From a49ca6b95bc5324a3d0610c7c353172efb35545d Mon Sep 17 00:00:00 2001 From: Glenn Morris Date: Sat, 28 Jan 2012 18:49:57 -0800 Subject: [PATCH] Document SELinux support. * doc/lispref/files.texi (Changing Files): Document SELinux support. * etc/NEWS: Markup. --- doc/lispref/ChangeLog | 2 ++ doc/lispref/files.texi | 15 ++++++++++++++- etc/NEWS | 7 ++++++- 3 files changed, 22 insertions(+), 2 deletions(-) diff --git a/doc/lispref/ChangeLog b/doc/lispref/ChangeLog index d34e033b165..e34625e5b19 100644 --- a/doc/lispref/ChangeLog +++ b/doc/lispref/ChangeLog @@ -1,5 +1,7 @@ 2012-01-29 Glenn Morris + * files.texi (Changing Files): Document SELinux support. + * windows.texi (Window Sizes): Fix typo. 2012-01-28 Chong Yidong diff --git a/doc/lispref/files.texi b/doc/lispref/files.texi index 614bd827489..05eca6417fe 100644 --- a/doc/lispref/files.texi +++ b/doc/lispref/files.texi @@ -1480,7 +1480,7 @@ with @code{add-name-to-file} and then deleting @var{filename} has the same effect as renaming, aside from momentary intermediate states. @end deffn -@deffn Command copy-file oldname newname &optional ok-if-exists time preserve-uid-gid +@deffn Command copy-file oldname newname &optional ok-if-exists time preserve-uid-gid preserve-selinux This command copies the file @var{oldname} to @var{newname}. An error is signaled if @var{oldname} does not exist. If @var{newname} names a directory, it copies @var{oldname} into that directory, @@ -1501,6 +1501,19 @@ usually set to the user running Emacs). If @var{preserve-uid-gid} is non-@code{nil}, we attempt to copy the user and group ownership of the file. This works only on some operating systems, and only if you have the correct permissions to do so. + +@cindex SELinux +If the optional argument @var{preserve-selinux} is non-@code{nil}, we +attempt to copy the SELinux@footnote{@samp{Security-Enhanced Linux} +is a kernel feature that allows for finer access controls to be set on +files, and a system security policy to define who can access what. +The functions @code{file-selinux-context} and @code{set-file-selinux-context} +get and set, respectively, the SELinux properties of a file.} +context of the file. For this to work, Emacs must have been built +with libselinux support. + +Functions like @code{backup-buffer} use these optional arguments +to preserve information about their input files. @end deffn @deffn Command make-symbolic-link filename newname &optional ok-if-exists diff --git a/etc/NEWS b/etc/NEWS index bbe4ab19c4d..2d8740f690e 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -24,8 +24,10 @@ so we will look at it and add it to the manual. * Installation Changes in Emacs 24.1 +--- ** Configure links against libselinux if it is found. -You can disable this by using --without-selinux. +You can disable this by using --without-selinux. See below for +information on SELinux support. --- ** By default, the installed Info and man pages are compressed. @@ -263,14 +265,17 @@ Emacs.pane.menubar.font: Courier-12 Also, the first dash (which does not indicate anything) is just displayed as a space. ++++ ** Basic SELinux support has been added. This requires Emacs to be linked with libselinux at build time. ++++ *** Emacs preserves the SELinux file context when backing up, and optionally when copying files. To this end, copy-file has an extra optional argument, and backup-buffer and friends include the SELinux context in their return values. ++++ *** The new functions file-selinux-context and set-file-selinux-context get and set the SELinux context of a file. --- -- 2.39.2