) < 0 ) {
- (void) fprintf(stderr, _("cannot set default
security context %s\n"), optarg);
- exit( 1 );
- }
- }
- x.set_security_context = true;
- x.preserve_security_context = false;
- }
- break;
+ /* politely decline if we're not on a selinux-enabled kernel. */
+ if (selinux_enabled)
+ {
+ if (optarg)
+ {
+ /* if there's a security_context given set new path
+ components to that context, too. */
+ if (setfscreatecon (optarg) < 0)
+ {
+ fprintf (stderr,
+ _("cannot set default security context %s\n"),
+ optarg);
+ exit (1);
+ }
+ }
+ x.set_security_context = true;
+ x.preserve_security_context = false;
+ }
+ break;
case 'S':
make_backups = true;
diff --git a/src/install.c b/src/install.c
index 0b9b317..ed870f2 100644
--- a/src/install.c
+++ b/src/install.c
@@ -854,26 +854,29 @@ main (int argc, char **argv)
break;
case PRESERVE_CONTEXT_OPTION:
- if ( ! selinux_enabled)
+ if (! selinux_enabled)
{
error (0, 0, _("WARNING: ignoring --preserve-context; "
"this kernel is not SELinux-enabled"));
break;
}
- if ( x.set_security_context || scontext ) {
- (void) fprintf(stderr, "%s: cannot force target context and
preserve it\n", argv[0]);
- exit( 1 );
- }
+ if (x.set_security_context || scontext)
+ {
+ fprintf (stderr,
+ "%s: cannot force target context and preserve it\n",
+ argv[0]);
+ exit (1);
+ }
x.preserve_security_context = true;
break;
case 'Z':
- if ( selinux_enabled )
- {
- if (optarg)
- scontext = optarg;
- else
- x.set_security_context = true;
- }
+ if (selinux_enabled)
+ {
+ if (optarg)
+ scontext = optarg;
+ else
+ x.set_security_context = true;
+ }
break;
case_GETOPT_HELP_CHAR;
case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
diff --git a/src/local.mk b/src/local.mk
index bd6711e..d72f7f2 100644
--- a/src/local.mk
+++ b/src/local.mk
@@ -322,7 +322,8 @@ copy_sources = \
# to install before applying any user-specified name transformations.
transform = s/ginstall/install/; $(program_transform_name)
-src_ginstall_SOURCES = src/install.c src/prog-fprintf.c $(copy_sources)
$(selinux_sources)
+src_ginstall_SOURCES = src/install.c src/prog-fprintf.c $(copy_sources) \
+ $(selinux_sources)
# This is for the '[' program. Automake transliterates '[' and '/' to '_'.
src___SOURCES = src/lbracket.c
diff --git a/src/mkdir.c b/src/mkdir.c
index 548030c..94ec3f6 100644
--- a/src/mkdir.c
+++ b/src/mkdir.c
@@ -119,7 +119,7 @@ make_ancestor (char const *dir, char const *component, void
*options)
struct mkdir_options const *o = options;
if (o->set_security_context)
- defaultcon(dir, S_IFDIR);
+ defaultcon (dir, S_IFDIR);
int r = mkdir (component, o->ancestor_mode);
if (r == 0)
{
@@ -177,13 +177,13 @@ main (int argc, char **argv)
options.created_directory_format = _("created directory %s");
break;
case 'Z':
- if ( is_selinux_enabled() > 0 )
- {
- if (optarg)
- scontext = optarg;
- else
- options.set_security_context = true;
- }
+ if (is_selinux_enabled () > 0)
+ {
+ if (optarg)
+ scontext = optarg;
+ else
+ options.set_security_context = true;
+ }
break;
case_GETOPT_HELP_CHAR;
case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
diff --git a/src/mkfifo.c b/src/mkfifo.c
index 3253640..f657ca0 100644
--- a/src/mkfifo.c
+++ b/src/mkfifo.c
@@ -96,13 +96,13 @@ main (int argc, char **argv)
specified_mode = optarg;
break;
case 'Z':
- if ( is_selinux_enabled() > 0 )
- {
- if (optarg)
- scontext = optarg;
- else
- set_security_context = true;
- }
+ if (is_selinux_enabled () > 0)
+ {
+ if (optarg)
+ scontext = optarg;
+ else
+ set_security_context = true;
+ }
break;
case_GETOPT_HELP_CHAR;
case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
@@ -137,7 +137,7 @@ main (int argc, char **argv)
for (; optind < argc; ++optind)
if (set_security_context)
- defaultcon(argv[optind], S_IFIFO);
