Problem: Vim does not support the smack library.
Solution: Add smack support (Jose Bollo)
with_view_name
with_global_runtime
with_modified_by
+enable_smack
enable_selinux
with_features
with_compiledby
--enable-fail-if-missing Fail if dependencies on additional features
specified on the command line are missing.
--disable-darwin Disable Darwin (Mac OS X) support.
- --disable-selinux Don't check for SELinux support.
+ --disable-smack Do not check for Smack support.
+ --disable-selinux Do not check for SELinux support.
--disable-xsmp Disable XSMP session management
--disable-xsmp-interact Disable XSMP interaction
--enable-luainterp=OPTS Include Lua interpreter. default=no OPTS=no/yes/dynamic
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking --disable-selinux argument" >&5
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking --disable-smack argument" >&5
+$as_echo_n "checking --disable-smack argument... " >&6; }
+# Check whether --enable-smack was given.
+if test "${enable_smack+set}" = set; then :
+ enableval=$enable_smack;
+else
+ enable_smack="yes"
+fi
+
+if test "$enable_smack" = "yes"; then
+ ac_fn_c_check_header_mongrel "$LINENO" "linux/xattr.h" "ac_cv_header_linux_xattr_h" "$ac_includes_default"
+if test "x$ac_cv_header_linux_xattr_h" = xyes; then :
+ true
+else
+ enable_smack="no"
+fi
+
+
+fi
+if test "$enable_smack" = "yes"; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for llistxattr in -lattr" >&5
+$as_echo_n "checking for llistxattr in -lattr... " >&6; }
+if ${ac_cv_lib_attr_llistxattr+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lattr $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char llistxattr ();
+int
+main ()
+{
+return llistxattr ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+ ac_cv_lib_attr_llistxattr=yes
+else
+ ac_cv_lib_attr_llistxattr=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_attr_llistxattr" >&5
+$as_echo "$ac_cv_lib_attr_llistxattr" >&6; }
+if test "x$ac_cv_lib_attr_llistxattr" = xyes; then :
+ LIBS="$LIBS -lattr"
+ found_smack="yes"
+ $as_echo "#define HAVE_SMACK 1" >>confdefs.h
+
+fi
+
+else
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+fi
+
+if test "x$found_smack" = "x"; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking --disable-selinux argument" >&5
$as_echo_n "checking --disable-selinux argument... " >&6; }
-# Check whether --enable-selinux was given.
+ # Check whether --enable-selinux was given.
if test "${enable_selinux+set}" = set; then :
enableval=$enable_selinux;
else
enable_selinux="yes"
fi
-if test "$enable_selinux" = "yes"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ if test "$enable_selinux" = "yes"; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for is_selinux_enabled in -lselinux" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for is_selinux_enabled in -lselinux" >&5
$as_echo_n "checking for is_selinux_enabled in -lselinux... " >&6; }
if ${ac_cv_lib_selinux_is_selinux_enabled+:} false; then :
$as_echo_n "(cached) " >&6
$as_echo "$ac_cv_lib_selinux_is_selinux_enabled" >&6; }
if test "x$ac_cv_lib_selinux_is_selinux_enabled" = xyes; then :
LIBS="$LIBS -lselinux"
- $as_echo "#define HAVE_SELINUX 1" >>confdefs.h
+ $as_echo "#define HAVE_SELINUX 1" >>confdefs.h
fi
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+ else
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
+ fi
fi
#undef HAVE_SIGSETJMP
#undef HAVE_SIGSTACK
#undef HAVE_SIGVEC
+#undef HAVE_SMACK
#undef HAVE_STRCASECMP
#undef HAVE_STRERROR
#undef HAVE_STRFTIME
AC_SUBST(QUOTESED)
-dnl Link with -lselinux for SELinux stuff; if not found
-AC_MSG_CHECKING(--disable-selinux argument)
-AC_ARG_ENABLE(selinux,
- [ --disable-selinux Don't check for SELinux support.],
- , enable_selinux="yes")
-if test "$enable_selinux" = "yes"; then
+dnl Link with -lsmack for Smack stuff; if not found
+AC_MSG_CHECKING(--disable-smack argument)
+AC_ARG_ENABLE(smack,
+ [ --disable-smack Do not check for Smack support.],
+ , enable_smack="yes")
+if test "$enable_smack" = "yes"; then
+ AC_CHECK_HEADER([linux/xattr.h], true, enable_smack="no")
+fi
+if test "$enable_smack" = "yes"; then
AC_MSG_RESULT(no)
- AC_CHECK_LIB(selinux, is_selinux_enabled,
- [LIBS="$LIBS -lselinux"
- AC_DEFINE(HAVE_SELINUX)])
+ AC_CHECK_LIB(attr, llistxattr,
+ [LIBS="$LIBS -lattr"
+ found_smack="yes"
+ AC_DEFINE(HAVE_SMACK)])
else
AC_MSG_RESULT(yes)
fi
+dnl When smack was found don't search for SELinux
+if test "x$found_smack" = "x"; then
+ dnl Link with -lselinux for SELinux stuff; if not found
+ AC_MSG_CHECKING(--disable-selinux argument)
+ AC_ARG_ENABLE(selinux,
+ [ --disable-selinux Do not check for SELinux support.],
+ , enable_selinux="yes")
+ if test "$enable_selinux" = "yes"; then
+ AC_MSG_RESULT(no)
+ AC_CHECK_LIB(selinux, is_selinux_enabled,
+ [LIBS="$LIBS -lselinux"
+ AC_DEFINE(HAVE_SELINUX)])
+ else
+ AC_MSG_RESULT(yes)
+ fi
+fi
+
dnl Check user requested features.
