Re: RFC: changing the "+" in ls -l output to be "." or "+"

[Pádraig Brady]

Jim Meyering wrote:
> Pádraig Brady wrote:
> ...
>> I'll also look at documenting the ls SElinux options in the info docs
>> as I couldn't see them on a quick search.
> 
> Nice.  That will we welcome.
> If you feel really industrious, mktemp needs info documentation, too.

Ah the SELinux stuff was a TODO, and not just for `ls`.
Hopefully I caught them all in the attached.

cheers,
Pádraig.

p.s. I noticed some inconsistencies with how contexts were handled.
For example `mkdir`, `mkfifo`, `mknod` don't check is_selinux_enabled()
whereas `install` does. Probably OK, but worth noting I think.

>From 39b4994561ccec9ba1cd9e10cb33b6b308dbcf6b Mon Sep 17 00:00:00 2001
From: =?utf-8?q?P=C3=A1draig=20Brady?= <address@hidden>
Date: Mon, 6 Apr 2009 19:21:51 +0100
Subject: [PATCH] doc: add missing documentation for some SELinux options

* doc/coreutils.texi (ls invocation): Describe the --context (-Z) option
(install invocation): Describe the --preserve-context and -Z options
(id invocation): Describe the --context (-Z) option
(mkdir invocation): Describe the --context (-Z) option
(mknod invocation): Describe the --context (-Z) option
(mkfifo invocation): Describe the --context (-Z) option
* TODO: remove the todo item
---
 TODO               |    1 -
 doc/coreutils.texi |   64 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 64 insertions(+), 1 deletions(-)

diff --git a/TODO b/TODO
index 7288285..9128ddf 100644
--- a/TODO
+++ b/TODO
@@ -15,7 +15,6 @@ document the following in coreutils.texi:
   mktemp
   [
   pinky
-Also document the SELinux changes.
 
 Suggestion from Paul Eggert:
   More generally, there's not that much use for imaxtostr nowadays,
diff --git a/doc/coreutils.texi b/doc/coreutils.texi
index 70effa1..5bc4706 100644
--- a/doc/coreutils.texi
+++ b/doc/coreutils.texi
@@ -6540,6 +6540,16 @@ it also affects the HP-UX @command{ls} program.
 
 @optSi
 
address@hidden -Z
address@hidden --context
address@hidden -Z
address@hidden --context
address@hidden SELinux
address@hidden security context
+Display the SELinux security context or @samp{?} if none is found. When used
+with the @option{-l} option, the security context is printed to the left
+of the size column.
+
 @end table
 
 
@@ -8045,6 +8055,15 @@ ownership of installed files or directories to 
@var{owner}.  The default
 is @code{root}.  @var{owner} may be either a user name or a numeric user
 ID.
 
address@hidden --preserve-context
address@hidden --preserve-context
address@hidden SElinux
address@hidden security context
+Preserve the SELinux security context of files and directories.
+Failure to preserve the context in all of the files or directories
+will result in an exit status of 1. If SELinux is disabled then
+a warning is printed and the option is ignored.
+
 @item -p
 @itemx --preserve-timestamps
 @opindex -p
@@ -8083,6 +8102,16 @@ Program used to strip binaries.
 @opindex --verbose
 Print the name of each file before copying it.
 
address@hidden -Z @var{context}
address@hidden address@hidden
address@hidden -Z
address@hidden --context
address@hidden SELinux
address@hidden security context
+Set the default SELinux security context to be used for any
+created files and directories. If SELinux is disabled then
+a warning is printed and the option is ignored.
+
 @end table
 
 @exitstatus
@@ -8917,6 +8946,15 @@ newly-created parent directories are inherited.
 @opindex --verbose
 Print a message for each created directory.  This is most useful with
 @option{--parents}.
+
address@hidden -Z @var{context}
address@hidden address@hidden
address@hidden -Z
address@hidden --context
address@hidden SELinux
address@hidden security context
+Set the default SELinux security context to be used for created directories.
+
 @end table
 
 @exitstatus
@@ -8956,6 +8994,14 @@ Set the mode of created FIFOs to @var{mode}, which is 
symbolic as in
 for the point of departure.  @var{mode} should specify only file
 permission bits.  @xref{File permissions}.
 
address@hidden -Z @var{context}
address@hidden address@hidden
address@hidden -Z
address@hidden --context
address@hidden SELinux
address@hidden security context
+Set the default SELinux security context to be used for created FIFOs.
+
 @end table
 
 @exitstatus
@@ -9031,6 +9077,14 @@ Set the mode of created files to @var{mode}, which is 
symbolic as in
 @var{mode} should specify only file permission bits.
 @xref{File permissions}.
 
address@hidden -Z @var{context}
address@hidden address@hidden
address@hidden -Z
address@hidden --context
address@hidden SELinux
address@hidden security context
+Set the default SELinux security context to be used for created files.
+
 @end table
 
 @exitstatus
@@ -12737,6 +12791,16 @@ Print the real, instead of effective, user or group 
ID.  Requires
 @opindex --user
 Print only the user ID.
 
address@hidden -Z
address@hidden --context
address@hidden -Z
address@hidden --context
address@hidden SELinux
address@hidden security context
+Print only the security context of the current user.
+If SELinux is disabled then a warning is printed and
+the exit status is 1.
+
 @end table
 
 @exitstatus
-- 
1.5.3.6