Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option to show security attribute and improve extended support #855

Closed
wants to merge 2 commits into from
Closed

Add option to show security attribute and improve extended support #855

wants to merge 2 commits into from

Conversation

cgzones
Copy link
Contributor

@cgzones cgzones commented Apr 25, 2021
edited

Add a command line option -Z/--context to show the security context of objects, similar to ls(1).

Show the actual extended attribute values on -@/--extended, instead of just their length.

In case of a symlink, show the extended attributes of the symlink itself, not the target.
This matches the behavior of ls(1) and is more intuitive.

TODO:

  • test on macos (should compile)

In the future one might want to add support for SMACK security labels ("security.SMACK64").

Closes: #254 #613

exa

exa2

@ariasuni
Copy link
Collaborator

The code looks good. How does it work in modes other than long? (grid, grid long, other?)

Also, if you rebase on master it should fix the failing CI check.

@cgzones cgzones force-pushed the security_attribute branch 2 times, most recently from 2c0faa1 to b13ffe3 Compare April 27, 2021 19:31
ariasuni
ariasuni reviewed Apr 28, 2021
View reviewed changes
Copy link
Collaborator

@ariasuni ariasuni left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So here’s a superficial review of your code (at least for now), since I don’t know much about xattr or SELinux.

src/fs/feature/xattr.rs Outdated Show resolved Hide resolved
src/fs/feature/xattr.rs Outdated Show resolved Hide resolved
src/fs/feature/xattr.rs Outdated Show resolved Hide resolved
src/output/details.rs Outdated Show resolved Hide resolved
src/output/details.rs Outdated Show resolved Hide resolved
@cgzones cgzones force-pushed the security_attribute branch 2 times, most recently from 0b06299 to 948c2ad Compare May 10, 2021 17:28
ariasuni
ariasuni requested changes Jun 27, 2021
View reviewed changes
Copy link
Collaborator

@ariasuni ariasuni left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK second review! I don’t have any knowledge of SELinux, do you have any resources about it so I could check that out and understand better what you’re doing in the code?

Also note to myself if you don’t know/want to do that: --context/-Z should be added to zsh and fish completion files.

src/output/details.rs Outdated Show resolved Hide resolved
src/output/details.rs Outdated Show resolved Hide resolved
src/theme/default_theme.rs Show resolved Hide resolved
@cgzones
Copy link
Contributor Author

cgzones commented Jun 30, 2021

I don’t have any knowledge of SELinux, do you have any resources about it so I could check that out and understand better what you’re doing in the code?

SELinux is a Linux Security Module (like AppArmor) providing mandatory access control.
Every subject and object (process, file, network socket, ...) gets assigned a context, on which the decision whether a operation is allowed or not is based.
For file type objects this context is stored as an Extended security attribute with the name security.selinux (see man:xattr(7)).
An SELinux context consists of 3 or 4 parts (depending whether the SELinux policy enables MCS/MLS 1), which are separated by colons:

@jpds
Copy link

jpds commented Jul 23, 2021

I decided to try this patch on one of my systems, there seems to be a special case for /dev and /sys that exa doesn't handle:

