[PATCH v2] cp: Have -a imply -c when SELinux is enabled.

Tue, 30 Apr 2019 06:25:47 -0700 

Have cp preserve SELinux context when using -a.  Coreutils cp also does
this.

Signed-off-by: Chris PeBenito <[email protected]>
---
 coreutils/cp.c  | 11 ++++++++---
 include/libbb.h |  2 +-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/coreutils/cp.c b/coreutils/cp.c
index 59e3d2f80..48b23fd0a 100644
--- a/coreutils/cp.c
+++ b/coreutils/cp.c
@@ -41,8 +41,7 @@
 //usage:       "[OPTIONS] SOURCE... DEST"
 //usage:#define cp_full_usage "\n\n"
 //usage:       "Copy SOURCE(s) to DEST\n"
-//usage:     "\n       -a      Same as -dpR"
-//usage:       IF_SELINUX(
+//usage:     "\n       -a      Same as -dpR" IF_SELINUX("c"
 //usage:     "\n       -c      Preserve security context"
 //usage:       )
 //usage:     "\n       -R,-r   Recurse"
@@ -93,7 +92,7 @@ int cp_main(int argc, char **argv)
                // -P and -d are the same (-P is POSIX, -d is GNU)
                // -r and -R are the same
                // -R (and therefore -r) turns on -d (coreutils does this)
-               // -a = -pdR
+               // -a = -pdR (-c added in ENABLE_SELINUX block below)
                "-2:l--s:s--l:Pd:rRd:Rd:apdR",
                "archive\0"        No_argument "a"
                "force\0"          No_argument "f"
@@ -189,6 +188,12 @@ int cp_main(int argc, char **argv)
                flags |= FILEUTILS_DEREFERENCE;
 
 #if ENABLE_SELINUX
+       /* for -a, imply -c if SELinux is enabled. */
+       if ((flags & FILEUTILS_ARCHIVE) && is_selinux_enabled() > 0) {
+               flags |= FILEUTILS_PRESERVE_SECURITY_CONTEXT;
+       }
+
+       /* -c may be explicitly set */
        if (flags & FILEUTILS_PRESERVE_SECURITY_CONTEXT) {
                selinux_or_die();
        }
diff --git a/include/libbb.h b/include/libbb.h
index 57cfce385..ef7be211d 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -400,7 +400,7 @@ enum {      /* cp.c, mv.c, install.c depend on these 
values. CAREFUL when changing th
        FILEUTILS_MAKE_SOFTLINK   = 1 << 6, /* -s */
        FILEUTILS_DEREF_SOFTLINK  = 1 << 7, /* -L */
        FILEUTILS_DEREFERENCE_L0  = 1 << 8, /* -H */
-       /* -a = -pdR (mapped in cp.c) */
+       FILEUTILS_ARCHIVE         = 1 << 9, /* -a = -pdR (mapped in cp.c) */
        /* -r = -dR  (mapped in cp.c) */
        /* -P = -d   (mapped in cp.c) */
        FILEUTILS_VERBOSE         = (1 << 12) * ENABLE_FEATURE_VERBOSE, /* -v */
-- 
2.20.1

_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox

Reply via email to