diff -urp coreutils-6.10-orig/configure.ac coreutils-6.10/configure.ac

--- coreutils-6.10-orig/configure.ac	2008-01-25 12:32:33.000000000 +0100

+++ coreutils-6.10/configure.ac	2008-01-25 14:10:34.000000000 +0100

@@ -51,6 +51,13 @@ AC_ARG_ENABLE(pam, dnl

 LIB_PAM="-ldl -lpam -lpam_misc"

 AC_SUBST(LIB_PAM)])

+dnl Give the chance to enable SELINUX

+AC_ARG_ENABLE(selinux, dnl

+[  --enable-selinux              Enable use of the SELINUX libraries],

+[AC_DEFINE(WITH_SELINUX, 1, [Define if you want to use SELINUX])

+LIB_SELINUX="-lselinux"

+AC_SUBST(LIB_SELINUX)])

+

 AC_FUNC_FORK

 optional_bin_progs=

diff -urNp coreutils-6.12-orig/man/chcon.x coreutils-6.12/man/chcon.x

--- coreutils-6.12-orig/man/chcon.x	2008-03-07 17:05:53.000000000 +0100

+++ coreutils-6.12/man/chcon.x	2008-10-21 15:53:43.000000000 +0200

@@ -1,4 +1,4 @@

 [NAME]

-chcon \- change file security context

+chcon \- change file SELinux security context

 [DESCRIPTION]

 .\" Add any additional description here

diff -urNp coreutils-6.12-orig/man/runcon.x coreutils-6.12/man/runcon.x

--- coreutils-6.12-orig/man/runcon.x	2008-03-07 17:05:53.000000000 +0100

+++ coreutils-6.12/man/runcon.x	2008-10-21 15:54:01.000000000 +0200

@@ -1,5 +1,5 @@

 [NAME]

-runcon \- run command with specified security context

+runcon \- run command with specified SELinux security context

 [DESCRIPTION]

 Run COMMAND with completely-specified CONTEXT, or with current or

 transitioned security context modified by one or more of LEVEL,

diff -urNp coreutils-6.12-orig/src/chcon.c coreutils-6.12/src/chcon.c

--- coreutils-6.12-orig/src/chcon.c	2008-05-26 08:40:32.000000000 +0200

+++ coreutils-6.12/src/chcon.c	2008-06-16 14:43:24.000000000 +0200

@@ -302,9 +302,11 @@ process_file (FTS *fts, FTSENT *ent)

   if (ok)

     {

-      if (verbose)

-	printf (_("changing security context of %s"),

+      if (verbose) {

+	printf (_("changing security context of %s"),

 		quote (file_full_name));

+	putchar ('\n');

+     }

       if (change_file_context (fts->fts_cwd_fd, file) != 0)

 	ok = false;

@@ -352,7 +352,7 @@ Usage: %s [OPTION]... CONTEXT FILE...\n\

 "),

 	program_name, program_name, program_name);

       fputs (_("\

-Change the security context of each FILE to CONTEXT.\n\

+Change the SELinux security context of each FILE to CONTEXT.\n\

 With --reference, change the security context of each FILE to that of RFILE.\n\

 \n\

   -c, --changes          like verbose but report only when a change is made\n\

diff -urp coreutils-6.10-orig/src/copy.c coreutils-6.10/src/copy.c

--- coreutils-6.10-orig/src/copy.c	2008-01-05 23:59:11.000000000 +0100

+++ coreutils-6.10/src/copy.c	2008-01-25 17:23:17.000000000 +0100

@@ -371,9 +371,10 @@ copy_reg (char const *src_name, char con

 	  security_context_t con = NULL;

 	  if (getfscreatecon (&con) < 0)

 	    {

-	      error (0, errno, _("failed to get file system create context"));

+        //do not show error when we not require security context (-a option)

 	      if (x->require_preserve_context)

 		{

+      error (0, errno, _("failed to get file system create context"));

 		  return_val = false;

 		  goto close_src_and_dst_desc;

 		}

@@ -383,11 +384,12 @@ copy_reg (char const *src_name, char con

 	    {

 	      if (fsetfilecon (dest_desc, con) < 0)

 		{

-		  error (0, errno,

-			 _("failed to set the security context of %s to %s"),

-			 quote_n (0, dst_name), quote_n (1, con));

+      //do not show error when we not require security context (-a option)

 		  if (x->require_preserve_context)

 		    {

+          error (0, errno,

+		    	 _("failed to set the security context of %s to %s"),

+    			 quote_n (0, dst_name), quote_n (1, con));

 		      return_val = false;

 		      freecon (con);

 		      goto close_src_and_dst_desc;

@@ -1630,11 +1632,12 @@ copy_internal (char const *src_name, cha

 	{

 	  if (setfscreatecon (con) < 0)

 	    {

-	      error (0, errno,

-		     _("failed to set default file creation context to %s"),

-		     quote (con));

+        //do not show error when we not require security context (-a option)

 	      if (x->require_preserve_context)

 		{

+      error (0, errno,

+		     _("failed to set default file creation context to %s"),

+		     quote (con));

 		  freecon (con);

 		  return false;

 		}

@@ -1644,12 +1647,14 @@ copy_internal (char const *src_name, cha

       else

 	{

 	  if (errno != ENOTSUP && errno != ENODATA)

-	    {

-	      error (0, errno,

-		     _("failed to get security context of %s"),

-		     quote (src_name));