$ ls -lZ /
total 87
drwxr-xr-x.   2 root root system_u:object_r:bin_t        114 Jul 21 13:40 bin/
drwxr-xr-x.   4 root root system_u:object_r:boot_t        29 Jul 21 13:42 boot/
drwxr-xr-x.  18 root root system_u:object_r:device_t    4320 Jul 23 11:44 dev/
drwxr-xr-x.  63 root root system_u:object_r:etc_t        143 Jul 23 11:44 etc/
drwxr-xr-x.   3 root root system_u:object_r:home_root_t    4 Jun  7 01:35 home/
drwxr-xr-x.  12 root root system_u:object_r:lib_t         13 Jul 21 13:08 lib/
drwxr-xr-x.   6 root root system_u:object_r:lib_t        159 Jul 21 13:40 lib64/
drwxr-xr-x.   2 root root system_u:object_r:mnt_t          3 Jun  3 14:15 media/
drwxr-xr-x.   4 root root system_u:object_r:mnt_t          5 Jun 24 11:51 mnt/
drwxr-xr-x.   3 root root system_u:object_r:usr_t          4 Jun 19 00:17 opt/
dr-xr-xr-x. 476 root root system_u:object_r:proc_t         0 Jul 23 11:44 proc/
drwx------.   4 root root root:object_r:user_home_dir_t    8 Jul 21 22:37 root/
drwxr-xr-x.  19 root root system_u:object_r:var_run_t    680 Jul 23 11:44 run/
drwxr-xr-x.   2 root root system_u:object_r:bin_t        249 Jul 21 13:40 sbin/
dr-xr-xr-x.  13 root root system_u:object_r:sysfs_t        0 Jul 23 13:00 sys/
drwxrwxrwt.   6 root root system_u:object_r:tmp_t          6 Jul 23 11:46 tmp/
drwxr-xr-x.  12 root root system_u:object_r:usr_t         13 Jun  3 14:17 usr/
drwxr-xr-x.   9 root root system_u:object_r:var_t         11 Jun  3 14:15 var/

$ exa -lZ /
drwxr-xr-x - root system_u:object_r:bin_t       21 Jul 13:40 bin
drwxr-xr-x - root system_u:object_r:boot_t      21 Jul 13:42 boot
drwxr-xr-x - root ?                             23 Jul 11:44 dev
drwxr-xr-x - root system_u:object_r:etc_t       23 Jul 11:44 etc
drwxr-xr-x - root system_u:object_r:home_root_t  7 Jun 01:35 home
drwxr-xr-x - root system_u:object_r:lib_t       21 Jul 13:08 lib
drwxr-xr-x - root system_u:object_r:lib_t       21 Jul 13:40 lib64
drwxr-xr-x - root system_u:object_r:mnt_t        3 Jun 14:15 media
drwxr-xr-x - root system_u:object_r:mnt_t       24 Jun 11:51 mnt
drwxr-xr-x - root system_u:object_r:usr_t       19 Jun 00:17 opt
dr-xr-xr-x - root system_u:object_r:proc_t      23 Jul 11:44 proc
drwx------ - root root:object_r:user_home_dir_t 21 Jul 22:37 root
drwxr-xr-x - root system_u:object_r:var_run_t   23 Jul 11:44 run
drwxr-xr-x - root system_u:object_r:bin_t       21 Jul 13:40 sbin
dr-xr-xr-x - root ?                             23 Jul 13:00 sys
drwxrwxrwt - root system_u:object_r:tmp_t       23 Jul 11:46 tmp
drwxr-xr-x - root system_u:object_r:usr_t        3 Jun 14:17 usr
drwxr-xr-x - root system_u:object_r:var_t        3 Jun 14:15 var

$ ls -lZ /sys/
total 0
drwxr-xr-x.   2 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 block/
drwxr-xr-x.  44 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 bus/
drwxr-xr-x.  73 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 class/
drwxr-xr-x.   4 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 dev/
drwxr-xr-x.  21 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 devices/
drwxr-xr-x.   6 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 firmware/
drwxr-xr-x.   9 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 fs/
drwxr-xr-x.   2 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 hypervisor/
drwxr-xr-x.  14 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 kernel/
drwxr-xr-x. 226 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 module/
drwxr-xr-x.   3 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 power/

$ exa -lZ /sys/
drwxr-xr-x - root ? 23 Jul 13:04 block
drwxr-xr-x - root ? 23 Jul 13:04 bus
drwxr-xr-x - root ? 23 Jul 13:04 class
drwxr-xr-x - root ? 23 Jul 13:04 dev
drwxr-xr-x - root ? 23 Jul 13:04 devices
drwxr-xr-x - root ? 23 Jul 13:04 firmware
drwxr-xr-x - root ? 23 Jul 13:04 fs
drwxr-xr-x - root ? 23 Jul 13:04 hypervisor
drwxr-xr-x - root ? 23 Jul 13:04 kernel
drwxr-xr-x - root ? 23 Jul 13:04 module
drwxr-xr-x - root ? 23 Jul 13:04 power

