@@ -27,7 +27,10 @@ use uucore::mode::get_umask;
2727use uucore:: perms:: { Verbosity , VerbosityLevel , wrap_chown} ;
2828use uucore:: process:: { getegid, geteuid} ;
2929#[ cfg( feature ="selinux" ) ]
30- use uucore:: selinux:: { contexts_differ, set_selinux_security_context} ;
30+ use uucore:: selinux:: {
31+ contexts_differ, set_selinux_context_for_created_directories_install,
32+ set_selinux_default_context_for_install, set_selinux_security_context,
33+ } ;
3134use uucore:: { format_usage, show, show_error, show_if_err} ;
3235
3336#[ cfg( unix) ]
@@ -57,6 +60,7 @@ pub struct Behavior {
5760no_target_dir : bool ,
5861preserve_context : bool ,
5962context : Option < String > ,
63+ default_context : bool ,
6064}
6165
6266#[ derive( Error , Debug ) ]
@@ -157,6 +161,7 @@ static OPT_NO_TARGET_DIRECTORY: &str = "no-target-directory";
157161static OPT_VERBOSE : & str ="verbose" ;
158162static OPT_PRESERVE_CONTEXT : & str ="preserve-context" ;
159163static OPT_CONTEXT : & str ="context" ;
164+ static OPT_DEFAULT_CONTEXT : & str ="default-context" ;
160165
161166static ARG_FILES : & str ="files" ;
162167
@@ -290,8 +295,13 @@ pub fn uu_app() -> Command {
290295. action ( ArgAction :: SetTrue ) ,
291296)
292297. arg (
293- Arg :: new ( OPT_CONTEXT )
298+ Arg :: new ( OPT_DEFAULT_CONTEXT )
294299. short ( 'Z' )
300+ . help ( get_message ( "install-help-default-context" ) )
301+ . action ( ArgAction :: SetTrue ) ,
302+ )
303+ . arg (
304+ Arg :: new ( OPT_CONTEXT )
295305. long ( OPT_CONTEXT )
296306. help ( get_message ( "install-help-context" ) )
297307. value_name ( "CONTEXT" )
@@ -403,6 +413,7 @@ fn behavior(matches: &ArgMatches) -> UResult<Behavior> {
403413} ;
404414
405415let context = matches. get_one :: < String > ( OPT_CONTEXT ) . cloned ( ) ;
416+ let default_context = matches. get_flag ( OPT_DEFAULT_CONTEXT ) ;
406417
407418Ok ( Behavior {
408419 main_function,
@@ -425,6 +436,7 @@ fn behavior(matches: &ArgMatches) -> UResult<Behavior> {
425436 no_target_dir,
426437preserve_context : matches. get_flag ( OPT_PRESERVE_CONTEXT ) ,
427438 context,
439+ default_context,
428440} )
429441}
430442
@@ -463,6 +475,16 @@ fn directory(paths: &[String], b: &Behavior) -> UResult<()> {
463475continue ;
464476}
465477
478+ // Set SELinux context for all created directories if needed
479+ #[ cfg( feature ="selinux" ) ]
480+ if b. context . is_some ( ) || b. default_context {
481+ let context =get_context_for_selinux ( b) ;
482+ set_selinux_context_for_created_directories_install (
483+ path_to_create. as_path ( ) ,
484+ context,
485+ ) ;
486+ }
487+
466488if b. verbose {
467489println ! (
468490"{}" ,
@@ -487,7 +509,12 @@ fn directory(paths: &[String], b: &Behavior) -> UResult<()> {
487509
488510// Set SELinux context for directory if needed
489511#[ cfg( feature ="selinux" ) ]
490- show_if_err ! ( set_selinux_context( path, b) ) ;
512+ if b. default_context {
513+ show_if_err ! ( set_selinux_default_context_for_install( path) ) ;
514+ } else if b. context . is_some ( ) {
515+ let context =get_context_for_selinux ( b) ;
516+ show_if_err ! ( set_selinux_security_context( path, context) ) ;
517+ }
491518}
492519// If the exit code was set, or show! has been called at least once
493520// (which sets the exit code as well), function execution will end after
@@ -606,6 +633,13 @@ fn standard(mut paths: Vec<String>, b: &Behavior) -> UResult<()> {
606633if let Err ( e) = fs:: create_dir_all ( to_create) {
607634return Err ( InstallError :: CreateDirFailed ( to_create. to_path_buf ( ) , e) . into ( ) ) ;
608635}
636+
637+ // Set SELinux context for all created directories if needed
638+ #[ cfg( feature ="selinux" ) ]
639+ if b. context . is_some ( ) || b. default_context {
640+ let context =get_context_for_selinux ( b) ;
641+ set_selinux_context_for_created_directories_install ( to_create, context) ;
642+ }
609643}
610644}
611645if b. target_dir . is_some ( ) {
@@ -975,8 +1009,13 @@ fn copy(from: &Path, to: &Path, b: &Behavior) -> UResult<()> {
9751009if b. preserve_context {
9761010 uucore:: selinux:: preserve_security_context ( from, to)
9771011. map_err ( |e|InstallError :: SelinuxContextFailed ( e. to_string ( ) ) ) ?;
1012+ } else if b. default_context {
1013+ set_selinux_default_context_for_install ( to)
1014+ . map_err ( |e|InstallError :: SelinuxContextFailed ( e. to_string ( ) ) ) ?;
9781015} else if b. context . is_some ( ) {
979- set_selinux_context ( to, b) ?;
1016+ let context =get_context_for_selinux ( b) ;
1017+ set_selinux_security_context ( to, context)
1018+ . map_err ( |e|InstallError :: SelinuxContextFailed ( e. to_string ( ) ) ) ?;
9801019}
9811020
9821021if b. verbose {
@@ -1005,6 +1044,15 @@ fn copy(from: &Path, to: &Path, b: &Behavior) -> UResult<()> {
10051044Ok ( ( ) )
10061045}
10071046
1047+ #[ cfg( feature ="selinux" ) ]
1048+ fn get_context_for_selinux ( b : & Behavior ) ->Option < & String > {
1049+ if b. default_context {
1050+ None
1051+ } else {
1052+ b. context . as_ref ( )
1053+ }
1054+ }
1055+
10081056/// Check if a file needs to be copied due to ownership differences when no explicit group is specified.
10091057/// Returns true if the destination file's ownership would differ from what it should be after installation.
10101058fn needs_copy_for_ownership ( to : & Path , to_meta : & fs:: Metadata ) ->bool {