+ defaultcon (argv[optind], S_IFIFO);
if (mkfifo (argv[optind], newmode) != 0)
{
error (0, errno, _("cannot create fifo %s"), quote (argv[optind]));
diff --git a/src/mknod.c b/src/mknod.c
index 6977ba8..404385a 100644
--- a/src/mknod.c
+++ b/src/mknod.c
@@ -113,13 +113,13 @@ main (int argc, char **argv)
specified_mode = optarg;
break;
case 'Z':
- if ( is_selinux_enabled() > 0 )
- {
- if (optarg)
- scontext = optarg;
- else
- set_security_context = true;
- }
+ if (is_selinux_enabled () > 0)
+ {
+ if (optarg)
+ scontext = optarg;
+ else
+ set_security_context = true;
+ }
break;
case_GETOPT_HELP_CHAR;
case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
@@ -221,7 +221,7 @@ main (int argc, char **argv)
#endif
if (set_security_context)
- defaultcon(argv[optind], node_type);
+ defaultcon (argv[optind], node_type);
if (mknod (argv[optind], newmode | node_type, device) != 0)
error (EXIT_FAILURE, errno, "%s", quote (argv[optind]));
diff --git a/src/mv.c b/src/mv.c
index 683c649..da9009f 100644
--- a/src/mv.c
+++ b/src/mv.c
@@ -424,10 +424,11 @@ main (int argc, char **argv)
break;
case 'Z':
/* politely decline if we're not on a selinux-enabled kernel. */
- if( selinux_enabled ) {
- x.preserve_security_context = false;
- x.set_security_context = true;
- }
+ if (selinux_enabled)
+ {
+ x.preserve_security_context = false;
+ x.set_security_context = true;
+ }
break;
case_GETOPT_HELP_CHAR;
case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
diff --git a/src/runcon.c b/src/runcon.c
index 7162f65..df1ad8e 100644
--- a/src/runcon.c
+++ b/src/runcon.c
@@ -193,8 +193,8 @@ main (int argc, char **argv)
}
if (is_selinux_enabled () != 1)
- error (EXIT_FAILURE, 0,
- _("%s may be used only on a SELinux kernel"), program_name);
+ error (EXIT_FAILURE, 0, _("%s may be used only on a SELinux kernel"),
+ program_name);
if (context)
{
@@ -219,8 +219,7 @@ main (int argc, char **argv)
/* compute result of process transition */
if (security_compute_create (cur_context, file_context,
SECCLASS_PROCESS, &new_context) != 0)
- error (EXIT_FAILURE, errno,
- _("failed to compute a new context"));
+ error (EXIT_FAILURE, errno, _("failed to compute a new context"));
/* free contexts */
freecon (file_context);
freecon (cur_context);
diff --git a/src/selinux.c b/src/selinux.c
index 6045dd5..4e1e2f5 100644
--- a/src/selinux.c
+++ b/src/selinux.c
@@ -41,24 +41,26 @@
Translates a mode into an Internal SELinux security_class definition.
Returns 0 on failure, with errno set to EINVAL.
*/
-static security_class_t mode_to_security_class(mode_t m) {
-
- if (S_ISREG(m))
- return string_to_security_class("file");
- if (S_ISDIR(m))
- return string_to_security_class("dir");
- if (S_ISCHR(m))
- return string_to_security_class("chr_file");
- if (S_ISBLK(m))
- return string_to_security_class("blk_file");
- if (S_ISFIFO(m))
- return string_to_security_class("fifo_file");
- if (S_ISLNK(m))
- return string_to_security_class("lnk_file");
- if (S_ISSOCK(m))
- return string_to_security_class("sock_file");
-
- errno=EINVAL;
+static security_class_t
+mode_to_security_class (mode_t m)
+{
+
+ if (S_ISREG (m))
+ return string_to_security_class ("file");
+ if (S_ISDIR (m))
+ return string_to_security_class ("dir");
+ if (S_ISCHR (m))
+ return string_to_security_class ("chr_file");
+ if (S_ISBLK (m))
+ return string_to_security_class ("blk_file");
+ if (S_ISFIFO (m))
+ return string_to_security_class ("fifo_file");
+ if (S_ISLNK (m))
+ return string_to_security_class ("lnk_file");
+ if (S_ISSOCK (m))
+ return string_to_security_class ("sock_file");
+
+ errno = EINVAL;
return 0;
}
@@ -70,28 +72,30 @@ static security_class_t mode_to_security_class(mode_t m) {
Returns -1 on failure. errno will be set approptiately.