@jpds
Copy link

jpds commented Jul 23, 2021

I can confirm that b4504f9 is working fantastically on my SELinux enabled systems.

ariasuni
ariasuni reviewed Jul 31, 2021
View reviewed changes
src/fs/feature/xattr.rs Outdated Show resolved Hide resolved
@ariasuni ariasuni mentioned this pull request Jul 31, 2021
Closed
@ariasuni
Copy link
Collaborator

ariasuni commented Sep 1, 2021

Did you take a look at the unit tests error? Sorry for the long time between reviews, I just don’t have much time these days.

@cgzones cgzones force-pushed the security_attribute branch 2 times, most recently from 1b27f27 to 12bb4f3 Compare September 2, 2021 20:51
@linusg
Copy link

linusg commented Mar 18, 2022

@ariasuni @cgzones Hi, what's the state of this PR? Would love to see this merged.

ariasuni
ariasuni requested changes Mar 29, 2022
View reviewed changes
Copy link
Collaborator

@ariasuni ariasuni left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Last review for me, afterward I’d like to merge this, but the Vagrant tests aren’t up-to-date.

Do you think you could either add this to this PR, or do a PR later to add them? Right now, there are tests checking the output of exa with xattrs in xtests/attributes.toml and xtests/details-view-permissions.toml.

It’s fine if you can’t, but I honestly would prefer not to merge anything that breaks existing tests (in the future, these tests will be part of the CI).

src/options/view.rs Outdated Show resolved Hide resolved
src/output/details.rs Outdated Show resolved Hide resolved
src/fs/file.rs
@@ -63,6 +65,9 @@ pub struct File<'dir> {
/// directory’s children, and are in fact added specifically by exa; this
/// means that they should be skipped when recursing.
pub is_all_all: bool,

/// The extended attributes of this file.
pub extended_attributes: Vec<Attribute>,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I’m not quite sure why we need to do that? We didn’t need to do that before for xattrs.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cause currently the extended attributes are retrieved from the filesystem at the point when the output is generated (potentially even in another process), now the attributes are used in more places, e.g. whether to show the extended attribute hint (@), so the extended attributes are gathered at scan time, e.g. strace(1) output:

old:

statx(AT_FDCWD, "/datadrive/", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=STATX_ATTR_MOUNT_ROOT, stx_mode=S_IFDIR|0755, stx_size=4096, ...}) = 0
openat(AT_FDCWD, "/datadrive/", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x56db6bc84130 /* 5 entries */, 32768) = 136
getdents64(3, 0x56db6bc84130 /* 0 entries */, 32768) = 0
close(3)                                = 0
statx(AT_FDCWD, "/datadrive/vm", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0755, stx_size=4096, ...}) = 0
statx(AT_FDCWD, "/datadrive/lost+found", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0700, stx_size=16384, ...}) = 0
statx(AT_FDCWD, "/datadrive/christian", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0755, stx_size=4096, ...}) = 0

[later in separate process]

listxattr("/datadrive/lost+found", NULL, 0) = 17
listxattr("/datadrive/lost+found", "security.selinux\0", 17) = 17
getxattr("/datadrive/lost+found", "security.selinux", NULL, 0) = 27

new:

