diff options
| -rw-r--r-- | .splintrc | 2 | ||||
| -rw-r--r-- | lib/formats.c | 77 | ||||
| -rw-r--r-- | lib/poptALL.c | 7 | ||||
| -rw-r--r-- | lib/rpmfi.c | 262 | ||||
| -rw-r--r-- | lib/rpmfi.h | 56 | ||||
| -rw-r--r-- | lib/rpmlib.h | 3 | ||||
| -rw-r--r-- | po/POTFILES.in | 1 | ||||
| -rw-r--r-- | rpmdb/rpmdb.c | 6 | ||||
| -rw-r--r-- | rpmpopt.in | 27 |
9 files changed, 437 insertions, 4 deletions
@@ -1,4 +1,4 @@ --I. -I./build -I./lib -I./rpmdb -I./rpmio -I./beecrypt -I./file -I./popt -I./elfutils/libelf -I./zlib -I/usr/lib/gcc-lib/i386-redhat-linux/3.1/include -DHAVE_CONFIG_H -D_GNU_SOURCE -D_REENTRANT -DHAVE_DEV_DSP -DHAVE_SYS_SOUNDCARD +-I. -I./build -I./lib -I./rpmdb -I./rpmio -I./beecrypt -I./file -I./popt -I./elfutils/libelf -I./zlib -I/usr/include/selinux -I/usr/lib/gcc-lib/i386-redhat-linux/3.1/include -DHAVE_CONFIG_H -D_GNU_SOURCE -D_REENTRANT -DHAVE_DEV_DSP -DHAVE_SYS_SOUNDCARD #+partial +forcehints diff --git a/lib/formats.c b/lib/formats.c index c86ffb459..4bab4170f 100644 --- a/lib/formats.c +++ b/lib/formats.c @@ -842,6 +842,78 @@ static int fileclassTag(Header h, /*@out@*/ rpmTagType * type, } /** + * Retrieve file contexts from header. + * @param h header + * @retval *type tag type + * @retval *data tag value + * @retval *count no. of data items + * @retval *freeData data-was-malloc'ed indicator + * @return 0 on success + */ +static int filecontextsTag(Header h, /*@out@*/ rpmTagType * type, + /*@out@*/ const void ** data, /*@out@*/ int_32 * count, + /*@out@*/ int * freeData) + /*@globals rpmGlobalMacroContext, h_errno, fileSystem @*/ + /*@modifies h, *type, *data, *count, *freeData, + rpmGlobalMacroContext, fileSystem @*/ + /*@requires maxSet(type) >= 0 /\ maxSet(data) >= 0 + /\ maxSet(count) >= 0 /\ maxSet(freeData) >= 0 @*/ +{ + *type = RPM_STRING_ARRAY_TYPE; + rpmfiBuildFContexts(h, (const char ***) data, count); + *freeData = 1; + return 0; +} + +/** + * Retrieve file contexts from file system. + * @param h header + * @retval *type tag type + * @retval *data tag value + * @retval *count no. of data items + * @retval *freeData data-was-malloc'ed indicator + * @return 0 on success + */ +static int fscontextsTag(Header h, /*@out@*/ rpmTagType * type, + /*@out@*/ const void ** data, /*@out@*/ int_32 * count, + /*@out@*/ int * freeData) + /*@globals rpmGlobalMacroContext, h_errno, fileSystem @*/ + /*@modifies h, *type, *data, *count, *freeData, + rpmGlobalMacroContext, fileSystem @*/ + /*@requires maxSet(type) >= 0 /\ maxSet(data) >= 0 + /\ maxSet(count) >= 0 /\ maxSet(freeData) >= 0 @*/ +{ + *type = RPM_STRING_ARRAY_TYPE; + rpmfiBuildFSContexts(h, (const char ***) data, count); + *freeData = 1; + return 0; +} + +/** + * Retrieve file contexts from policy RE's. + * @param h header + * @retval *type tag type + * @retval *data tag value + * @retval *count no. of data items + * @retval *freeData data-was-malloc'ed indicator + * @return 0 on success + */ +static int recontextsTag(Header h, /*@out@*/ rpmTagType * type, + /*@out@*/ const void ** data, /*@out@*/ int_32 * count, + /*@out@*/ int * freeData) + /*@globals