Debian Bug report logs - #472590
coreutils: ls shouldn't use a "+" for files with a SE Linux context

version graph

Package: coreutils; Maintainer for coreutils is Michael Stone <mstone@debian.org>; Source for coreutils is src:coreutils.

Reported by: Russell Coker <russell@coker.com.au>

Date: Tue, 25 Mar 2008 04:15:01 UTC

Severity: normal

Found in version coreutils/6.10-3

Fixed in version coreutils/6.10-4

Done: Michael Stone <mstone@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Russell Coker <russell@coker.com.au>:
New Bug report received and forwarded. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Russell Coker <russell@coker.com.au>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: coreutils: ls shouldn't use a "+" for files with a SE Linux context
Date: Tue, 25 Mar 2008 15:14:44 +1100
Package: coreutils
Version: 6.10-3
Severity: normal

unstable0:~/coreutils-6.10# ls -l /
total 158
drwxr-xr-x+  2 root root  4096 2008-03-25 10:02 bin
drwxr-xr-x+  6 root root  1024 2008-03-21 12:30 boot
drwxr-xr-x+ 16 root root  3700 2008-03-25 13:38 dev
drwxr-xr-x+ 80 root root  4096 2008-03-25 13:38 etc
drwxr-xr-x+  3 root root  4096 2008-02-15 22:08 home

Above is part of the output of "ls -l" on a machine running Unstable with
SE Linux.  The directories in question have SE Linux contexts but no ACLs.

There is no point to indicating that a filesystem object has a SE Linux
context as in modern versions of SE Linux every file will have one and
therefore you just get one character of the ls output wasted for no good
reason.  Also it makes it less obvious when a file has a POSIX ACL.


diff -ru coreutils.org/src/ls.c coreutils.patched/src/ls.c
--- coreutils-6.10/src/ls.c	2008-03-25 13:07:53.000000000 +1100
+++ coreutils-6.10/src/ls.c	2008-03-25 13:19:17.000000000 +1100
@@ -2667,20 +2667,6 @@
 			  : lgetfilecon (absolute_name, &f->scontext));
 	  err = (attr_len < 0);
 
-	  if (err == 0 && f->scontext != NULL)
-	    have_acl = ! STREQ ("unlabeled", f->scontext);
-	  else
-	    {
-	      f->scontext = UNKNOWN_SECURITY_CONTEXT;
-
-	      /* When requesting security context information, don't make
-		 ls fail just because the file (even a command line argument)
-		 isn't on the right type of file system.  I.e., a getfilecon
-		 failure isn't in the same class as a stat failure.  */
-	      if (err == 0 || errno == ENOTSUP || errno == ENODATA)
-		err = 0;
-	    }
-
 	  if (err == 0 && ! have_acl && format == long_format)
 	    {
 	      int n = file_has_acl (absolute_name, &f->stat);




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Jim Meyering <jim@meyering.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #10 received at 472590@bugs.debian.org (full text, mbox):

From: Jim Meyering <jim@meyering.net>
To: russell@coker.com.au, 472590@bugs.debian.org
Cc: "SE-Linux" <selinux@tycho.nsa.gov>
Subject: Re: ls in Debian/Unstable
Date: Tue, 25 Mar 2008 16:08:36 +0100
Russell Coker <russell@coker.com.au> wrote:
> unstable0:~/coreutils-6.10# ls -l /
> total 158
> drwxr-xr-x+  2 root root  4096 2008-03-25 10:02 bin
> drwxr-xr-x+  6 root root  1024 2008-03-21 12:30 boot
> drwxr-xr-x+ 16 root root  3700 2008-03-25 13:38 dev
> drwxr-xr-x+ 80 root root  4096 2008-03-25 13:38 etc
> drwxr-xr-x+  3 root root  4096 2008-02-15 22:08 home
>
> In Debian/Unstable the output of "ls -l" is as above, the "+" indicates a SE
> Linux security context - which doesn't do much good when every file has one.
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472590
>
> The above URL has the Debian bug report with a patch.

Hi Russell,

Older versions of the POSIX spec for ls clearly require a "+" on
any file with a SE Linux security context.
But the latest allows it to be any non-space printable character.
So eventually we'll make it more useful than a one-size-fits-all "+",
but it must remain a non-' '.




Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Michael Stone <mstone@debian.org>:
Extra info received and forwarded to list. Full text and rfc822 format available.

Message #15 received at 472590@bugs.debian.org (full text, mbox):

From: Michael Stone <mstone@debian.org>
To: Jim Meyering <jim@meyering.net>, 472590@bugs.debian.org
Cc: russell@coker.com.au, SE-Linux <selinux@tycho.nsa.gov>
Subject: Re: Bug#472590: ls in Debian/Unstable
Date: Tue, 25 Mar 2008 13:31:18 -0400
On Tue, Mar 25, 2008 at 04:08:36PM +0100, Jim Meyering wrote:
>Older versions of the POSIX spec for ls clearly require a "+" on
>any file with a SE Linux security context.
>But the latest allows it to be any non-space printable character.
>So eventually we'll make it more useful than a one-size-fits-all "+",
>but it must remain a non-' '.

How 'bout logic like:

if (acl) then '+'
else if (selinux) then '.'

That would hopefully keep the selinux noise (not meant pejoratively) at 
a low enough level to still make it possible to pick an acl out of a 
listing. (I agree with Jim that the spirit of the POSIX spec requires 
some kind of indicator, so if someone can't figure out why their 
permissions aren't working they have some clue that another security 
layer may be a factor.)

Mike Stone




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to russell@coker.com.au:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #20 received at 472590@bugs.debian.org (full text, mbox):

From: Russell Coker <russell@coker.com.au>
To: Jim Meyering <jim@meyering.net>
Cc: 472590@bugs.debian.org, "SE-Linux" <selinux@tycho.nsa.gov>
Subject: Re: ls in Debian/Unstable
Date: Wed, 26 Mar 2008 08:22:22 +1100
On Wednesday 26 March 2008 02:08, Jim Meyering <jim@meyering.net> wrote:
> Older versions of the POSIX spec for ls clearly require a "+" on
> any file with a SE Linux security context.
> But the latest allows it to be any non-space printable character.
> So eventually we'll make it more useful than a one-size-fits-all "+",
> but it must remain a non-' '.

Having it remain non-space long-term is OK.  But I think that we need to have 
Lenny released with a version of ls that doesn't display "+" on every file.  
That means that either the code to display some character other than "+" in 
the case of files with a SE Linux context needs to be written reasonably soon 
(and a final decision has to be made on which character it will be) or we 
need to release lenny with the same functionality as etch in this regard.

-- 
russell@coker.com.au
http://etbe.coker.com.au/          My Blog

http://www.coker.com.au/sponsorship.html Sponsoring Free Software development




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to russell@coker.com.au:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #25 received at 472590@bugs.debian.org (full text, mbox):

From: Russell Coker <russell@coker.com.au>
To: Michael Stone <mstone@debian.org>
Cc: Jim Meyering <jim@meyering.net>, 472590@bugs.debian.org, SE-Linux <selinux@tycho.nsa.gov>
Subject: Re: Bug#472590: ls in Debian/Unstable
Date: Wed, 26 Mar 2008 08:24:15 +1100
On Wednesday 26 March 2008 04:31, Michael Stone <mstone@debian.org> wrote:
> if (acl) then '+'
> else if (selinux) then '.'

Should there be some special marking of files with both a SE Linux context and 
an ACL?

Pity that they didn't choose an "a" to mark an ACL which would then permit 
using "A" for ACL + MAC.

