diff -U0 emacs-23.1.92/lisp/ChangeLog.selinux-backups-on-save emacs-23.1.92/lisp/ChangeLog --- emacs-23.1.92/lisp/ChangeLog.selinux-backups-on-save 2010-02-24 11:22:02.961149752 +0100 +++ emacs-23.1.92/lisp/ChangeLog 2010-02-24 11:34:23.555149599 +0100 @@ -0,0 +1,9 @@ +2010-02-24 Karel Klíč + + * files.el (backup-buffer): Handle SELinux context, and return it + if a backup was made by renaming. + (backup-buffer-copy): Set SELinux context to the target file. + (basic-save-buffer): Set SELinux context of the newly written file. + (basic-save-buffer-1): Mention it also returns SELinux context. + (basic-save-buffer-2): Set SELinux context of the newly created file. + diff -up emacs-23.1.92/lisp/files.el.selinux-backups-on-save emacs-23.1.92/lisp/files.el --- emacs-23.1.92/lisp/files.el.selinux-backups-on-save 2010-01-27 04:35:37.000000000 +0100 +++ emacs-23.1.92/lisp/files.el 2010-02-23 16:35:56.598149543 +0100 @@ -3616,10 +3616,13 @@ variable `make-backup-files'. If it's d no longer accessible under its old name. The value is non-nil after a backup was made by renaming. -It has the form (MODES . BACKUPNAME). +It has the form (MODES SELINUXCONTEXT BACKUPNAME). MODES is the result of `file-modes' on the original file; this means that the caller, after saving the buffer, should change the modes of the new file to agree with the old modes. +SELINUXCONTEXT is the result of `file-selinux-context' on the original +file; this means that the caller, after saving the buffer, should change +the SELinux context of the new file to agree with the old context. BACKUPNAME is the backup file name, which is the old file renamed." (if (and make-backup-files (not backup-inhibited) (not buffer-backed-up) @@ -3647,7 +3650,8 @@ BACKUPNAME is the backup file name, whic (or delete-old-versions (y-or-n-p (format "Delete excess backup versions of %s? " real-file-name))))) - (modes (file-modes buffer-file-name))) + (modes (file-modes buffer-file-name)) + (context (file-selinux-context buffer-file-name))) ;; Actually write the back up file. (condition-case () (if (or file-precious-flag @@ -3667,10 +3671,10 @@ BACKUPNAME is the backup file name, whic (<= (nth 2 attr) backup-by-copying-when-privileged-mismatch))) (or (nth 9 attr) (not (file-ownership-preserved-p real-file-name))))))) - (backup-buffer-copy real-file-name backupname modes) + (backup-buffer-copy real-file-name backupname modes context) ;; rename-file should delete old backup. (rename-file real-file-name backupname t) - (setq setmodes (cons modes backupname))) + (setq setmodes (list modes context backupname))) (file-error ;; If trouble writing the backup, write it in ~. (setq backupname (expand-file-name @@ -3679,7 +3683,7 @@ BACKUPNAME is the backup file name, whic (message "Cannot write backup file; backing up in %s" backupname) (sleep-for 1) - (backup-buffer-copy real-file-name backupname modes))) + (backup-buffer-copy real-file-name backupname modes context))) (setq buffer-backed-up t) ;; Now delete the old versions, if desired. (if delete-old-versions @@ -3691,7 +3695,7 @@ BACKUPNAME is the backup file name, whic setmodes) (file-error nil)))))) -(defun backup-buffer-copy (from-name to-name modes) +(defun backup-buffer-copy (from-name to-name modes context) (let ((umask (default-file-modes))) (unwind-protect (progn @@ -3718,7 +3722,9 @@ BACKUPNAME is the backup file name, whic ;; Reset the umask. (set-default-file-modes umask))) (and modes - (set-file-modes to-name (logand modes #o1777)))) + (set-file-modes to-name (logand modes #o1777))) + (and context + (set-file-selinux-context to-name context))) (defun file-name-sans-versions (name &optional keep-backup-version) "Return file NAME sans backup versions or strings. @@ -4248,7 +4254,9 @@ Before and after saving the buffer, this (nthcdr 10 (file-attributes buffer-file-name))) (if setmodes (condition-case () - (set-file-modes buffer-file-name (car setmodes)) + (progn + (set-file-modes buffer-file-name (car setmodes)) + (set-file-selinux-context buffer-file-name (nth 1 setmodes))) (error nil)))) ;; If the auto-save file was recent before this command, ;; delete it now. @@ -4261,7 +4269,7 @@ Before and after saving the buffer, this ;; This does the "real job" of writing a buffer into its visited file ;; and making a backup file. This is what is normally done ;; but inhibited if one of write-file-functions returns non-nil. -;; It returns a value (MODES . BACKUPNAME), like backup-buffer. +;; It returns a value (MODES SELINUXCONTEXT BACKUPNAME), like backup-buffer. (defun basic-save-buffer-1 () (prog1 (if save-buffer-coding-system @@ -4273,7 +4281,7 @@ Before and after saving the buffer, this (setq buffer-file-coding-system-explicit (cons last-coding-system-used nil))))) -;; This returns a value (MODES . BACKUPNAME), like backup-buffer. +;; This returns a value (MODES SELINUXCONTEXT BACKUPNAME), like backup-buffer. (defun basic-save-buffer-2 () (let (tempsetmodes setmodes) (if (not (file-writable-p buffer-file-name)) @@ -4344,8 +4352,9 @@ Before and after saving the buffer, this ;; Since we have created an entirely new file, ;; make sure it gets the right permission bits set. (setq setmodes (or setmodes - (cons (or (file-modes buffer-file-name) + (list (or (file-modes buffer-file-name) (logand ?\666 umask)) + (file-selinux-context buffer-file-name) buffer-file-name))) ;; We succeeded in writing the temp file, ;; so rename it. @@ -4356,8 +4365,11 @@ Before and after saving the buffer, this ;; (setmodes is set) because that says we're superseding. (cond ((and tempsetmodes (not setmodes)) ;; Change the mode back, after writing. - (setq setmodes (cons (file-modes buffer-file-name) buffer-file-name)) - (set-file-modes buffer-file-name (logior (car setmodes) 128)))) + (setq setmodes (list (file-modes buffer-file-name) + (file-selinux-context buffer-file-name) + buffer-file-name)) + (set-file-modes buffer-file-name (logior (car setmodes) 128)) + (set-file-selinux-context buffer-file-name (nth 1 setmodes))))) (let (success) (unwind-protect (progn @@ -4371,8 +4383,8 @@ Before and after saving the buffer, this ;; the backup by renaming, undo the backing-up. (and setmodes (not success) (progn - (rename-file (cdr setmodes) buffer-file-name t) - (setq buffer-backed-up nil))))))) + (rename-file (nth 2 setmodes) buffer-file-name t) + (setq buffer-backed-up nil)))))) setmodes)) (defun diff-buffer-with-file (&optional buffer)