rpmGlobalMacroContext, h_errno, fileSystem @*/ + /*@modifies h, *type, *data, *count, *freeData, + rpmGlobalMacroContext, fileSystem @*/ + /*@requires maxSet(type) >= 0 /\ maxSet(data) >= 0 + /\ maxSet(count) >= 0 /\ maxSet(freeData) >= 0 @*/ +{ + *type = RPM_STRING_ARRAY_TYPE; + rpmfiBuildREContexts(h, (const char ***) data, count); + *freeData = 1; + return 0; +} + +/** * Retrieve file provides. * @param h header * @retval *type tag type @@ -1058,12 +1130,15 @@ const struct headerSprintfExtension_s rpmHeaderFormats[] = { { HEADER_EXT_TAG, "RPMTAG_DESCRIPTION", { descriptionTag } }, { HEADER_EXT_TAG, "RPMTAG_SUMMARY", { summaryTag } }, { HEADER_EXT_TAG, "RPMTAG_FILECLASS", { fileclassTag } }, + { HEADER_EXT_TAG, "RPMTAG_FILECONTEXTS", { filecontextsTag } }, { HEADER_EXT_TAG, "RPMTAG_FILENAMES", { filenamesTag } }, { HEADER_EXT_TAG, "RPMTAG_FILEPROVIDE", { fileprovideTag } }, { HEADER_EXT_TAG, "RPMTAG_FILEREQUIRE", { filerequireTag } }, - { HEADER_EXT_TAG, "RPMTAG_FSSIZES", { fssizesTag } }, + { HEADER_EXT_TAG, "RPMTAG_FSCONTEXTS", { fscontextsTag } }, { HEADER_EXT_TAG, "RPMTAG_FSNAMES", { fsnamesTag } }, + { HEADER_EXT_TAG, "RPMTAG_FSSIZES", { fssizesTag } }, { HEADER_EXT_TAG, "RPMTAG_INSTALLPREFIX", { instprefixTag } }, + { HEADER_EXT_TAG, "RPMTAG_RECONTEXTS", { recontextsTag } }, { HEADER_EXT_TAG, "RPMTAG_TRIGGERCONDS", { triggercondsTag } }, { HEADER_EXT_TAG, "RPMTAG_TRIGGERTYPE", { triggertypeTag } }, { HEADER_EXT_FORMAT, "armor", { armorFormat } }, diff --git a/lib/poptALL.c b/lib/poptALL.c index ae0e5465e..0f7190967 100644 --- a/lib/poptALL.c +++ b/lib/poptALL.c @@ -68,6 +68,9 @@ extern int _rpmps_debug; extern int _rpmsq_debug; /*@unchecked@*/ +extern int _rpmsx_debug; + +/*@unchecked@*/ extern int _rpmte_debug; /*@unchecked@*/ @@ -95,8 +98,10 @@ rpmQueryFlags rpmcliQueryFlags; /*@-exportheadervar@*/ /*@unchecked@*/ extern int _ftp_debug; + /*@unchecked@*/ extern int noLibio; + /*@unchecked@*/ extern int _rpmio_debug; /*@=exportheadervar@*/ @@ -313,6 +318,8 @@ struct poptOption rpmcliAllPoptTable[] = { NULL, NULL}, { "rpmsqdebug", '\0', POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN, &_rpmsq_debug, -1, NULL, NULL}, + { "rpmsxdebug", '\0', POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN, &_rpmsx_debug, -1, + NULL, NULL}, { "rpmtedebug", '\0', POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN, &_rpmte_debug, -1, NULL, NULL}, { "rpmtsdebug", '\0', POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN, &_rpmts_debug, -1, diff --git a/lib/rpmfi.c b/lib/rpmfi.c index 3f3af47b1..63202e62f 100644 --- a/lib/rpmfi.c +++ b/lib/rpmfi.c @@ -16,6 +16,8 @@ #define _RPMFI_INTERNAL #include "rpmfi.h" +#include "rpmsx.h" + #define _RPMTE_INTERNAL /* relocations */ #include "rpmte.h" #include "rpmts.h" @@ -305,6 +307,19 @@ const char * rpmfiFClass(rpmfi fi) return fclass; } +const char * rpmfiFContext(rpmfi fi) +{ + const char * fcontext = NULL; + + if (fi != NULL && fi->i >= 0 && fi->i < fi->fc) { +/*@-boundsread@*/ + if (fi->fcontexts != NULL) + fcontext = fi->fcontexts[fi->i]; +/*@=boundsread@*/ + } + return fcontext; +} + int_32 