-- 
russell@coker.com.au
http://etbe.coker.com.au/          My Blog

http://www.coker.com.au/sponsorship.html Sponsoring Free Software development




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Jim Meyering <jim@meyering.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #30 received at 472590@bugs.debian.org (full text, mbox):

From: Jim Meyering <jim@meyering.net>
To: russell@coker.com.au
Cc: Michael Stone <mstone@debian.org>, 472590@bugs.debian.org, SE-Linux <selinux@tycho.nsa.gov>
Subject: Re: Bug#472590: ls in Debian/Unstable
Date: Tue, 25 Mar 2008 22:28:28 +0100
Russell Coker <russell@coker.com.au> wrote:

> On Wednesday 26 March 2008 04:31, Michael Stone <mstone@debian.org> wrote:
>> if (acl) then '+'
>> else if (selinux) then '.'
>
> Should there be some special marking of files with both a SE Linux context and
> an ACL?
>
> Pity that they didn't choose an "a" to mark an ACL which would then permit
> using "A" for ACL + MAC.

What if it has an ACL, a MAC, *and* some chattr-style attribute?
Á  ;-)




Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Michael Stone <mstone@debian.org>:
Extra info received and forwarded to list. Full text and rfc822 format available.

Message #35 received at 472590@bugs.debian.org (full text, mbox):

From: Michael Stone <mstone@debian.org>
To: Russell Coker <russell@coker.com.au>
Cc: Jim Meyering <jim@meyering.net>, 472590@bugs.debian.org
Subject: Re: Bug#472590: ls in Debian/Unstable
Date: Tue, 25 Mar 2008 19:43:12 -0400
On Wed, Mar 26, 2008 at 08:24:15AM +1100, Russell Coker wrote:
>Should there be some special marking of files with both a SE Linux context and 
>an ACL?

(not cc'ing the closed selinux list again)

How much can you fit into one char before it gets confusing? As I 
understand it, there can't be a case on an selinux system where you have 
an acl and not an selinux context--so why bother highlighting the case 
where you have both? If people really want something for that, fine, but 
I suspect that the ls listings will be come unreadable in short order if 
that trend continues.

Mike Stone




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to russell@coker.com.au:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #40 received at 472590@bugs.debian.org (full text, mbox):

From: Russell Coker <russell@coker.com.au>
To: Michael Stone <mstone@debian.org>
Cc: Jim Meyering <jim@meyering.net>, 472590@bugs.debian.org, "SE-Linux" <selinux@tycho.nsa.gov>
Subject: Re: Bug#472590: ls in Debian/Unstable
Date: Wed, 26 Mar 2008 16:12:15 +1100
On Wednesday 26 March 2008 10:43, Michael Stone <mstone@debian.org> wrote:
> On Wed, Mar 26, 2008 at 08:24:15AM +1100, Russell Coker wrote:
> >Should there be some special marking of files with both a SE Linux context
> > and an ACL?
>
> (not cc'ing the closed selinux list again)

What is the problem with the list?  Are your messages bouncing?

You should expect that your messages will be delayed until business hours in 
the east coast of the US (unless someone is working on the weekend), but 
that's not really a problem.

> How much can you fit into one char before it gets confusing?

Character 10 in "ls -l" output can have values from "xtT", character 7 can 
have values from "xsS", and character 1 can have many values.

> As I 
> understand it, there can't be a case on an selinux system where you have
> an acl and not an selinux context--so why bother highlighting the case
> where you have both?

On a SE Linux system you can't have a file without a SE Linux context.  
Therefore the issue is whether you have an ACL or not.  Which is why I 
believe that having "+" or " " is a reasonable choice.

If that idea is not well regarded by the people who matter then I am not 
really bothered as long as something better than the current situation is 
chosen and implemented before Lenny freezes.

> If people really want something for that, fine, but 
> I suspect that the ls listings will be come unreadable in short order if
> that trend continues.

Actually I'm more worried about the ease of machine parsing of ls output.  I'm 
sure that someone will suggest a better option than having a shell script 
grep ls output, but there are a lot of people who are used to grepping ls 
output and it would be nice not to break things for them.

-- 
russell@coker.com.au
http://etbe.coker.com.au/          My Blog

http://www.coker.com.au/sponsorship.html Sponsoring Free Software development




Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Michael Stone <mstone@debian.org>:
Extra info received and forwarded to list. Full text and rfc822 format available.

Message #45 received at 472590@bugs.debian.org (full text, mbox):

From: Michael Stone <mstone@debian.org>
To: Russell Coker <russell@coker.com.au>
Cc: Jim Meyering <jim@meyering.net>, 472590@bugs.debian.org
Subject: Re: Bug#472590: ls in Debian/Unstable
Date: Wed, 26 Mar 2008 06:30:32 -0400
On Wed, Mar 26, 2008 at 04:12:15PM +1100, Russell Coker wrote:
>> How much can you fit into one char before it gets confusing?
>
>Character 10 in "ls -l" output can have values from "xtT", character 7 can 
>have values from "xsS", and character 1 can have many values.

Yes, and we've learned that it's pretty confusing. It will be even more 
confusing for a non-standard set of character codes than it is for a set 
that have been used for decades. We've already identified a need for 
3 bits of information encoded into that byte, and I suspect that it's 
not impossible that there'd be more. The more I think about it, the more 
uploading a version with a space in the next couple of days, because 
working out a long-term fix is probably going to take a while.

>Actually I'm more worried about the ease of machine parsing of ls output.  I'm 
>sure that someone will suggest a better option than having a shell script 
>grep ls output, but there are a lot of people who are used to grepping ls 
>output and it would be nice not to break things for them.

Right, that's why I thought that using + unconditionally for acls was a 
good idea. (I think it's less likely that existing processes would be 
special casing selinux based on ls output; it would be easier for a 
script to simply check up front whether selinux was in use.)

Mike Stone




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to russell@coker.com.au:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #50 received at 472590@bugs.debian.org (full text, mbox):

From: Russell Coker <russell@coker.com.au>
To: Michael Stone <mstone@debian.org>
Cc: Jim Meyering <jim@meyering.net>, 472590@bugs.debian.org
Subject: Re: Bug#472590: ls in Debian/Unstable
Date: Wed, 26 Mar 2008 21:40:03 +1100
On Wednesday 26 March 2008 21:30, Michael Stone <mstone@debian.org> wrote:
> >Character 10 in "ls -l" output can have values from "xtT", character 7 can
> >have values from "xsS", and character 1 can have many values.
>
> Yes, and we've learned that it's pretty confusing. It will be even more

Obviously opinion varies, I didn't find it any more confusing than the rest of 
the "ls -l" output when I was learning how ls works.

> confusing for a non-standard set of character codes than it is for a set
> that have been used for decades. We've already identified a need for
> 3 bits of information encoded into that byte, and I suspect that it's

I'm not sure that Jim was really serious about the user-xattr.

> not impossible that there'd be more. The more I think about it, the more
> uploading a version with a space in the next couple of days, because
> working out a long-term fix is probably going to take a while.

That would be good.  Have Lenny be the same as Etch in this regard.  What we 
REALLY don't want to do is to have Lenny do something one way and then decide 
in Lenny+1 that it was wrong and back it out.

> Right, that's why I thought that using + unconditionally for acls was a
> good idea. (I think it's less likely that existing processes would be
> special casing selinux based on ls output; it would be easier for a
> script to simply check up front whether selinux was in use.)

Yes, programs that do things related to SE Linux will run a program such 
as "getenforce" and then change their operation based on it's output.





Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Michael Stone <mstone@debian.org>:
Extra info received and forwarded to list. Full text and rfc822 format available.

