Index: head/usr.sbin/getextattr/Makefile =================================================================== --- head/usr.sbin/getextattr/Makefile (revision 74275) +++ head/usr.sbin/getextattr/Makefile (revision 74276) @@ -1,7 +1,8 @@ # $FreeBSD$ PROG= getextattr SRCS= getextattr.c +LDADD= ${LIBUTIL} CFLAGS+= -Wall MAN8= getextattr.8 .include Index: head/usr.sbin/getextattr/getextattr.8 =================================================================== --- head/usr.sbin/getextattr/getextattr.8 (revision 74275) +++ head/usr.sbin/getextattr/getextattr.8 (revision 74276) @@ -1,99 +1,104 @@ .\"- -.\" Copyright (c) 2000 Robert N. M. Watson +.\" Copyright (c) 2000, 2001 Robert N. M. Watson .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" $FreeBSD$ .\" .Dd March 30, 2000 .Dt GETEXTATTR 8 .Os .Sh NAME .Nm getextattr .Nd retrieve a named extended attribute .Sh SYNOPSIS .Nm .Op Fl ls +.Ar namespace .Ar attrname .Ar filename ... .Sh DESCRIPTION .Nm is a user tool to retrieve a named extended attribute on a file or directory. The +.Ar namespace +argument should be the namespace of the attribute to retrieve: legal +values are "user" and "system". +The .Ar attrname argument should be the name of the attribute, and .Ar filename a list of files and directories from which to retrieve attribute data. .Pp The following options are available: .Bl -tag -width indent .It Fl l Print attributes in the first column and file names in the second. Can be used only in conjunction with the .Fl s option. .It Fl s Attempt to display the attribute data as a string, although the results may not look pretty if the data is binary data. The .Xr strvisx 3 function is used to generate the string, so control sequences should be safely escaped. Otherwise, the attribute data will be represented as a series of two-digit hex numbers. .El .Sh IMPLEMENTATION NOTES In order for .Nm to succeed, the attribute service must be available on the file system, and the attribute must of defined for the file queried. .Sh EXAMPLES .Bd -literal -offset indent -# getextattr md5 /kernel +# getextattr system md5 /kernel /kernel: 61 61 33 62 39 39 66 65 31 35 35 32 31 62 65 32 62 36 38 36 62 31 66 39 63 64 33 39 35 36 36 31 # getextattr -s md5 /kernel /kernel: "aa3b99fe15521be2b686b1f9cd395661" .Ed .Pp Retrieve the .Dq md5 extended attribute for the file .Pa /kernel . .Sh SEE ALSO .Xr extattrctl 8 , .Xr setextattr 8 , .Xr extattr 9 .Sh HISTORY Extended attribute support was developed as part of the TrustedBSD Project, and introduced in .Fx 5.0 . It was developed to support security extensions requiring additional labels to be associated with each file or directory. .Sh AUTHORS Robert N M Watson .Sh BUGS Only the first 2048 bytes of the extended attribute value are displayed due to a hard-coded buffer limit. Index: head/usr.sbin/getextattr/getextattr.c =================================================================== --- head/usr.sbin/getextattr/getextattr.c (revision 74275) +++ head/usr.sbin/getextattr/getextattr.c (revision 74276) @@ -1,124 +1,131 @@ /*- - * Copyright (c) 1999, 2000 Robert N. M. Watson + * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD$ + * $FreeBSD$ */ /* * TrustedBSD Project - extended attribute support */ #include #include #include +#include #include #include #include void usage(void) { - fprintf(stderr, "getextattr [-s] [attrname] [filename ...]\n"); + fprintf(stderr, "getextattr [-s] [namespace] [attrname] " + "[filename ...]\n"); exit(-1); } extern char *optarg; extern int optind; #define BUFSIZE 2048 int main(int argc, char *argv[]) { struct iovec iov_buf; char *attrname; char buf[BUFSIZE]; char visbuf[BUFSIZE*4]; - int error, i, arg_counter; + int error, i, arg_counter, namespace; int ch; int flag_as_string = 0; int flag_reverse = 0; while ((ch = getopt(argc, argv, "ls")) != -1) { switch (ch) { case 'l': flag_reverse = 1; case 's': flag_as_string = 1; break; case '?': default: usage(); } } argc -= optind; argv += optind; - if (argc <= 1) + if (argc < 3) usage(); - attrname = argv[0]; + error = extattr_string_to_namespace(argv[0], &namespace); + if (error) { + perror(argv[0]); + return (-1); + } + attrname = argv[1]; argc--; argv++; iov_buf.iov_base = buf; iov_buf.iov_len = BUFSIZE; - for (arg_counter = 0; arg_counter < argc; arg_counter++) { - error = extattr_get_file(argv[arg_counter], attrname, + for (arg_counter = 1; arg_counter < argc; arg_counter++) { + error = extattr_get_file(argv[arg_counter], namespace, attrname, &iov_buf, 1); if (error == -1) perror(argv[arg_counter]); else { if (flag_as_string) { strvisx(visbuf, buf, error, VIS_SAFE | VIS_WHITE); if (flag_reverse) { printf("%s ", visbuf); printf("%s\n", argv[arg_counter]); } else { printf("%s:", argv[arg_counter]); printf(" \"%s\"\n", visbuf); } } else { printf("%s:", argv[arg_counter]); for (i = 0; i < error; i++) if (i % 16 == 0) printf("\n %02x ", buf[i]); else if (i % 8 == 0) printf(" %02x ", buf[i]); else printf("%02x ", buf[i]); printf("\n"); } } } return (0); } Index: head/usr.sbin/setextattr/Makefile =================================================================== --- head/usr.sbin/setextattr/Makefile (revision 74275) +++ head/usr.sbin/setextattr/Makefile (revision 74276) @@ -1,7 +1,8 @@ # $FreeBSD$ PROG= setextattr SRCS= setextattr.c +LDADD= ${LIBUTIL} CFLAGS+= -Wall MAN8+= setextattr.8 .include Index: head/usr.sbin/setextattr/setextattr.8 =================================================================== --- head/usr.sbin/setextattr/setextattr.8 (revision 74275) +++ head/usr.sbin/setextattr/setextattr.8 (revision 74276) @@ -1,78 +1,83 @@ .\"- -.\" Copyright (c) 2000 Robert N. M. Watson +.\" Copyright (c) 2000, 2001 Robert N. M. Watson .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $FreeBSD$ +.\" $FreeBSD$ .\" .Dd March 30, 2000 .Dt SETEXTATTR 8 .Os .Sh NAME .Nm setextattr .Nd set a named extended attribute .Sh SYNOPSIS .Nm +.Ar namespace .Ar attrname .Ar filename .Ar attrvalue .Sh DESCRIPTION .Nm is a user tool to set a named extended attribute on a file or directory to the provided string. The +.Ar namespace +argument should be the namespace of the attribute to retrieve: legal +values are "user" and "system". +The .Ar attrname argument should be the name of the attribute, .Ar filename the name of the file or directory to set the attribute for, and .Ar attrvalue a string to store in the attribute. .Nm will store the string in the file's attribute. In order for .Nm to succeed, the attribute service must be available on the file system, and appropriate privilege may be required. .Sh EXAMPLES -.Dl # setextattr md5 /kernel `md5 -q /kernel` +.Dl # setextattr system md5 /kernel `md5 -q /kernel` .Pp Set the .Dq md5 extended attribute on the file /kernel to the string containing the output of .Dq md5 -q /kernel . .Sh SEE ALSO .Xr extattrctl 8 , .Xr getextattr 8 , .Xr extattr 9 .Sh HISTORY Extended attribute support was developed as part of the TrustedBSD Project, and introduced in .Fx 5.0 . It was developed to support security extensions requiring additional labels to be associated with each file or directory. .Sh AUTHORS Robert N M Watson .Sh BUGS .Nm can only be used to set attributes to strings. Index: head/usr.sbin/setextattr/setextattr.c =================================================================== --- head/usr.sbin/setextattr/setextattr.c (revision 74275) +++ head/usr.sbin/setextattr/setextattr.c (revision 74276) @@ -1,64 +1,73 @@ /*- - * Copyright (c) 1999, 2000 Robert N. M. Watson + * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD$ + * $FreeBSD$ */ /* * TrustedBSD Project - extended attribute support for UFS-like file systems */ #include #include #include + +#include #include void usage(void) { - fprintf(stderr, "setextattr [attrname] [filename] [attrvalue]\n"); + fprintf(stderr, "setextattr [namespace] [attrname] [filename] " + "[attrvalue]\n"); exit(-1); } int main(int argc, char *argv[]) { struct iovec iov_buf; - int error; + int error, namespace; - if (argc != 4) + if (argc != 5) usage(); - iov_buf.iov_base = argv[3]; - iov_buf.iov_len = strlen(argv[3]); + error = extattr_string_to_namespace(argv[1], &namespace); + if (error) { + perror(argv[1]); + return (-1); + } - error = extattr_set_file(argv[2], argv[1], &iov_buf, 1); + iov_buf.iov_base = argv[4]; + iov_buf.iov_len = strlen(argv[4]); + + error = extattr_set_file(argv[3], namespace, argv[2], &iov_buf, 1); if (error == -1) { - perror("extattr_set_file"); + perror(argv[3]); return (-1); } return (0); }