[Toybox] [toybox] smack support

Rob Landley rob at landley.net
Sun Sep 20 22:52:42 PDT 2015 


On 09/21/2015 12:28 AM, enh wrote:
> 
> On Sep 20, 2015 10:24 PM, "enh" <enh at google.com <mailto:enh at google.com>>
> wrote:
>>
>>
>> On Sep 20, 2015 6:07 PM, "Rob Landley" <rob at landley.net
> <mailto:rob at landley.net>> wrote:
>> >
>> >
>> >
>> > On 09/20/2015 06:01 AM, José Bollo wrote:
>> > > Le Sat, 19 Sep 2015 01:34:15 -0500,
>> > > Rob Landley <rob at landley.net <mailto:rob at landley.net>> a écrit :
>> > >
>> > >> On 09/17/2015 04:05 PM, Joya Cruz, Alejandro wrote:
>> > >>> Hi Rob,
>> > >>>
>> > >>> Doing some test between TOYBOX 0.6.0 and Smack I got interested on
>> > >>> what is the support that is given to Smack.
>> > >>> The most important user related utilitie it might are:
>> > >>> ls -Z Show the Smack labels on files. (already on toybox)
>> > >>
>> > >> I've never been quite sure what the complete todo list is. I got
>> > >> patches for ls, mkfifo, mknod, mkdir, id, and cp, but I don't think
>> > >> that's a complete list? (Ah, and here's one for stat...)
>> > >>
>> > >>> any idea when the rest is coming ( if its coming ) ?
>> > >>> chsmack:Show and sett all of the Smack attributes on files.
>> > >>
>> > >> Dig dig dig... Ok I found chsmack, doesn't look too hard to
> implement?
>> > >> (First I've heard of it, though...)
>> > >
>> > > Hi all,
>> > >
>> > > I can make the chsmack adaptation. For me the question is "should
>> > > toybox implment it?". Why not but it is up to Rob to decide.
>> >
>> > "Yes but..."
>> >
>> > The toys/android directory is full of a bunch of similar commands, and I
>> > kinda want to stick it in there, but that would involve either remaining
>> > that directory or confirming with Elliott that he doesn't care. :)
>>
>> that's not what i've been using toys/android for :-)
> 
> sent too early...
> 
> for me, toys/android is for stuff where android is different from other
> systems. so SELinux stuff where you can just use the exact same code on,
> say, Ubuntu, doesn't go there. but SELinux stuff that's specific to
> android extensions to libselinux --- that does. commands for
> android-only things like system properties --- they do. but cases where
> the android implementation is the same as other systems --- that
> wouldn't make any sense in there. pending or other or whatever would
> make more sense.

Yeah, I re-read the README and that's sounds about right.

> (and this is ignoring the fact that android doesn't use smack, which is
> what these two are talking about here... smack-only commands especially
> wouldn't make sense in an android directory.

Indeed. My urge was to group then with the selinux-specific commands,
but you're right: the ones we have aren't generic selinux
implementations. The -Z built into other commands often are, but the
standalone ones are android ones.

> but android-specific
> getprop and setprop commands wouldn't make sense in an lsm directory
> either, or indeed any directory that didn't make it clear that this is
> really android-only.)

Ok, chsmack can live in toys/other with the appropriate visibility
depends in its config section. Somebody send me a patch. :)

New todo item to re-ping about "ps -Z" when ps gets promoted.

Thanks,

Rob

 1442814762.0

More information about the Toybox mailing list