Message #55 received at 472590@bugs.debian.org (full text, mbox):

From: Michael Stone <mstone@debian.org>
To: Russell Coker <russell@coker.com.au>
Cc: Jim Meyering <jim@meyering.net>, 472590@bugs.debian.org
Subject: Re: Bug#472590: ls in Debian/Unstable
Date: Wed, 26 Mar 2008 07:49:46 -0400
On Wed, Mar 26, 2008 at 09:40:03PM +1100, Russell Coker wrote:
>On Wednesday 26 March 2008 21:30, Michael Stone <mstone@debian.org> wrote:
>> >Character 10 in "ls -l" output can have values from "xtT", character 7 can
>> >have values from "xsS", and character 1 can have many values.
>>
>> Yes, and we've learned that it's pretty confusing. It will be even more
>
>Obviously opinion varies, I didn't find it any more confusing than the rest of 
>the "ls -l" output when I was learning how ls works.

Well, you're obviously gifted, even though you forgot character 4. :-) 
In my experience a lot of users would be surprised to find an S in their 
ls output. And at least there's some consistency & correlation between 
x, t, T, s, and S, whereas the new attributes are completely 
independent. Character 1 can have many values, but they are exclusive; 
the extended access char would be easy if the various methods couldn't 
be combined.

>> confusing for a non-standard set of character codes than it is for a set
>> that have been used for decades. We've already identified a need for
>> 3 bits of information encoded into that byte, and I suspect that it's
>
>I'm not sure that Jim was really serious about the user-xattr.

IIRC, he mentioned chattr attributes (e.g., immutable, append-only), 
which arguably should also be reflected somehow.

Mike Stone




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Jim Meyering <jim@meyering.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #60 received at 472590@bugs.debian.org (full text, mbox):

From: Jim Meyering <jim@meyering.net>
To: russell@coker.com.au
Cc: bug-coreutils@gnu.org
Subject: Re: Bug#472590: ls in Debian/Unstable
Date: Mon, 31 Mar 2008 11:02:27 +0200
[ I'm Cc'ing bug-coreutils@gnu.org.
  FYI, this is a continuation of discussion from the SELinux list:
  http://marc.info/?t=120645074000003&r=1&w=2
  and the debian bug tracking system: http://bugs.debian.org/472590

  The problem is that on an SELinux-enabled system, 'ls -l's "+",
  the "alternate access method" indicator, is useless, because it
  appears on every file:

      $ ls -glo /var
      total 164
      drwxr-xr-x+  3 4096 2008-03-29 08:43 kerberos
      drwxr-xr-x+ 39 4096 2008-03-29 08:43 lib
      drwxr-xr-x+  2 4096 2008-03-27 17:33 local
      drwxrwxr-x+  8 4096 2008-03-31 04:15 lock
      drwxr-xr-x+ 20 4096 2008-03-31 09:55 log
      lrwxrwxrwx+  1   10 2008-03-28 23:33 mail -> spool/mail
      ...

  Newer POSIX allows any non-space character as the indicator, and
  that's what we're discussing now.
  ]

Russell Coker <russell@coker.com.au> wrote:
> On Wednesday 26 March 2008 04:31, Michael Stone <mstone@debian.org> wrote:
>> if (acl) then '+'
>> else if (selinux) then '.'
>
> Should there be some special marking of files with both a SE Linux context and
> an ACL?
>
> Pity that they didn't choose an "a" to mark an ACL which would then permit
> using "A" for ACL + MAC.

This is probably as good a time as any to make such a change, though
I doubt it will make the cut for the upcoming release.  I'd like to keep
it simple (i.e., not try to encode all possible combinations).  If you
want to get full details, stat(1) is probably the program to change.

I like Michael's suggestion.  Rephrasing it,

    if (SELinux, with no other MAC or ACL)
      use '.'
    else if (any other combination of alternate access methods)
      use '+'

If someone who already has a copyright assignment on file for coreutils
wants to write the patch (including doc update, tests, NEWS, ChangeLog,
etc.), please speak up ASAP.  Otherwise I'll do it.




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to russell@coker.com.au:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #65 received at 472590@bugs.debian.org (full text, mbox):

From: Russell Coker <russell@coker.com.au>
To: Jim Meyering <jim@meyering.net>
Cc: bug-coreutils@gnu.org, Michael Stone <mstone@debian.org>, 472590@bugs.debian.org, SE-Linux <selinux@tycho.nsa.gov>
Subject: Re: Bug#472590: ls in Debian/Unstable
Date: Mon, 31 Mar 2008 20:23:59 +1100
On Monday 31 March 2008 20:02, Jim Meyering <jim@meyering.net> wrote:
> I like Michael's suggestion.  Rephrasing it,
>
>     if (SELinux, with no other MAC or ACL)
>       use '.'
>     else if (any other combination of alternate access methods)
>       use '+'
>
> If someone who already has a copyright assignment on file for coreutils
> wants to write the patch (including doc update, tests, NEWS, ChangeLog,
> etc.), please speak up ASAP.  Otherwise I'll do it.

I still believe that as when running SE Linux all files will have contexts 
(the kernel code generates them if they are on a filesystem that doesn't 
support persistent storage of contexts or if they are unlabelled) then the SE 
Linux access controls should not be listed in "ls -l" output.

That said, the above suggestion makes sense and would work reasonably well.




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Jim Meyering <jim@meyering.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #70 received at 472590@bugs.debian.org (full text, mbox):

From: Jim Meyering <jim@meyering.net>
To: russell@coker.com.au
Cc: bug-coreutils@gnu.org, Michael Stone <mstone@debian.org>, 472590@bugs.debian.org, SE-Linux <selinux@tycho.nsa.gov>
Subject: Re: Bug#472590: ls in Debian/Unstable
Date: Mon, 31 Mar 2008 11:43:42 +0200
Russell Coker <russell@coker.com.au> wrote:
> On Monday 31 March 2008 20:02, Jim Meyering <jim@meyering.net> wrote:
>> I like Michael's suggestion.  Rephrasing it,
>>
>>     if (SELinux, with no other MAC or ACL)
>>       use '.'
>>     else if (any other combination of alternate access methods)
>>       use '+'
>>
>> If someone who already has a copyright assignment on file for coreutils
>> wants to write the patch (including doc update, tests, NEWS, ChangeLog,
>> etc.), please speak up ASAP.  Otherwise I'll do it.
>
> I still believe that as when running SE Linux all files will have contexts
> (the kernel code generates them if they are on a filesystem that doesn't
> support persistent storage of contexts or if they are unlabelled) then the SE
> Linux access controls should not be listed in "ls -l" output.

I do understand your sentiment.
If you raise the issue with the Austin Group, they'll at least
consider whether to adjust that part of the POSIX ls specification.

> That said, the above suggestion makes sense and would work reasonably well.