rpmfiFDepends(rpmfi fi, const int_32 ** fddictp) { int fddictx = -1; @@ -1135,6 +1150,8 @@ fprintf(stderr, "*** fi %p\t%s[%d]\n", fi, fi->Type, fi->fc); fi->obnl = hfd(fi->obnl, -1); fi->odnl = hfd(fi->odnl, -1); + fi->fcontexts = hfd(fi->fcontexts, -1); + fi->actions = _free(fi->actions); fi->replacedSizes = _free(fi->replacedSizes); fi->replaced = _free(fi->replaced); @@ -1183,6 +1200,10 @@ rpmfi rpmfiNew(rpmts ts, Header h, rpmTag tagN, int scareMem) uint_32 * uip; int dnlmax, bnlmax; unsigned char * t; +security_context_t scon; +int * fcnb; +char * fctxt; +int fctxtlen; int len; int xx; int i; @@ -1407,6 +1428,44 @@ if (fi->actions == NULL) fi->dperms = 0755; fi->fperms = 0644; + /* Retrieve file contexts into single contiguous buffer, saving sizes. */ + fctxt = NULL; + fctxtlen = 0; + len = fi->fc * sizeof(*fcnb); + fcnb = memset(alloca(len), 0, len); + fi->fn = xmalloc(fi->fnlen); +/*@-branchstate@*/ + for (i = 0; i < fi->fc; i++) { +/*@-boundswrite@*/ + *fi->fn = '\0'; + (void) stpcpy( stpcpy(fi->fn, fi->dnl[fi->dil[i]]), fi->bnl[i]); +/*@=boundswrite@*/ + fcnb[i] = lgetfilecon(fi->fn, &scon); + if (fcnb[i] <= 0) + continue; + + fctxt = xrealloc(fctxt, fctxtlen + fcnb[i]); + memcpy(fctxt+fctxtlen, scon, fcnb[i]); + fctxtlen += fcnb[i]; + (void) freecon(scon); + } +/*@=branchstate@*/ + + /* Initialize array ptrs into data following array. */ + len = ((fi->fc+1) * sizeof(*fi->fcontexts)) + fctxtlen; + fi->fcontexts = xmalloc(len); + (void) memset(fi->fcontexts, 0, (fi->fc+1) * sizeof(*fi->fcontexts)); + (void) memcpy(&fi->fcontexts[fi->fc+1], fctxt, fctxtlen); + fctxt = _free(fctxt); + fctxt = (char *) (&fi->fcontexts[fi->fc+1]); + for (i = 0; i < fi->fc; i++) { + if (fcnb[i] <= 0) + continue; + fi->fcontexts[i] = fctxt; + fctxt += fcnb[i]; + } + fi->fcontexts[fi->fc] = NULL; + exit: /*@-modfilesys@*/ if (_rpmfi_debug < 0) @@ -1473,6 +1532,209 @@ exit: if (fcp) *fcp = ac; } +void rpmfiBuildFContexts(Header h, + /*@out@*/ const char *** fcontextp, /*@out@*/ int * fcp) +{ + int scareMem = 1; + rpmfi fi = rpmfiNew(NULL, h, RPMTAG_BASENAMES, scareMem); + const char * FContext; + const char ** av; + int ac; + size_t nb; + char * t; + + if ((ac = rpmfiFC(fi)) <= 0) { + av = NULL; + ac = 0; + goto exit; + } + + /* Compute size of argv array blob. */ + nb = (ac + 1) * sizeof(*av); + fi = rpmfiInit(fi, 0); + if (fi != NULL) + while (rpmfiNext(fi) >= 0) { + FContext = rpmfiFContext(fi); + if (FContext && *FContext != '\0') + nb += strlen(FContext); + nb += 1; + } + + /* Create and load argv array. */ + av = xmalloc(nb); + t = ((char *) av) + ((ac + 1) * sizeof(*av)); + ac = 0; + fi = rpmfiInit(fi, 0); + if (fi != NULL) + while (rpmfiNext(fi) >= 0) { + FContext = rpmfiFContext(fi); + av[ac++] = t; + if (FContext && *FContext != '\0') + t = stpcpy(t, FContext); + *t++ = '\0'; + } + av[ac] = NULL; + /*@=branchstate@*/ + +exit: + fi = rpmfiFree(fi); + /*@-branchstate@*/ + if (fcontextp) + *fcontextp = av; + else + av = _free(av); + /*@=branchstate@*/ + if (fcp) *fcp = ac; +} + +void rpmfiBuildFSContexts(Header h, + /*@out@*/ const char *** fcontextp, /*@out@*/ int * fcp) +{ + int scareMem = 1; + rpmfi fi = rpmfiNew(NULL, h, RPMTAG_BASENAMES, scareMem); + const char ** av; + int ac; + size_t nb; + char * t; + char * fctxt = NULL; + size_t fctxtlen = 0; + int * fcnb; + + if ((ac = rpmfiFC(fi)) <= 0) { + av = NULL; + ac = 0; + goto exit; + } + + /* Compute size of argv array blob, concatenating file contexts. */ + nb = ac * sizeof(*fcnb); + fcnb = memset(alloca(nb), 0, nb); + ac = 0; + fi = rpmfiInit(fi, 0); + if (fi != NULL) + while (rpmfiNext(fi) >= 0) { + const char * fn = rpmfiFN(fi); + security_context_t scon; + + fcnb[ac] = lgetfilecon(fn, &scon); +/*@-branchstate@*/ + if (fcnb[ac] > 0) { + fctxt = xrealloc(fctxt, fctxtlen + fcnb[ac]); + memcpy(fctxt+fctxtlen, scon, fcnb[ac]); + fctxtlen += fcnb[ac]; + (void) freecon(scon); + } +/*@=branchstate@*/ + ac++; + } + + /* Create and load argv array from concatenated file contexts. */ + nb = (ac + 1) * sizeof(*av) + fctxtlen; + av = xmalloc(nb); + t = ((char *) av) + ((ac + 1) * sizeof(*av)); + (void) memcpy(t, fctxt, fctxtlen); + ac = 0; + fi = rpmfiInit(fi, 0); + if (fi != NULL) + while (rpmfiNext(fi) >= 0) { + av[ac] = NULL; + if (fcnb[ac] > 0) { + av[ac] = t; + t += fcnb[ac]; + } + ac++; + } + av[ac] = NULL; + +exit: + fi = rpmfiFree(fi); + /*@-branchstate@*/ + if (fcontextp) + *fcontextp = av; + else + av = _free(av); + /*@=branchstate@*/ + if (fcp) *fcp = ac; +} + +void rpmfiBuildREContexts(Header h, + /*@out@*/ const char *** fcontextp, /*@out@*/ int * fcp) +{ + int scareMem = 1; + rpmfi fi = rpmfiNew(NULL, h, RPMTAG_BASENAMES, scareMem); + rpmsx sx = NULL; + const char ** av; + int ac; + size_t nb; + char * t; + char * fctxt = NULL; + size_t fctxtlen = 0; + int * fcnb; + + if ((ac = rpmfiFC(fi)) <= 0) { + av = NULL; + ac = 0; + goto exit; + } + + /* Read security context patterns. */ + sx = rpmsxNew(NULL); + + /* Compute size of argv array blob, concatenating file contexts. */ + nb = ac * sizeof(*fcnb); + fcnb = memset(alloca(nb), 0, nb); + ac = 0; + fi = rpmfiInit(fi, 0); + if (fi != NULL) + while (rpmfiNext(fi) >= 0) { + const char * fn = rpmfiFN(fi); + mode_t fmode = rpmfiFMode(fi); + const char * scon; + + scon = rpmsxFContext(sx, fn, fmode); + if (scon != NULL) { + fcnb[ac] = strlen(scon) + 1; +/*@-branchstate@*/ + if (fcnb[ac] > 0) { + fctxt = xrealloc(fctxt, fctxtlen + fcnb[ac]); + memcpy(fctxt+fctxtlen, scon, fcnb[ac]); + fctxtlen += fcnb[ac]; + } +/*@=branchstate@*/ + } + ac++; + } + + /* Create and load argv array from concatenated file contexts. */ + nb = (ac + 1) * sizeof(*av) + fctxtlen; + av = xmalloc(nb); + t = ((char *) av) + ((ac + 1) * sizeof(*av)); + (void) memcpy(t, fctxt, fctxtlen); + ac = 0; + fi = rpmfiInit(fi, 0); + if (fi != NULL) + while (rpmfiNext(fi) >= 0) { + av[ac] = NULL; + if (fcnb[ac] > 0) { + av[ac] = t; + t += fcnb[ac]; + } + ac++; + } + av[ac] = NULL; + +exit: + fi = rpmfiFree(fi); + sx = rpmsxFree(sx); + /*@-branchstate@*/ + if (fcontextp) + *fcontextp = av; + else + av = _free(av); + /*@=branchstate@*/ + if (fcp) *fcp = ac; +} + void rpmfiBuildFDeps(Header h, rpmTag tagN, /*@out@*/ const char *** fdepsp, /*@out@*/ int * fcp) { diff --git a/lib/rpmfi.h b/lib/rpmfi.h index d4456d3ac..af0ad2362 100644 --- a/lib/rpmfi.h +++ b/lib/rpmfi.h @@ -82,6 +82,9 @@ struct rpmfi_s { const uint_32 * fcolors; /*!