[Toybox] Regarding mkdir & id for smack
Rob Landley
rob at landley.net
Tue Jun 2 01:30:48 PDT 2015
On Mon, Jun 1, 2015 at 4:39 AM, Hyejin Kim <hj8296 at gmail.com> wrote:
> Hi. I did answer below.
> 2015-06-01 15:46 GMT+09:00 Rob Landley <rob at landley.net>:
>>
>> On Mon, Jun 1, 2015 at 1:29 AM, Hyejin Kim <hj8296 at gmail.com> wrote:
>> > Hi.
>> >
>> > This time _mkdir_ and _id_ were verified for smack behavior.
>>
>> Sorry I've been AWOL: still in Japan through the 7th. (Giving a talk
>> at LinuxCon Japan on thursday:
>>
>> http://lccojapan2015.sched.org/event/860288ccda595208a5d7337d31c6075c#.VWv3sR-1XVN
>> if you're curious. :)
>
>
> The link may be wrong. it can't be opened. Can you check one more?
> I want to share this with my co-workers.
Sorry, I'm in http://events.linuxfoundation.org/events/linuxcon-japan/program/schedule
Thursday at 11:30 am.
My co-presenters are Jeff Dionne (founder of uclinux) and Sumpei
Kawasaki (original architect of superh). Our talk is about how the
superh patents expiring made the architecture interesting again, so
we've clean-room cloned the processor and are releasing the VHDL and
supporting software open source, and would like to build a community
around it.
>> > 2) "toybox id -Znr" can print something while "coreutils' id -Znr" gives
>> > error message.
>>
>> I still haven't got a smack build environment, but I can build
>> selinux, and it goes:
>>
>> $ ./toybox id -Znr
>> id: SELinux disabled
>
>
> In tizen SDK, -Znr option print like below :
>
> $./toybox id -Znr
> context=sdbd
>
> Of course, it is tested under root privilege and SMACK is also enabled.
Basically -Z is taking precedence over -nr in toybox, and -nr are
being checked for conflicts before -Z in the other one.
> Coreutils's id prints : "id: cannot print only names or real IDs in default
> format".
I.E. it's treating "id -Znr" and "id -nr" the same.
The way the toybox help is phrased:
-n print names instead of numeric IDs (to be used with -Ggu)
-r Show real ID instead of effective ID
-n replaces numeric ides with names (a NOP if no numeric IDs are being
printed) and -r replaces effective ids with real ids (again a NOP if
no effective ids are being printed). I didn't treat these NOPs as
errors because posix doesn't say to:
http://pubs.opengroup.org/onlinepubs/9699919799/utilities/id.html
What behavior do you want here?
Rob
1433233848.0
More information about the Toybox
mailing list