Reply sent to Michael Stone <mstone@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Russell Coker <russell@coker.com.au>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #75 received at 472590-close@bugs.debian.org (full text, mbox):

From: Michael Stone <mstone@debian.org>
To: 472590-close@bugs.debian.org
Subject: Bug#472590: fixed in coreutils 6.10-4
Date: Mon, 31 Mar 2008 23:17:03 +0000
Source: coreutils
Source-Version: 6.10-4

We believe that the bug you reported is fixed in the latest version of
coreutils, which is due to be installed in the Debian FTP archive:

coreutils_6.10-4.diff.gz
  to pool/main/c/coreutils/coreutils_6.10-4.diff.gz
coreutils_6.10-4.dsc
  to pool/main/c/coreutils/coreutils_6.10-4.dsc
coreutils_6.10-4_i386.deb
  to pool/main/c/coreutils/coreutils_6.10-4_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 472590@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Stone <mstone@debian.org> (supplier of updated coreutils package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 31 Mar 2008 18:19:52 -0400
Source: coreutils
Binary: coreutils
Architecture: source i386
Version: 6.10-4
Distribution: unstable
Urgency: low
Maintainer: Michael Stone <mstone@debian.org>
Changed-By: Michael Stone <mstone@debian.org>
Description: 
 coreutils  - The GNU core utilities
Closes: 290727 441108 465522 472590
Changes: 
 coreutils (6.10-4) unstable; urgency=low
 .
   * [74] upstream patch to allow dd & other commands to use /dev/stdin
     (Thanks Paul Eggert) (closes: #290727)
   * [75] prevent ls from displaying a + for files with an selinux context.
     (this will change in future, but the exact future output isn't certain
     yet) (Thanks Russell Coker) (closes: #472590)
   * Add a watch file to keep people from complaining about not having a watch
     file. (closes: #441108)
   * printf(1) now references printf(3) (closes: #465522)
Files: 
 b52775ba555ab2152389e6accc2aac3c 858 utils required coreutils_6.10-4.dsc
 b1ddec322eac1b727469bb4511b51b67 5568 utils required coreutils_6.10-4.diff.gz
 9d73310599ca7639e23b0405d22e9103 3749116 utils required coreutils_6.10-4_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR/Fvaw0hVr09l8FJAQIm6gP/VnFlW6trgT+xQJapaMYHX3Cb7D67QWUA
lBTVli0F5tW+0lyzwmNOmuWs95TPOf16jQ0TPGxqhwdO2gmtalRAjE6rsAxBdZv/
70YdGOsy2JTHfPV46MIVtCxMELxpkliv0eY9OekVZxcR+sQlCxN16vz6mFgygcx5
QKyjPCOePxE=
=Qj2n
-----END PGP SIGNATURE-----





Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Jim Meyering <jim@meyering.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #80 received at 472590@bugs.debian.org (full text, mbox):

From: Jim Meyering <jim@meyering.net>
To: bug-coreutils@gnu.org, selinux@tycho.nsa.gov
Cc: 472590@bugs.debian.org
Subject: RFC: changing the "+" in ls -l output to be "." or "+"
Date: Wed, 02 Apr 2008 22:33:49 +0200
I wrote this:
> [ I'm Cc'ing bug-coreutils@gnu.org.
>   FYI, this is a continuation of discussion from the SELinux list:
>   http://marc.info/?t=120645074000003&r=1&w=2
>   and the debian bug tracking system: http://bugs.debian.org/472590
>
>   The problem is that on an SELinux-enabled system, 'ls -l's "+",
>   the "alternate access method" indicator, is useless, because it
>   appears on every file:
>
>       $ ls -glo /var
>       total 164
>       drwxr-xr-x+  3 4096 2008-03-29 08:43 kerberos
>       drwxr-xr-x+ 39 4096 2008-03-29 08:43 lib
>       drwxr-xr-x+  2 4096 2008-03-27 17:33 local
>       drwxrwxr-x+  8 4096 2008-03-31 04:15 lock
>       drwxr-xr-x+ 20 4096 2008-03-31 09:55 log
>       lrwxrwxrwx+  1   10 2008-03-28 23:33 mail -> spool/mail
>       ...
>
>   Newer POSIX allows any non-space character as the indicator, and
>   that's what we're discussing now.
>   ]
>
> Russell Coker <russell@coker.com.au> wrote:
>> On Wednesday 26 March 2008 04:31, Michael Stone <mstone@debian.org> wrote:
>>> if (acl) then '+'
>>> else if (selinux) then '.'
>>
>> Should there be some special marking of files with both a SE Linux context and
>> an ACL?
>>
>> Pity that they didn't choose an "a" to mark an ACL which would then permit
>> using "A" for ACL + MAC.
>
> This is probably as good a time as any to make such a change, though
> I doubt it will make the cut for the upcoming release.  I'd like to keep
> it simple (i.e., not try to encode all possible combinations).  If you
> want to get full details, stat(1) is probably the program to change.
>
> I like Michael's suggestion.  Rephrasing it,
>
>     if (SELinux, with no other MAC or ACL)
>       use '.'
>     else if (any other combination of alternate access methods)
>       use '+'
>
> If someone who already has a copyright assignment on file for coreutils
> wants to write the patch (including doc update, tests, NEWS, ChangeLog,
> etc.), please speak up ASAP.  Otherwise I'll do it.

No one spoke up, so here's code, for discussion's sake.
I've tested it only lightly.
This change is not slated for the upcoming release.

Here's sample output, running on an SELinux system:

  $ src/ls -ldgo [ac]*
  -rw-r--r--.  1   42625 2008-04-02 19:31 aclocal.m4
  drwxr-xr-x.  2    4096 2008-04-02 19:31 autom4te.cache
  -rw-r--r--.  1    1597 2008-03-21 16:35 cfg.mk
  -rw-r--r--.  1 1417195 2008-04-02 19:33 config.log
  -rwxr-xr-x.  1   71225 2008-04-02 19:33 config.status
  -rwxr-xr-x.  1 1846424 2008-04-02 19:31 configure
  -rw-r--r--.  1   12014 2008-03-25 23:55 configure.ac

------------------------------------

	Use '.' (not +) as SELinux-only alternate access flag in ls -l output
	* src/ls.c (gobble_file) [long_format]: Map SELinux-only to '.',
	any other nonempty combination of MAC and ACL to '+', and all else
	to the usual ' '.
	* tests/misc/selinux: Adapt: expect '.', not '+'.
	* NEWS: TBD

---
 src/ls.c           |   25 +++++++++++++++++++------
 tests/misc/selinux |    4 ++--
 2 files changed, 21 insertions(+), 8 deletions(-)

diff --git a/src/ls.c b/src/ls.c
index e029fe0..ae234da 100644
--- a/src/ls.c
+++ b/src/ls.c
@@ -151,6 +151,12 @@ verify (sizeof filetype_letter - 1 == arg_directory + 1);
     C_LINK, C_SOCK, C_FILE, C_DIR			\
   }

+enum acl_type
+  {
+    ACL_T_NONE,
+    ACL_T_SELINUX_ONLY,
+    ACL_T_YES
+  };

 struct fileinfo
   {
@@ -179,7 +185,7 @@ struct fileinfo

     /* For long listings, true if the file has an access control list,
        or an SELinux security context.  */
-    bool have_acl;
+    enum acl_type acl_type;
   };

 #define LEN_STR_PAIR(s) sizeof (s) - 1, s
@@ -2671,6 +2677,7 @@ gobble_file (char const *name, enum filetype type, ino_t inode,

       if (format == long_format || print_scontext)
 	{
+	  bool have_selinux = false;
 	  bool have_acl = false;
 	  int attr_len = (do_deref
 			  ?  getfilecon (absolute_name, &f->scontext)
@@ -2689,7 +2696,7 @@ gobble_file (char const *name, enum filetype type, ino_t inode,
 	    }

 	  if (err == 0)
-	    have_acl = ! STREQ ("unlabeled", f->scontext);
+	    have_selinux = ! STREQ ("unlabeled", f->scontext);
 	  else
 	    {
 	      f->scontext = UNKNOWN_SECURITY_CONTEXT;
@@ -2702,15 +2709,19 @@ gobble_file (char const *name, enum filetype type, ino_t inode,
 		err = 0;
 	    }