*/
-static int computecon(char const *path, mode_t mode, security_context_t *con) {
+static int
+computecon (char const *path, mode_t mode, security_context_t * con)
+{
security_context_t scon = NULL;
security_context_t tcon = NULL;
security_class_t tclass;
int rc = -1;
- char *dir = strdup(path);
+ char *dir = strdup (path);
if (!dir)
goto quit;
- if (getcon(&scon) < 0)
+ if (getcon (&scon) < 0)
goto quit;
- if (getfilecon(dirname((char *) dir), &tcon) < 0)
+ if (getfilecon (dirname ((char *) dir), &tcon) < 0)
goto quit;
- tclass = mode_to_security_class(mode);
+ tclass = mode_to_security_class (mode);
if (!tclass)
goto quit;
- rc = security_compute_create(scon, tcon, tclass, con);
+ rc = security_compute_create (scon, tcon, tclass, con);
quit:
- free(dir);
- freecon(scon);
- freecon(tcon);
+ free (dir);
+ freecon (scon);
+ freecon (tcon);
return rc;
}
@@ -104,36 +108,38 @@ quit:
Returns -1 on failure. errno will be set approptiately.
*/
-int defaultcon (char const *path, mode_t mode) {
+int
+defaultcon (char const *path, mode_t mode)
+{
int rc = -1;
security_context_t scon = NULL, tcon = NULL;
context_t scontext = NULL, tcontext = NULL;
- rc = matchpathcon(path, mode, &scon);
+ rc = matchpathcon (path, mode, &scon);
if (rc < 0)
goto quit;
- rc = computecon(path, mode, &tcon);
+ rc = computecon (path, mode, &tcon);
if (rc < 0)
goto quit;
- scontext = context_new(scon);
+ scontext = context_new (scon);
rc = -1;
if (!scontext)
goto quit;
- tcontext = context_new(tcon);
+ tcontext = context_new (tcon);
if (!tcontext)
goto quit;
- context_type_set(tcontext, context_type_get(scontext));
- rc = setfscreatecon (context_str(tcontext));
+ context_type_set (tcontext, context_type_get (scontext));
+ rc = setfscreatecon (context_str (tcontext));
// printf("defaultcon %s %s\n", path, context_str(tcontext));
quit:
if (scontext)
- context_free(scontext);
+ context_free (scontext);
if (scontext)
- context_free(tcontext);
- freecon(scon);
- freecon(tcon);
+ context_free (tcontext);
+ freecon (scon);
+ freecon (tcon);
return rc;
}
@@ -149,72 +155,81 @@ quit:
Returns -1 on failure. errno will be set approptiately.
*/
-static int restorecon_private (char const *path, bool preserve) {
+static int
+restorecon_private (char const *path, bool preserve)
+{
int rc = -1;
struct stat sb;
security_context_t scon = NULL, tcon = NULL;
context_t scontext = NULL, tcontext = NULL;
int fd;
- if (preserve) {
- if (getfscreatecon (&tcon) < 0)
+ if (preserve)
+ {
+ if (getfscreatecon (&tcon) < 0)
+ return rc;
+ rc = lsetfilecon (path, tcon);
+ freecon (tcon);
return rc;
- rc = lsetfilecon (path, tcon);
- freecon(tcon);
- return rc;
- }
+ }
fd = open (path, O_RDONLY | O_NOFOLLOW);
if (!fd && (errno != ELOOP))
goto quit;
- if (fd) {
- rc = fstat (fd, &sb);
- if (rc < 0)
- goto quit;
- } else {
- rc = lstat (path, &sb);
- if (rc < 0)
- goto quit;
- }
-
- rc = matchpathcon(path, sb.st_mode, &scon);
+ if (fd)
+ {
+ rc = fstat (fd, &sb);
+ if (rc < 0)
+ goto quit;
+ }
+ else
+ {
+ rc = lstat (path, &sb);
+ if (rc < 0)
+ goto quit;
+ }
+
+ rc = matchpathcon (path, sb.st_mode, &scon);
if (rc < 0)
goto quit;
- scontext = context_new(scon);
+ scontext = context_new (scon);
rc = -1;
if (!scontext)
goto quit;
- if (fd) {
- rc = fgetfilecon (fd, &tcon);
- if (!rc)
- goto quit;
- } else {