< File color bits (header) */ /*@only@*/ /*@null@*/ + const char ** fcontexts; /*! FIle security contexts. */ + +/*@only@*/ /*@null@*/ const char ** cdict; /*!< File class dictionary (header) */ int_32 ncdict; /*!< No. of class entries. */ /*@only@*/ /*@null@*/ @@ -396,6 +399,17 @@ extern const char * rpmfiFClass(/*@null@*/ rpmfi fi) /*@=exportlocal@*/ /** + * Return current file security context from file info set. + * @param fi file info set + * @return current file context, 0 on invalid + */ +/*@-exportlocal@*/ +/*@observer@*/ /*@null@*/ +extern const char * rpmfiFContext(/*@null@*/ rpmfi fi) + /*@*/; +/*@=exportlocal@*/ + +/** * Return current file depends dictionary from file info set. * @param fi file info set * @retval *fddictp file depends dictionary array (or NULL) @@ -514,6 +528,48 @@ void rpmfiBuildFClasses(Header h, /*@modifies h, *fclassp, *fcp, rpmGlobalMacroContext, fileSystem @*/; /** + * Retrieve file security contexts from header. + * + * This function is used to retrieve file contexts from the header. + * + * @param h header + * @retval *fcontextp array of file contexts + * @retval *fcp number of files + */ +void rpmfiBuildFContexts(Header h, + /*@out@*/ const char *** fcontextp, /*@out@*/ int * fcp) + /*@globals rpmGlobalMacroContext, h_errno, fileSystem @*/ + /*@modifies h, *fcontextp, *fcp, rpmGlobalMacroContext, fileSystem @*/; + +/** + * Retrieve file security contexts from file system. + * + * This function is used to retrieve file contexts from the file system. + * + * @param h header + * @retval *fcontextp array of file contexts + * @retval *fcp number of files + */ +void rpmfiBuildFSContexts(Header h, + /*@out@*/ const char *** fcontextp, /*@out@*/ int * fcp) + /*@globals rpmGlobalMacroContext, h_errno, fileSystem @*/ + /*@modifies h, *fcontextp, *fcp, rpmGlobalMacroContext, fileSystem @*/; + +/** + * Retrieve file security contexts from policy RE's. + * + * This function is used to retrieve file contexts from policy RE's. + * + * @param h header + * @retval *fcontextp array of file contexts + * @retval *fcp number of files + */ +void rpmfiBuildREContexts(Header h, + /*@out@*/ const char *** fcontextp, /*@out@*/ int * fcp) + /*@globals rpmGlobalMacroContext, h_errno, fileSystem @*/ + /*@modifies h, *fcontextp, *fcp, rpmGlobalMacroContext, fileSystem @*/; + +/** * Retrieve per-file dependencies from header. * * This function is used to retrieve per-file dependencies from the header. diff --git a/lib/rpmlib.h b/lib/rpmlib.h index 73d638157..9356a074a 100644 --- a/lib/rpmlib.h +++ b/lib/rpmlib.h @@ -414,6 +414,9 @@ typedef enum rpmTag_e { RPMTAG_FILEDEPENDSN = 1144, RPMTAG_DEPENDSDICT = 1145, RPMTAG_SOURCEPKGID = 1146, + RPMTAG_FILECONTEXTS = 1147, + RPMTAG_FSCONTEXTS = 1148, + RPMTAG_RECONTEXTS = 1149, /*@-enummemuse@*/ RPMTAG_FIRSTFREE_TAG /*!