-	  if (err == 0 && ! have_acl && format == long_format)
+	  if (err == 0 && format == long_format)
 	    {
 	      int n = file_has_acl (absolute_name, &f->stat);
 	      err = (n < 0);
 	      have_acl = (0 < n);
 	    }

-	  f->have_acl = have_acl;
-	  any_has_acl |= have_acl;
+	  f->acl_type = (!have_selinux && !have_acl
+			 ? ACL_T_NONE
+			 : (have_selinux && !have_acl
+			    ? ACL_T_SELINUX_ONLY
+			    : ACL_T_YES));
+	  any_has_acl |= f->acl_type != ACL_T_NONE;

 	  if (err)
 	    error (0, errno, "%s", quotearg_colon (absolute_name));
@@ -3430,7 +3441,9 @@ print_long_format (const struct fileinfo *f)
     }
   if (! any_has_acl)
     modebuf[10] = '\0';
-  else if (f->have_acl)
+  else if (f->acl_type == ACL_T_SELINUX_ONLY)
+    modebuf[10] = '.';
+  else if (f->acl_type == ACL_T_YES)
     modebuf[10] = '+';

   switch (time_type)
diff --git a/tests/misc/selinux b/tests/misc/selinux
index 87d1a8d..ea95112 100755
--- a/tests/misc/selinux
+++ b/tests/misc/selinux
@@ -34,8 +34,8 @@ for i in d f p; do
   c=`stat --printf %C $i`; test x$c = x$ctx || fail=1
 done

-# ensure that ls -l output includes the "+".
-c=`ls -l f|cut -c11`; test "$c" = + || fail=1
+# ensure that ls -l output includes the ".".
+c=`ls -l f|cut -c11`; test "$c" = . || fail=1

 # Copy each to a new directory and ensure that context is preserved.
 cp -r --preserve=all d f p s1 || fail=1
--
1.5.5.rc2.26.g7bba




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. (Thu, 23 Oct 2008 12:24:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Jim Meyering <jim@meyering.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. (Thu, 23 Oct 2008 12:24:02 GMT) Full text and rfc822 format available.

Message #85 received at 472590@bugs.debian.org (full text, mbox):

From: Jim Meyering <jim@meyering.net>
To: bug-coreutils@gnu.org
Cc: selinux@tycho.nsa.gov, 472590@bugs.debian.org
Subject: Re: RFC: changing the "+" in ls -l output to be "." or "+"
Date: Thu, 23 Oct 2008 14:20:17 +0200
Jim Meyering <jim@meyering.net> wrote:
> I wrote this:
>> [ I'm Cc'ing bug-coreutils@gnu.org.
>>   FYI, this is a continuation of discussion from the SELinux list:
>>   http://marc.info/?t=120645074000003&r=1&w=2
>>   and the debian bug tracking system: http://bugs.debian.org/472590
>>
>>   The problem is that on an SELinux-enabled system, 'ls -l's "+",
>>   the "alternate access method" indicator, is useless, because it
>>   appears on every file:
>>
>>       $ ls -glo /var
>>       total 164
>>       drwxr-xr-x+  3 4096 2008-03-29 08:43 kerberos
>>       drwxr-xr-x+ 39 4096 2008-03-29 08:43 lib
>>       drwxr-xr-x+  2 4096 2008-03-27 17:33 local
>>       drwxrwxr-x+  8 4096 2008-03-31 04:15 lock
>>       drwxr-xr-x+ 20 4096 2008-03-31 09:55 log
>>       lrwxrwxrwx+  1   10 2008-03-28 23:33 mail -> spool/mail
>>       ...
>>
>>   Newer POSIX allows any non-space character as the indicator, and
>>   that's what we're discussing now.
>>   ]
>>
>> Russell Coker <russell@coker.com.au> wrote:
>>> On Wednesday 26 March 2008 04:31, Michael Stone <mstone@debian.org> wrote:
>>>> if (acl) then '+'
>>>> else if (selinux) then '.'
>>>
>>> Should there be some special marking of files with both a SE Linux context and
>>> an ACL?
>>>
>>> Pity that they didn't choose an "a" to mark an ACL which would then permit
>>> using "A" for ACL + MAC.
>>
>> This is probably as good a time as any to make such a change, though
>> I doubt it will make the cut for the upcoming release.  I'd like to keep
>> it simple (i.e., not try to encode all possible combinations).  If you
>> want to get full details, stat(1) is probably the program to change.
>>
>> I like Michael's suggestion.  Rephrasing it,
>>
>>     if (SELinux, with no other MAC or ACL)
>>       use '.'
>>     else if (any other combination of alternate access methods)
>>       use '+'
>>
>> If someone who already has a copyright assignment on file for coreutils
>> wants to write the patch (including doc update, tests, NEWS, ChangeLog,
>> etc.), please speak up ASAP.  Otherwise I'll do it.
>
> No one spoke up, so here's code, for discussion's sake.
> I've tested it only lightly.
> This change is not slated for the upcoming release.
>
> Here's sample output, running on an SELinux system:
>
>   $ src/ls -ldgo [ac]*
>   -rw-r--r--.  1   42625 2008-04-02 19:31 aclocal.m4
>   drwxr-xr-x.  2    4096 2008-04-02 19:31 autom4te.cache
>   -rw-r--r--.  1    1597 2008-03-21 16:35 cfg.mk
>   -rw-r--r--.  1 1417195 2008-04-02 19:33 config.log
>   -rwxr-xr-x.  1   71225 2008-04-02 19:33 config.status
>   -rwxr-xr-x.  1 1846424 2008-04-02 19:31 configure
>   -rw-r--r--.  1   12014 2008-03-25 23:55 configure.ac

Thanks to a nudge from Ondřej, I've just completed and pushed this:

From b3677e5e383103bf1764b2c8a9329b1c17934b24 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Wed, 2 Apr 2008 22:26:45 +0200
Subject: [PATCH] ls: use '.' (not +) as SELinux-only alt. access flag in ls -l output

* src/ls.c (gobble_file) [long_format]: Map SELinux-only to '.',
any other nonempty combination of MAC and ACL to '+', and all else
to the usual ' '.  Suggested by Michael Stone.
* tests/misc/selinux: Adapt: expect '.', not '+'.
* doc/coreutils.texi (What information is listed): Document this.
* NEWS (Changes in behavior): Mention it.
---
 NEWS               |    6 ++++++
 doc/coreutils.texi |    8 +++++---
 src/ls.c           |   25 +++++++++++++++++++------
 tests/misc/selinux |    4 ++--
 4 files changed, 32 insertions(+), 11 deletions(-)

diff --git a/NEWS b/NEWS
index ab7d5bd..357efc2 100644
--- a/NEWS
+++ b/NEWS
@@ -6,6 +6,12 @@ GNU coreutils NEWS                                    -*- outline -*-

   stat -f recognizes the Lustre file system type

+** Changes in behavior
+
+  ls -l now marks SELinux-only files with the less obtrusive '.',
+  rather than '+'.  A file with any other combination of MAC and ACL
+  is still marked with a '+'.
+

 * Noteworthy changes in release 7.0 (2008-10-05) [beta]

diff --git a/doc/coreutils.texi b/doc/coreutils.texi
index 6459870..cbef013 100644
--- a/doc/coreutils.texi
+++ b/doc/coreutils.texi
@@ -6474,9 +6474,11 @@ What information is listed
 space, there is no alternate access method.  When it is a printing
 character, then there is such a method.

-For a file with an extended access control list, a @samp{+} character is
-listed.  Basic access control lists are equivalent to the permissions
-listed, and are not considered an alternate access method.
+GNU @command{ls} uses a @samp{.} character to indicate a file
+with an SELinux security context, but no other alternate access method.
+
+A file with any other combination of alternate access methods
+is marked with a @samp{+} character.