AC_MSG_CHECKING(--with-features argument)
)
mch_setperm(backup,
(perm & 0707) | ((perm & 07) << 3));
-# ifdef HAVE_SELINUX
+# if defined(HAVE_SELINUX) || defined(HAVE_SMACK)
mch_copy_sec(fname, backup);
# endif
#endif
#ifdef HAVE_ACL
mch_set_acl(backup, acl);
#endif
-#ifdef HAVE_SELINUX
+#if defined(HAVE_SELINUX) || defined(HAVE_SMACK)
mch_copy_sec(fname, backup);
#endif
break;
}
#endif
-#ifdef HAVE_SELINUX
+#if defined(HAVE_SELINUX) || defined(HAVE_SMACK)
/* Probably need to set the security context. */
if (!backup_copy)
mch_copy_sec(backup, wfname);
mch_set_acl(to, acl);
mch_free_acl(acl);
#endif
-#ifdef HAVE_SELINUX
+#if defined(HAVE_SELINUX) || defined(HAVE_SMACK)
mch_copy_sec(from, to);
#endif
if (errmsg != NULL)
if (fdflags >= 0 && (fdflags & FD_CLOEXEC) == 0)
fcntl(mfp->mf_fd, F_SETFD, fdflags | FD_CLOEXEC);
#endif
-#ifdef HAVE_SELINUX
+#if defined(HAVE_SELINUX) || defined(HAVE_SMACK)
mch_copy_sec(fname, mfp->mf_fname);
#endif
mch_hide(mfp->mf_fname); /* try setting the 'hidden' flag */
static int selinux_enabled = -1;
#endif
+#ifdef HAVE_SMACK
+# include <attr/xattr.h>
+# include <linux/xattr.h>
+# ifndef SMACK_LABEL_LEN
+# define SMACK_LABEL_LEN 1024
+# endif
+#endif
+
/*
* Use this prototype for select, some include files have a wrong prototype
*/
}
#endif /* HAVE_SELINUX */
+#if defined(HAVE_SMACK) && !defined(PROTO)
+/*
+ * Copy security info from "from_file" to "to_file".
+ */
+ void
+mch_copy_sec(from_file, to_file)
+ char_u *from_file;
+ char_u *to_file;
+{
+ static const char const *smack_copied_attributes[] =
+ {
+ XATTR_NAME_SMACK,
+ XATTR_NAME_SMACKEXEC,
+ XATTR_NAME_SMACKMMAP
+ };
+
+ char buffer[SMACK_LABEL_LEN];
+ const char *name;
+ int index;
+ int ret;
+ ssize_t size;
+
+ if (from_file == NULL)
+ return;
+
+ for (index = 0 ; index < (int)(sizeof(smack_copied_attributes)
+ / sizeof(smack_copied_attributes)[0]) ; index++)
+ {
+ /* get the name of the attribute to copy */
+ name = smack_copied_attributes[index];
+
+ /* get the value of the attribute in buffer */
+ size = getxattr((char*)from_file, name, buffer, sizeof(buffer));
+ if (size >= 0)
+ {
+ /* copy the attribute value of buffer */
+ ret = setxattr((char*)to_file, name, buffer, (size_t)size, 0);
+ if (ret < 0)
+ {
+ MSG_PUTS(_("Could not set security context "));
+ MSG_PUTS(name);
+ MSG_PUTS(_(" for "));
+ msg_outtrans(to_file);
+ msg_putchar('\n');
+ }
+ }
+ else
+ {
+ /* what reason of not having the attribute value? */
+ switch (errno)
+ {
+ case ENOTSUP:
+ /* extended attributes aren't supported or enabled */
+ /* should a message be echoed? not sure... */
+ return; /* leave because it isn't usefull to continue */
+
+ case ERANGE:
+ default:
+ /* no enough size OR unexpected error */
+ MSG_PUTS(_("Could not get security context "));
+ MSG_PUTS(name);
+ MSG_PUTS(_(" for "));
+ msg_outtrans(from_file);
+ MSG_PUTS(_(". Removing it!\n"));
+ /* FALLTHROUGH to remove the attribute */
+
+ case ENODATA:
+ /* no attribute of this name */
+ ret = removexattr((char*)to_file, name);
+ if (ret < 0 && errno != ENODATA)
+ {
+ MSG_PUTS(_("Could not remove security context "));
+ MSG_PUTS(name);
+ MSG_PUTS(_(" for "));
+ msg_outtrans(to_file);
+ msg_putchar('\n');
+ }
+ break;
+ }
+ }
+ }
+}
+#endif /* HAVE_SMACK */
+
/*
* Return a pointer to the ACL of file "fname" in allocated memory.
* Return NULL if the ACL is not available for whatever reason.
# endif
)
mch_setperm(file_name, (perm & 0707) | ((perm & 07) << 3));
-# ifdef HAVE_SELINUX
+# if defined(HAVE_SELINUX) || defined(HAVE_SMACK)
if (buf->b_ffname != NULL)
mch_copy_sec(buf->b_ffname, file_name);
# endif
static int included_patches[] =
{ /* Add new patch number below this line */
+/**/
+ 238,
/**/
237,
/**/
projects / vim / commitdiff