statx(AT_FDCWD, "/datadrive/", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=STATX_ATTR_MOUNT_ROOT, stx_mode=S_IFDIR|0755, stx_size=4096, ...}) = 0
llistxattr("/datadrive/", NULL, 0)      = 17
llistxattr("/datadrive/", "security.selinux\0", 17) = 17
lgetxattr("/datadrive/", "security.selinux", NULL, 0) = 27
lgetxattr("/datadrive/", "security.selinux", "system_u:object_r:var_t:s0", 27) = 27
openat(AT_FDCWD, "/datadrive/", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x598099e93220 /* 5 entries */, 32768) = 136
getdents64(3, 0x598099e93220 /* 0 entries */, 32768) = 0
close(3)                                = 0
statx(AT_FDCWD, "/datadrive/vm", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0755, stx_size=4096, ...}) = 0
llistxattr("/datadrive/vm", NULL, 0)    = 17
llistxattr("/datadrive/vm", "security.selinux\0", 17) = 17
lgetxattr("/datadrive/vm", "security.selinux", NULL, 0) = 37
lgetxattr("/datadrive/vm", "security.selinux", "system_u:object_r:libvirt_state_"..., 37) = 37
statx(AT_FDCWD, "/datadrive/lost+found", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0700, stx_size=16384, ...}) = 0
llistxattr("/datadrive/lost+found", NULL, 0) = 17
llistxattr("/datadrive/lost+found", "security.selinux\0", 17) = 17
lgetxattr("/datadrive/lost+found", "security.selinux", NULL, 0) = 27
lgetxattr("/datadrive/lost+found", "security.selinux", "system_u:object_r:var_t:s0", 27) = 27
statx(AT_FDCWD, "/datadrive/christian", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0755, stx_size=4096, ...}) = 0
llistxattr("/datadrive/christian", NULL, 0) = 17
llistxattr("/datadrive/christian", "security.selinux\0", 17) = 17
lgetxattr("/datadrive/christian", "security.selinux", NULL, 0) = 27
lgetxattr("/datadrive/christian", "security.selinux", "system_u:object_r:var_t:s0", 27) = 27

src/fs/feature/xattr.rs Outdated Show resolved Hide resolved
src/fs/feature/xattr.rs Outdated Show resolved Hide resolved
@cgzones
Copy link
Contributor Author

cgzones commented Mar 30, 2022

Last review for me, afterward I’d like to merge this, but the Vagrant tests aren’t up-to-date.

Thanks for reviewing.

Do you think you could either add this to this PR, or do a PR later to add them? Right now, there are tests checking the output of exa with xattrs in xtests/attributes.toml and xtests/details-view-permissions.toml.

I briefly tried to run a vagrant virtual machine with a libvirt backend, but it didn't seem to work out of the box. For me it would be easiest if the integration tests are enabled in the GitHub CI.

@ariasuni
Copy link
Collaborator

I didn’t know Vagrant could use libvirt; I’ve successfully used it with Virtualbox. But these tests should obviously be in the CI in the mid/longterm (I had COVID so couldn’t really progress much on that front, anyway).

@nnsee
Copy link

nnsee commented Jul 26, 2022

Hello!

What's the status on this? Would love to see this merged. Is there any way I can help?

@rustysys-dev
Copy link

I would also love to see this merged if there are no blockers.

@cgzones
Add option to show security attribute and improve extended support
afeac47 
Add a command line option -Z/--context to show the security context of
objects, similar to ls(1).

Show the actual extended attribute values on -@/--extended, instead of
just their length.

In case of a symbolic link, show the extended attributes of the symbolic
link itself, not the target. This matches the behavior of ls(1) and is
more intuitive.

Closes: #254
@cafkafk cafkafk mentioned this pull request Jul 29, 2023
Merged
This was referenced Jul 29, 2023
Open
Closed
@daviessm daviessm mentioned this pull request Aug 27, 2023
Closed
@ariasuni
Copy link
Collaborator

Closing this since exa is unmaintained (see #1243), and this has been done in the active fork eza. Thanks anyway!

@ariasuni ariasuni closed this Sep 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ariasuni ariasuni ariasuni requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support For Security Context ?
6 participants
@cgzones @ariasuni @jpds @linusg @nnsee @rustysys-dev