 @item -n
 @itemx --numeric-uid-gid
diff --git a/src/ls.c b/src/ls.c
index e38a5fe..590af7f 100644
--- a/src/ls.c
+++ b/src/ls.c
@@ -154,6 +154,12 @@ verify (sizeof filetype_letter - 1 == arg_directory + 1);
     C_LINK, C_SOCK, C_FILE, C_DIR			\
   }

+enum acl_type
+  {
+    ACL_T_NONE,
+    ACL_T_SELINUX_ONLY,
+    ACL_T_YES
+  };

 struct fileinfo
   {
@@ -182,7 +188,7 @@ struct fileinfo

     /* For long listings, true if the file has an access control list,
        or an SELinux security context.  */
-    bool have_acl;
+    enum acl_type acl_type;
   };

 #define LEN_STR_PAIR(s) sizeof (s) - 1, s
@@ -2689,6 +2695,7 @@ gobble_file (char const *name, enum filetype type, ino_t inode,

       if (format == long_format || print_scontext)
 	{
+	  bool have_selinux = false;
 	  bool have_acl = false;
 	  int attr_len = (do_deref
 			  ?  getfilecon (absolute_name, &f->scontext)
@@ -2707,7 +2714,7 @@ gobble_file (char const *name, enum filetype type, ino_t inode,
 	    }

 	  if (err == 0)
-	    have_acl = ! STREQ ("unlabeled", f->scontext);
+	    have_selinux = ! STREQ ("unlabeled", f->scontext);
 	  else
 	    {
 	      f->scontext = UNKNOWN_SECURITY_CONTEXT;
@@ -2720,15 +2727,19 @@ gobble_file (char const *name, enum filetype type, ino_t inode,
 		err = 0;
 	    }

-	  if (err == 0 && ! have_acl && format == long_format)
+	  if (err == 0 && format == long_format)
 	    {
 	      int n = file_has_acl (absolute_name, &f->stat);
 	      err = (n < 0);
 	      have_acl = (0 < n);
 	    }

-	  f->have_acl = have_acl;
-	  any_has_acl |= have_acl;
+	  f->acl_type = (!have_selinux && !have_acl
+			 ? ACL_T_NONE
+			 : (have_selinux && !have_acl
+			    ? ACL_T_SELINUX_ONLY
+			    : ACL_T_YES));
+	  any_has_acl |= f->acl_type != ACL_T_NONE;

 	  if (err)
 	    error (0, errno, "%s", quotearg_colon (absolute_name));
@@ -3449,7 +3460,9 @@ print_long_format (const struct fileinfo *f)
     }
   if (! any_has_acl)
     modebuf[10] = '\0';
-  else if (f->have_acl)
+  else if (f->acl_type == ACL_T_SELINUX_ONLY)
+    modebuf[10] = '.';
+  else if (f->acl_type == ACL_T_YES)
     modebuf[10] = '+';

   switch (time_type)
diff --git a/tests/misc/selinux b/tests/misc/selinux
index a231fa7..8211c80 100755
--- a/tests/misc/selinux
+++ b/tests/misc/selinux
@@ -34,8 +34,8 @@ for i in d f p; do
   c=`stat --printf %C $i`; test x$c = x$ctx || fail=1
 done

-# ensure that ls -l output includes the "+".
-c=`ls -l f|cut -c11`; test "$c" = + || fail=1
+# ensure that ls -l output includes the ".".
+c=`ls -l f|cut -c11`; test "$c" = . || fail=1

 # Copy each to a new directory and ensure that context is preserved.
 cp -r --preserve=all d f p s1 || fail=1
--
1.6.0.3




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. (Fri, 24 Oct 2008 03:21:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Vikram Noel Ambrose <noel.ambrose@gmail.com>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. (Fri, 24 Oct 2008 03:21:03 GMT) Full text and rfc822 format available.

Message #90 received at 472590@bugs.debian.org (full text, mbox):

From: Vikram Noel Ambrose <noel.ambrose@gmail.com>
To: Jim Meyering <jim@meyering.net>
Cc: bug-coreutils@gnu.org, selinux@tycho.nsa.gov, 472590@bugs.debian.org, Ondřej Vašík <ovasik@redhat.com>
Subject: Re: RFC: changing the "+" in ls -l output to be "." or "+"
Date: Thu, 23 Oct 2008 23:18:58 -0400
Jim Meyering <jim@meyering.net> wrote:
>>> [ I'm Cc'ing bug-coreutils@gnu.org.
>>>   FYI, this is a continuation of discussion from the SELinux list:
>>>   http://marc.info/?t=120645074000003&r=1&w=2
>>>   and the debian bug tracking system: http://bugs.debian.org/472590
>>>
>>>   The problem is that on an SELinux-enabled system, 'ls -l's "+",
>>>   the "alternate access method" indicator, is useless, because it
>>>   appears on every file:
>>>
>>>       $ ls -glo /var
>>>       total 164
>>>       drwxr-xr-x+  3 4096 2008-03-29 08:43 kerberos
>>>       drwxr-xr-x+ 39 4096 2008-03-29 08:43 lib
>>>       drwxr-xr-x+  2 4096 2008-03-27 17:33 local
>>>       drwxrwxr-x+  8 4096 2008-03-31 04:15 lock
>>>       drwxr-xr-x+ 20 4096 2008-03-31 09:55 log
>>>       lrwxrwxrwx+  1   10 2008-03-28 23:33 mail -> spool/mail
>>>       ...
>>>
>>>   Newer POSIX allows any non-space character as the indicator, and
>>>   that's what we're discussing now.
>>>   ]
>>>
>>> Russell Coker <russell@coker.com.au> wrote:
>>>       
>>>> On Wednesday 26 March 2008 04:31, Michael Stone <mstone@debian.org> wrote:
>>>>         
>>>>> if (acl) then '+'
>>>>> else if (selinux) then '.'
>>>>>           
>>>> Should there be some special marking of files with both a SE Linux context and
>>>> an ACL?
>>>>
>>>> Pity that they didn't choose an "a" to mark an ACL which would then permit
>>>> using "A" for ACL + MAC.
>>>>         
>>> This is probably as good a time as any to make such a change, though
>>> I doubt it will make the cut for the upcoming release.  I'd like to keep
>>> it simple (i.e., not try to encode all possible combinations).  If you
>>> want to get full details, stat(1) is probably the program to change.
>>>
>>> I like Michael's suggestion.  Rephrasing it,
>>>
>>>     if (SELinux, with no other MAC or ACL)
>>>       use '.'
>>>     else if (any other combination of alternate access methods)
>>>       use '+'
>>>
>>> If someone who already has a copyright assignment on file for coreutils
>>> wants to write the patch (including doc update, tests, NEWS, ChangeLog,
>>> etc.), please speak up ASAP.  Otherwise I'll do it.
>>>       
>> No one spoke up, so here's code, for discussion's sake.
>> I've tested it only lightly.
>> This change is not slated for the upcoming release.
>>
>> Here's sample output, running on an SELinux system:
>>
>>   $ src/ls -ldgo [ac]*
>>   -rw-r--r--.  1   42625 2008-04-02 19:31 aclocal.m4
>>   drwxr-xr-x.  2    4096 2008-04-02 19:31 autom4te.cache
>>   -rw-r--r--.  1    1597 2008-03-21 16:35 cfg.mk
>>   -rw-r--r--.  1 1417195 2008-04-02 19:33 config.log
>>   -rwxr-xr-x.  1   71225 2008-04-02 19:33 config.status
>>   -rwxr-xr-x.  1 1846424 2008-04-02 19:31 configure
>>   -rw-r--r--.  1   12014 2008-03-25 23:55 configure.ac
>>     

This is so confusing. What is so horribly wrong with a capital S for 
SELinux or A for ACL?