- rc = lgetfilecon (path, &tcon);
- if (!rc)
- goto quit;
- }
- tcontext = context_new(tcon);
+ if (fd)
+ {
+ rc = fgetfilecon (fd, &tcon);
+ if (!rc)
+ goto quit;
+ }
+ else
+ {
+ rc = lgetfilecon (path, &tcon);
+ if (!rc)
+ goto quit;
+ }
+ tcontext = context_new (tcon);
if (!tcontext)
goto quit;
- context_type_set(tcontext, context_type_get(scontext));
+ context_type_set (tcontext, context_type_get (scontext));
if (fd)
- rc = fsetfilecon (fd, context_str(tcontext));
+ rc = fsetfilecon (fd, context_str (tcontext));
else
- rc = lsetfilecon (path, context_str(tcontext));
+ rc = lsetfilecon (path, context_str (tcontext));
// printf("restorcon %s %s\n", path, context_str(tcontext));
quit:
- close(fd);
+ close (fd);
if (scontext)
- context_free(scontext);
+ context_free (scontext);
if (scontext)
- context_free(tcontext);
- freecon(scon);
- freecon(tcon);
+ context_free (tcontext);
+ freecon (scon);
+ freecon (tcon);
return rc;
}
@@ -231,15 +246,17 @@ quit:
Returns false on failure. errno will be set approptiately.
*/
-bool restorecon (char const *path, bool recurse, bool preserve) {
+bool
+restorecon (char const *path, bool recurse, bool preserve)
+{
const char *mypath[2] = { path, NULL };
FTS *fts;
bool ok = true;
if (!recurse)
- return restorecon_private(path, preserve);
+ return restorecon_private (path, preserve);
- fts = fts_open ((char *const *)mypath, FTS_PHYSICAL, NULL);
+ fts = fts_open ((char *const *) mypath, FTS_PHYSICAL, NULL);
while (1)
{
FTSENT *ent;
@@ -256,7 +273,7 @@ bool restorecon (char const *path, bool recurse, bool
preserve) {
break;
}
- ok &= restorecon_private(fts->fts_path, preserve);
+ ok &= restorecon_private (fts->fts_path, preserve);
}
if (fts_close (fts) != 0)
diff --git a/src/selinux.h b/src/selinux.h
index c032c05..2d8e22e 100644
--- a/src/selinux.h
+++ b/src/selinux.h
@@ -17,10 +17,11 @@
/* Written by Daniel Walsh <address@hidden> */
#ifndef COREUTILS_SELINUX_H
-#define COREUTILS_SELINUX_H
+# define COREUTILS_SELINUX_H
+
+# include <stdbool.h>
+# include <sys/stat.h>
-#include <stdbool.h>
-#include <sys/stat.h>
extern bool restorecon (char const *path, bool recurse, bool preserve);
extern int defaultcon (char const *path, mode_t mode);
#endif
--
1.7.6.4
- Re: Make mv work better with SELinux., Daniel J Walsh, 2012/11/08
- Re: Make mv work better with SELinux., Pádraig Brady, 2012/11/08
- Re: Make mv work better with SELinux., Pádraig Brady, 2012/11/27
- [PATCH 4/9] cp: -Z: s/fprintf/error/, Pádraig Brady, 2012/11/27
- [PATCH 6/9] cp: -Z: add selinux.c to POTFILES.in, Pádraig Brady, 2012/11/27
- [PATCH 3/9] cp: -Z: spelling fixes, Pádraig Brady, 2012/11/27
- [PATCH 7/9] cp: -Z: remove redundant includes from selinux.[ch], Pádraig Brady, 2012/11/27
- [PATCH 5/9] cp: -Z: wrap/clarify/isolate --help messages, Pádraig Brady, 2012/11/27
- [PATCH 2/9] cp: -Z: formatting cleanups,
Pádraig Brady <=
- [PATCH 8/9] cp: -Z: fix a logic error due to incorrect braces in mkfifo, Pádraig Brady, 2012/11/27
- [PATCH 1/9] cp: -Z: adjust utils to run restorecon with -Z, Pádraig Brady, 2012/11/27
- [PATCH 9/9] cp: -Z: adjust an existing selinux test to the new scheme, Pádraig Brady, 2012/11/27
- [PATCH] cp: -Z: fix memory leak edge case, Pádraig Brady, 2012/11/28
- Re: Make mv work better with SELinux., Jim Meyering, 2012/11/29