On Mon, Jun 1, 2015 at 1:29 AM, Hyejin Kim <[email protected]> wrote: > Hi. > > This time _mkdir_ and _id_ were verified for smack behavior.
Sorry I've been AWOL: still in Japan through the 7th. (Giving a talk at LinuxCon Japan on thursday: http://lccojapan2015.sched.org/event/860288ccda595208a5d7337d31c6075c#.VWv3sR-1XVN if you're curious. :) > -Z option of the 2 can print security label. > > But, there is a meager issue. > > 1) "toybox mkdir --help" does not display -Z option is supported Yeah, I have a todo item for that. My help text collating infrastructure is hiccuping, I'm not sure why yet. (Known issue, my bad, I intend to fix it before cutting a release. Tentatively thinking somewhere around the 15th, maybe? I need to get home and then have a week to deal with backlog...) > 2) "toybox id -Znr" can print something while "coreutils' id -Znr" gives > error message. I still haven't got a smack build environment, but I can build selinux, and it goes: $ ./toybox id -Znr id: SELinux disabled And that exited with an error code of 1. The test is: // This turns into "return 0" when no LSM and lets code optimize out. static inline int lsm_enabled(void) { if (CFG_TOYBOX_SMACK) return !!smack_smackfs_path(); else return is_selinux_enabled() == 1; } So if built with SMACK and smack_smackfs_path() returns NULL, then lsm_enabled() should return 0 and we should get the disabled message. (I note that there's an lsm_name() function so it should say Smack disabled instead of SELinux for you.) Is it not doing that? Rob _______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