Vikram




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. (Fri, 24 Oct 2008 07:06:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Jim Meyering <jim@meyering.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. (Fri, 24 Oct 2008 07:06:05 GMT) Full text and rfc822 format available.

Message #95 received at 472590@bugs.debian.org (full text, mbox):

From: Jim Meyering <jim@meyering.net>
To: Vikram Noel Ambrose <noel.ambrose@gmail.com>
Cc: bug-coreutils@gnu.org, selinux@tycho.nsa.gov, 472590@bugs.debian.org, Ondřej Vašík <ovasik@redhat.com>
Subject: Re: RFC: changing the "+" in ls -l output to be "." or "+"
Date: Fri, 24 Oct 2008 09:04:12 +0200
Vikram Noel Ambrose <noel.ambrose@gmail.com> wrote:
> Jim Meyering <jim@meyering.net> wrote:
...
>>>>     if (SELinux, with no other MAC or ACL)
>>>>       use '.'
>>>>     else if (any other combination of alternate access methods)
>>>>       use '+'
...
>>> Here's sample output, running on an SELinux system:
>>>
>>>   $ src/ls -ldgo [ac]*
>>>   -rw-r--r--.  1   42625 2008-04-02 19:31 aclocal.m4
>>>   drwxr-xr-x.  2    4096 2008-04-02 19:31 autom4te.cache
>>>   -rw-r--r--.  1    1597 2008-03-21 16:35 cfg.mk
>>>   -rw-r--r--.  1 1417195 2008-04-02 19:33 config.log
>>>   -rwxr-xr-x.  1   71225 2008-04-02 19:33 config.status
>>>   -rwxr-xr-x.  1 1846424 2008-04-02 19:31 configure
>>>   -rw-r--r--.  1   12014 2008-03-25 23:55 configure.ac
>>>
>
> This is so confusing. What is so horribly wrong with a capital S for
> SELinux or A for ACL?

A desire for compatibility makes "+" look good.
"." is appealing for SELinux-only because it's inconspicuous.




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. (Fri, 24 Oct 2008 13:21:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to Mike Edenfield <kutulu@kutulu.org>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. (Fri, 24 Oct 2008 13:21:07 GMT) Full text and rfc822 format available.

Message #100 received at 472590@bugs.debian.org (full text, mbox):

From: Mike Edenfield <kutulu@kutulu.org>
To: Jim Meyering <jim@meyering.net>
Cc: Vikram Noel Ambrose <noel.ambrose@gmail.com>, bug-coreutils@gnu.org, selinux@tycho.nsa.gov, 472590@bugs.debian.org, Ondřej Vašík <ovasik@redhat.com>
Subject: Re: RFC: changing the "+" in ls -l output to be "." or "+"
Date: Fri, 24 Oct 2008 09:19:07 -0400
Jim Meyering wrote:

> A desire for compatibility makes "+" look good.
> "." is appealing for SELinux-only because it's inconspicuous.

Speaking as a fairly new SELinux user/admin, having a "." 
next to every file in my ls output is just as useful or 
non-useful as having a "+" next to them, so does it really 
buy anything?  I end up needing -Z either way.

Based on the kind of real-world problems I've had, the most 
useful thing ls could tell me about a file on my SELinux 
system would be that it *should* have a label and *doesn't*, 
something like:

if ( selinux_enabled )
  if ( label == NULL || label == fs.defaultlabel )
    use "!"
  else
    use " "
else if ( anything else )
  use "+"








Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. (Fri, 24 Oct 2008 13:42:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to Eric Blake <ebb9@byu.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. (Fri, 24 Oct 2008 13:42:07 GMT) Full text and rfc822 format available.

Message #105 received at 472590@bugs.debian.org (full text, mbox):

From: Eric Blake <ebb9@byu.net>
To: Mike Edenfield <kutulu@kutulu.org>
Cc: Jim Meyering <jim@meyering.net>, Ondřej Vašík <ovasik@redhat.com>, 472590@bugs.debian.org, bug-coreutils@gnu.org, Vikram Noel Ambrose <noel.ambrose@gmail.com>, selinux@tycho.nsa.gov
Subject: Re: RFC: changing the "+" in ls -l output to be "." or "+"
Date: Fri, 24 Oct 2008 07:35:50 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

According to Mike Edenfield on 10/24/2008 7:19 AM:
> Based on the kind of real-world problems I've had, the most useful thing
> ls could tell me about a file on my SELinux system would be that it
> *should* have a label and *doesn't*, something like:
> 
> if ( selinux_enabled )
>   if ( label == NULL || label == fs.defaultlabel )
>     use "!"
>   else
>     use " "

Unfortunately, that would violate POSIX, which requires ' ' in the case
when no alternate access controls are in force.  And SELinux contexts
count as an alternate access control.

"The <optional alternate access method flag> shall be a single <space> if
there is no alternate or additional access control method associated with
the file; otherwise, a printable character shall be used."
http://www.opengroup.org/onlinepubs/009695399/utilities/ls.html

- --
Don't work too hard, make some time for fun as well!

Eric Blake             ebb9@byu.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Public key at home.comcast.net/~ericblake/eblake.gpg
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkkBzw8ACgkQ84KuGfSFAYCXAACeN4uUaHlCuBXUMFeJLsBDyShJ
AGIAniTtjas6Urnz/P92Vhr/JFx19oZC
=ibH3
-----END PGP SIGNATURE-----




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. (Sun, 26 Oct 2008 07:51:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to russell@coker.com.au:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. (Sun, 26 Oct 2008 07:51:03 GMT) Full text and rfc822 format available.

Message #110 received at 472590@bugs.debian.org (full text, mbox):

From: Russell Coker <russell@coker.com.au>
To: Mike Edenfield <kutulu@kutulu.org>
Cc: Jim Meyering <jim@meyering.net>, Vikram Noel Ambrose <noel.ambrose@gmail.com>, bug-coreutils@gnu.org, selinux@tycho.nsa.gov, 472590@bugs.debian.org, Ondřej Vašík <ovasik@redhat.com>
Subject: Re: RFC: changing the "+" in ls -l output to be "." or "+"
Date: Sun, 26 Oct 2008 18:46:54 +1100
On Saturday 25 October 2008 00:19, Mike Edenfield <kutulu@kutulu.org> wrote:
> Jim Meyering wrote:
> > A desire for compatibility makes "+" look good.
> > "." is appealing for SELinux-only because it's inconspicuous.
>
> Speaking as a fairly new SELinux user/admin, having a "."
> next to every file in my ls output is just as useful or
> non-useful as having a "+" next to them, so does it really
> buy anything?  I end up needing -Z either way.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472590

The above URL has the history of this discussion.  I requested that there be 
no such notification.  I still believe that there should be nothing used in 
the case of SE Linux (although I could be convinced that the "." is OK if 
files with the context "system_u:object_r:file_t:s0" did not have it).

But it seems that I have lost this debate.  Using "." is better than "+", and 
my request to have none of this in Lenny has been accepted so we have some 
time to work on this before Lenny+1.

> Based on the kind of real-world problems I've had, the most
> useful thing ls could tell me about a file on my SELinux
> system would be that it *should* have a label and *doesn't*,
> something like:
>
> if ( selinux_enabled )
>    if ( label == NULL || label == fs.defaultlabel )
>      use "!"
>    else
>      use " "
> else if ( anything else )
>    use "+"

That sounds quite reasonable.

