coreutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FYI, more id.c changes

From: Jim Meyering
Subject: FYI, more id.c changes
Date: Fri, 27 Apr 2012 18:55:40 +0200 
While investigating today's bug, I noticed that a plain old "id -G"
would call getcon unnecessarily.  It's not going to print a context
string, so it obviously doesn't need to call getcon.

While addressing that, factoring and cleaning up, I noticed this:

    Old behavior: nonsensical diagnostic, since with -Z,
    you don't get the default format:

        $ id -Z -n
        id: cannot print only names or real IDs in default format

    New: -n is ignored with --context (-Z)

        $ src/id -Z -n
        unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023


Considering it's at least two separate issues, I will separate this
into two (or more) patches, with at least one more test:

diff --git a/src/id.c b/src/id.c
index c600e63..c0548bb 100644
--- a/src/id.c
+++ b/src/id.c
@@ -163,30 +163,38 @@ main (int argc, char **argv)
         }
     }

-  if (1 < argc - optind)
+  size_t n_ids = argc - optind;
+  if (1 < n_ids)
     {
       error (0, 0, _("extra operand %s"), quote (argv[optind + 1]));
       usage (EXIT_FAILURE);
     }

-  if (argc - optind == 1 && just_context)
+  if (n_ids && just_context)
     error (EXIT_FAILURE, 0,
            _("cannot print security context when user specified"));

-  /* If we are on a selinux-enabled kernel and no user is specified,
-     get our context. Otherwise, leave the context variable alone -
-     it has been initialized known invalid value and will be not
-     displayed in print_full_info() */
-  if (selinux_enabled && argc == optind)
+  if (just_user + just_group + just_group_list + just_context > 1)
+    error (EXIT_FAILURE, 0, _("cannot print \"only\" of more than one 
choice"));
+
+  bool default_format = (just_user + just_group + just_group_list
+                         + just_context == 0);
+
+  /* If we are on a selinux-enabled kernel, no user is specified, and
+     either --context is specified or none of (-u,-g,-G) is specified,
+     and we're not in POSIXLY_CORRECT mode, get our context.  Otherwise,
+     leave the context variable alone - it has been initialized to an
+     invalid value that will be not displayed in print_full_info().  */
+  if (selinux_enabled
+      && n_ids == 0
+      && (just_context ||
+          (default_format && ! getenv ("POSIXLY_CORRECT"))))
     {
-      if (getcon (&context) && just_context)
+      if (getcon (&context))
         error (EXIT_FAILURE, 0, _("can't get process context"));
     }

-  if (just_user + just_group + just_group_list + just_context > 1)
-    error (EXIT_FAILURE, 0, _("cannot print \"only\" of more than one 
choice"));
-
-  if (just_user + just_group + just_group_list == 0 && (use_real || use_name))
+  if (default_format && (use_real || use_name))
     error (EXIT_FAILURE, 0,
            _("cannot print only names or real IDs in default format"));

@@ -360,6 +368,6 @@ print_full_info (const char *username)

   /* POSIX mandates the precise output format, and that it not include
      any context=... part, so skip that if POSIXLY_CORRECT is set.  */
-  if (context != NULL && ! getenv ("POSIXLY_CORRECT"))
+  if (context)
     printf (_(" context=%s"), context);
 }
reply via email to
[Prev in Thread] Current Thread [Next in Thread]