< internal */ /*@=enummemuse@*/ diff --git a/po/POTFILES.in b/po/POTFILES.in index 4a6abf4a9..40e6b027b 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -45,6 +45,7 @@ lib/rpmlead.c lib/rpmlibprov.c lib/rpmps.c lib/rpmrc.c +lib/rpmsx.c lib/rpmte.c lib/rpmts.c lib/rpmvercmp.c diff --git a/rpmdb/rpmdb.c b/rpmdb/rpmdb.c index e0f5e4a67..3532be9ee 100644 --- a/rpmdb/rpmdb.c +++ b/rpmdb/rpmdb.c @@ -619,9 +619,11 @@ dbiIndexSet dbiFreeIndexSet(dbiIndexSet set) { typedef struct miRE_s { rpmTag tag; /*!< header tag */ rpmMireMode mode; /*!< pattern match mode */ -/*@only@*/ const char * pattern; /*!< pattern string */ +/*@only@*/ + const char * pattern; /*!< pattern string */ int notmatch; /*!< like "grep -v" */ -/*@only@*/ regex_t * preg; /*!< regex compiled pattern buffer */ +/*@only@*/ + regex_t * preg; /*!< regex compiled pattern buffer */ int cflags; /*!< regcomp(3) flags */ int eflags; /*!< regexec(3) flags */ int fnflags; /*!< fnmatch(3) flags */ diff --git a/rpmpopt.in b/rpmpopt.in index edbaa9acd..287ee8d66 100644 --- a/rpmpopt.in +++ b/rpmpopt.in @@ -92,6 +92,15 @@ rpm alias --fileclass --qf '[%{FILENAMES}\t%{FILECLASS}\n]' \ rpm alias --filecolor --qf '[%{FILENAMES}\t%{FILECOLORS}\n]' \ --POPTdesc=$"list file names with colors" +rpm alias --filecontext --qf '[%{FILENAMES}\t%{FILECONTEXTS}\n]' \ + --POPTdesc=$"list file names with security context from header" + +rpm alias --fscontext --qf '[%{FILENAMES}\t%{FSCONTEXTS}\n]' \ + --POPTdesc=$"list file names with security context from file system" + +rpm alias --recontext --qf '[%{FILENAMES}\t%{RECONTEXTS}\n]' \ + --POPTdesc=$"list file names with security context from policy RE" + rpm alias --fileprovide --qf '[%{FILENAMES}\t%{FILEPROVIDE}\n]' \ --POPTdesc=$"list file names with provides" @@ -360,6 +369,15 @@ rpmq alias --fileclass --qf '[%{FILENAMES}\t%{FILECLASS}\n]' \ rpmq alias --filecolor --qf '[%{FILENAMES}\t%{FILECOLORS}\n]' \ --POPTdesc=$"list file names with colors" +rpmq alias --filecontext --qf '[%{FILENAMES}\t%{FILECONTEXTS}\n]' \ + --POPTdesc=$"list file names with security context" + +rpmq alias --fscontext --qf '[%{FILENAMES}\t%{FSCONTEXTS}\n]' \ + --POPTdesc=$"list file names with security context from file system" + +rpmq alias --recontext --qf '[%{FILENAMES}\t%{RECONTEXTS}\n]' \ + --POPTdesc=$"list file names with security context from policy RE" + rpmq alias --fileprovide --qf '[%{FILENAMES}\t%{FILEPROVIDE}\n]' \ --POPTdesc=$"list file names with provides" @@ -445,6 +463,15 @@ rpmquery alias --fileclass --qf '[%{FILENAMES}\t%{FILECLASS}\n]' \ rpmquery alias --filecolor --qf '[%{FILENAMES}\t%{FILECOLORS}\n]' \ --POPTdesc=$"list file names with colors" +rpmquery alias --filecontext --qf '[%{FILENAMES}\t%{FILECONTEXTS}\n]' \ + --POPTdesc=$"list file names with security context" + +rpmquery alias --fscontext --qf '[%{FILENAMES}\t%{FSCONTEXTS}\n]' \ + --POPTdesc=$"list file names with security context from file system" + +rpmquery alias --recontext --qf '[%{FILENAMES}\t%{RECONTEXTS}\n]' \ + --POPTdesc=$"list file names with security context from policy RE" + rpmquery alias --fileprovide --qf '[%{FILENAMES}\t%{FILEPROVIDE}\n]' \ --POPTdesc=$"list file names with provides" |