-- 
Russell Coker <russell@coker.com.au>
http://etbe.coker.com.au/          My Blog
http://etbe.coker.com.au/category/security/  My Security blog posts
http://www.coker.com.au/selinux/play.html  My Play Machine, root PW "SELINUX"




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. (Sun, 26 Oct 2008 08:12:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Jim Meyering <jim@meyering.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. (Sun, 26 Oct 2008 08:12:03 GMT) Full text and rfc822 format available.

Message #115 received at 472590@bugs.debian.org (full text, mbox):

From: Jim Meyering <jim@meyering.net>
To: russell@coker.com.au
Cc: Mike Edenfield <kutulu@kutulu.org>, 472590@bugs.debian.org, bug-coreutils@gnu.org, Vikram Noel Ambrose <noel.ambrose@gmail.com>, selinux@tycho.nsa.gov, Ondřej Vašík <ovasik@redhat.com>
Subject: Re: RFC: changing the "+" in ls -l output to be "." or "+"
Date: Sun, 26 Oct 2008 09:09:10 +0100
Russell Coker <russell@coker.com.au> wrote:

> On Saturday 25 October 2008 00:19, Mike Edenfield <kutulu@kutulu.org> wrote:
>> Jim Meyering wrote:
>> > A desire for compatibility makes "+" look good.
>> > "." is appealing for SELinux-only because it's inconspicuous.
>>
>> Speaking as a fairly new SELinux user/admin, having a "."
>> next to every file in my ls output is just as useful or
>> non-useful as having a "+" next to them, so does it really
>> buy anything?  I end up needing -Z either way.
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472590
>
> The above URL has the history of this discussion.  I requested that there be
> no such notification.  I still believe that there should be nothing used in
> the case of SE Linux (although I could be convinced that the "." is OK if
> files with the context "system_u:object_r:file_t:s0" did not have it).
>
> But it seems that I have lost this debate.  Using "." is better than "+", and
> my request to have none of this in Lenny has been accepted so we have some
> time to work on this before Lenny+1.
>
>> Based on the kind of real-world problems I've had, the most
>> useful thing ls could tell me about a file on my SELinux
>> system would be that it *should* have a label and *doesn't*,
>> something like:
>>
>> if ( selinux_enabled )
>>    if ( label == NULL || label == fs.defaultlabel )
>>      use "!"
>>    else
>>      use " "
>> else if ( anything else )
>>    use "+"
>
> That sounds quite reasonable.

Actually, I'm leaning your way, now, and agree.

If you, Russell, write the patch (w/NEWS and docs would be really nice)
I'll make the switch upstream pretty soon.  It'd be nice to give the
austin group a heads up, too, since this behavior would be contrary to
POSIX.  I don't think it's worth it to make this depend on the setting
of the POSIXLY_CORRECT envvar.




Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#472590; Package coreutils. (Mon, 27 Oct 2008 11:45:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Michael Stone <mstone@debian.org>:
Extra info received and forwarded to list. (Mon, 27 Oct 2008 11:45:05 GMT) Full text and rfc822 format available.

Message #120 received at 472590@bugs.debian.org (full text, mbox):

From: Michael Stone <mstone@debian.org>
To: Mike Edenfield <kutulu@kutulu.org>, 472590@bugs.debian.org
Cc: Jim Meyering <jim@meyering.net>, Vikram Noel Ambrose <noel.ambrose@gmail.com>, bug-coreutils@gnu.org, selinux@tycho.nsa.gov, Ondřej Vašík <ovasik@redhat.com>
Subject: Re: Bug#472590: RFC: changing the "+" in ls -l output to be "." or "+"
Date: Mon, 27 Oct 2008 07:41:37 -0400
On Fri, Oct 24, 2008 at 09:19:07AM -0400, Mike Edenfield wrote:
>Speaking as a fairly new SELinux user/admin, having a "." 
>next to every file in my ls output is just as useful or 
>non-useful as having a "+" next to them, so does it really 
>buy anything?

It buys something if you're unaware that selinux is enabled on the 
system and you can't understand why you can't do something even though 
the file permissions say you should be able to. That's the whole point 
of havin an alternate-acl indicator--so you know when looking at the 
permissions that they aren't the whole story. One thing about selinux 
users is that they sometimes forget that some people aren't...

Mike Stone




Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#472590; Package coreutils. (Fri, 31 Oct 2008 13:39:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Daniel J Walsh <dwalsh@redhat.com>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. (Fri, 31 Oct 2008 13:39:02 GMT) Full text and rfc822 format available.

Message #125 received at 472590@bugs.debian.org (full text, mbox):

From: Daniel J Walsh <dwalsh@redhat.com>
To: Jim Meyering <jim@meyering.net>
Cc: russell@coker.com.au, Mike Edenfield <kutulu@kutulu.org>, 472590@bugs.debian.org, bug-coreutils@gnu.org, Vikram Noel Ambrose <noel.ambrose@gmail.com>, selinux@tycho.nsa.gov, Ondr(ej Vas(ík <ovasik@redhat.com>
Subject: Re: RFC: changing the "+" in ls -l output to be "." or "+"
Date: Fri, 31 Oct 2008 09:37:53 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jim Meyering wrote:
> Russell Coker <russell@coker.com.au> wrote:
> 
>> On Saturday 25 October 2008 00:19, Mike Edenfield <kutulu@kutulu.org> wrote:
>>> Jim Meyering wrote:
>>>> A desire for compatibility makes "+" look good.
>>>> "." is appealing for SELinux-only because it's inconspicuous.
>>> Speaking as a fairly new SELinux user/admin, having a "."
>>> next to every file in my ls output is just as useful or
>>> non-useful as having a "+" next to them, so does it really
>>> buy anything?  I end up needing -Z either way.
>> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472590
>>
>> The above URL has the history of this discussion.  I requested that there be
>> no such notification.  I still believe that there should be nothing used in
>> the case of SE Linux (although I could be convinced that the "." is OK if
>> files with the context "system_u:object_r:file_t:s0" did not have it).
>>
>> But it seems that I have lost this debate.  Using "." is better than "+", and
>> my request to have none of this in Lenny has been accepted so we have some
>> time to work on this before Lenny+1.
>>
>>> Based on the kind of real-world problems I've had, the most
>>> useful thing ls could tell me about a file on my SELinux
>>> system would be that it *should* have a label and *doesn't*,
>>> something like:
>>>
>>> if ( selinux_enabled )
>>>    if ( label == NULL || label == fs.defaultlabel )
>>>      use "!"
>>>    else
>>>      use " "
>>> else if ( anything else )
>>>    use "+"
>> That sounds quite reasonable.
> 
> Actually, I'm leaning your way, now, and agree.
> 
> If you, Russell, write the patch (w/NEWS and docs would be really nice)
> I'll make the switch upstream pretty soon.  It'd be nice to give the
> austin group a heads up, too, since this behavior would be contrary to
> POSIX.  I don't think it's worth it to make this depend on the setting
> of the POSIXLY_CORRECT envvar.
> 
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
If you really wanted to go wild, you could add a qualifier to check
matchpathcon to indicate it differs from the default for the file
system, although it would be very expensive.  Perhaps find would be a
better source.  "find" all files not matching the system defaults.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkkLCjEACgkQrlYvE4MpobM3ywCfZtVW9cQE8hgLRVCHYqHKLfU1
cWgAn2/cx41bmoFguBEVJXGbUiqsryzH
=+qTw
-----END PGP SIGNATURE-----




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 30 Nov 2008 08:38:30 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 04:34:43 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.