[PATCH] id should not show selinux context when user is specified

Tue, 22 Apr 2008 07:42:42 -0700 

Hello,
when using id <username> SELinux context of the user who executed id
command is printed. This is quiet misleading and should be avoided.
Problem reported in RH bugzilla #443485 by Ronny Buchmann
([EMAIL PROTECTED]) 

Patch changing the id behaviour to "don't show scontext when
user is specified" is attached.

Greetings,
         Ondrej Vasik

From b12554c8d2738385543ea7f8304a6b83ee5661b7 Mon Sep 17 00:00:00 2001
From: =?utf-8?q?Ond=C5=99ej=20Va=C5=A1=C3=ADk?= <[EMAIL PROTECTED]>
Date: Tue, 22 Apr 2008 15:37:13 +0200
Subject: [PATCH] id will now show selinux context only when used without specified user

Signed-off-by: Ondřej Vašík <[EMAIL PROTECTED]>
---
 NEWS     |    4 ++++
 src/id.c |    7 +++++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index 04893c6..ef3feda 100644
--- a/NEWS
+++ b/NEWS
@@ -75,6 +75,10 @@ GNU coreutils NEWS                                    -*- outline -*-
   id and groups work around an AFS-related bug whereby those programs
   would print an invalid group number, when given no user-name argument.
 
+  id will now show selinux context only when used without specified
+  user. Showing SELinux context of user who executed id command could 
+  be misleading.
+
   ls --color no longer outputs unnecessary escape sequences
 
   seq gives better diagnostics for invalid formats.
diff --git a/src/id.c b/src/id.c
index a178714..621f2f9 100644
--- a/src/id.c
+++ b/src/id.c
@@ -48,6 +48,9 @@ char *program_name;
 /* If true, output user/group name instead of ID number. -n */
 static bool use_name = false;
 
+/* If true, id is used on specified user/group name */
+static bool specified_name = false;
+
 /* The real and effective IDs of the user to print. */
 static uid_t ruid, euid;
 static gid_t rgid, egid;
@@ -170,7 +173,7 @@ main (int argc, char **argv)
       usage (EXIT_FAILURE);
     }
 
-  if (argc - optind == 1 && just_context)
+  if ((specified_name = (argc - optind == 1)) && just_context)
     error (EXIT_FAILURE, 0,
 	   _("cannot print security context when user specified"));
 
@@ -338,6 +341,6 @@ print_full_info (const char *username)
     free (groups);
   }
 #endif /* HAVE_GETGROUPS */
-  if (context != NULL)
+  if (!specified_name && context != NULL)
     printf (" context=%s", context);
 }
-- 
1.5.2.2

Attachment: signature.asc
Description: Toto je digitálně podepsaná část zprávy

_______________________________________________
Bug-coreutils mailing list
Bug-coreutils@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-coreutils

Reply via email to