-	      if (x->require_preserve_context)

-		return false;

+	    { 

+        //do not show error when we not require security context (-a option)

+	      if (x->require_preserve_context) {

+           error (0, errno,

+    		   _("failed to get security context of %s"),

+		       quote (src_name));

+           return false;

+        }

 	    }

 	}

     }

@@ -1735,6 +1740,8 @@ copy_internal (char const *src_name, cha

 	{

 	  /* Here, we are crossing a file system boundary and cp's -x option

 	     is in effect: so don't copy the contents of this directory. */

+        if (x->preserve_security_context)

+      	    restore_default_fscreatecon_or_die ();

 	}

       else

 	{

diff -urp coreutils-6.10-orig/src/copy.h coreutils-6.10/src/copy.h

--- coreutils-6.10-orig/src/copy.h	2008-01-05 23:58:25.000000000 +0100

+++ coreutils-6.10/src/copy.h	2008-01-25 16:29:21.000000000 +0100

@@ -141,6 +141,9 @@ struct cp_options

   bool preserve_mode;

   bool preserve_timestamps;

+  /* If true, attempt to set specified security context */

+  bool set_security_context;

+

   /* Enabled for mv, and for cp by the --preserve=links option.

      If true, attempt to preserve in the destination files any

      logical hard links between the source files.  If used with cp's

diff -urp coreutils-6.10-orig/src/cp.c coreutils-6.10/src/cp.c

--- coreutils-6.10-orig/src/cp.c	2008-01-11 12:19:53.000000000 +0100

+++ coreutils-6.10/src/cp.c	2008-01-25 16:26:22.000000000 +0100

@@ -147,6 +147,7 @@ static struct option const long_opts[] =

   {"target-directory", required_argument, NULL, 't'},

   {"update", no_argument, NULL, 'u'},

   {"verbose", no_argument, NULL, 'v'},

+  {"context", required_argument, NULL, 'Z'},

   {GETOPT_HELP_OPTION_DECL},

   {GETOPT_VERSION_OPTION_DECL},

   {NULL, 0, NULL, 0}

@@ -175,7 +175,7 @@ Copy SOURCE to DEST, or multiple SOURCE(

 Mandatory arguments to long options are mandatory for short options too.\n\

 "), stdout);

       fputs (_("\

-  -a, --archive                same as -dpR\n\

+  -a, --archive                same as -cdpR\n\

       --backup[=CONTROL]       make a backup of each existing destination file\n\

   -b                           like --backup but does not accept an argument\n\

       --copy-contents          copy contents of special files when recursive\n\

@@ -200,6 +201,9 @@ Mandatory arguments to long options are 

                                  additional attributes: context, links, all\n\

 "), stdout);

       fputs (_("\

+  -c                           same as --preserve=context\n\

+"), stdout);

+      fputs (_("\

       --no-preserve=ATTR_LIST  don't preserve the specified attributes\n\

       --parents                use full source file name under DIRECTORY\n\

 "), stdout);

@@ -225,6 +229,7 @@ Mandatory arguments to long options are 

                                  destination file is missing\n\

   -v, --verbose                explain what is being done\n\

   -x, --one-file-system        stay on this file system\n\

+  -Z, --context=CONTEXT        set security context of copy to CONTEXT\n\

 "), stdout);

       fputs (HELP_OPTION_DESCRIPTION, stdout);

       fputs (VERSION_OPTION_DESCRIPTION, stdout);

@@ -774,6 +779,7 @@ cp_option_init (struct cp_options *x)

   x->preserve_timestamps = false;

   x->preserve_security_context = false;

   x->require_preserve_context = false;

+  x->set_security_context = false;

   x->require_preserve = false;

   x->recursive = false;

@@ -909,7 +917,7 @@ main (int argc, char **argv)

      we'll actually use backup_suffix_string.  */

   backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");

-  while ((c = getopt_long (argc, argv, "abdfHilLprst:uvxPRS:T",

+  while ((c = getopt_long (argc, argv, "abcdfHilLprst:uvxPRS:TZ:",

 			   long_opts, NULL))

 	 != -1)

     {

@@ -920,13 +928,15 @@ main (int argc, char **argv)

 				     sparse_type_string, sparse_type);

 	  break;

-	case 'a':		/* Like -dpPR. */

+	case 'a':		/* Like -dpPRc. */

 	  x.dereference = DEREF_NEVER;

 	  x.preserve_links = true;

 	  x.preserve_ownership = true;

 	  x.preserve_mode = true;

 	  x.preserve_timestamps = true;

-	  x.require_preserve = true;

+    x.require_preserve = true;

+    if (selinux_enabled)

+	     x.preserve_security_context = true;

 	  x.recursive = true;

 	  break;

@@ -940,6 +950,16 @@ main (int argc, char **argv)

 	  copy_contents = true;

 	  break;

+  case 'c':

+	  if ( x.set_security_context ) { 

+	      (void) fprintf(stderr, "%s: cannot force target context and preserve it\n", argv[0]);

+	    exit( 1 );

+	  }

+	  else if (selinux_enabled) {

+	    x.preserve_security_context = true;

+      x.require_preserve_context = true;

+    }

+	  break;

 	case 'd':

 	  x.preserve_links = true;

 	  x.dereference = DEREF_NEVER;

@@ -1052,6 +1072,27 @@ main (int argc, char **argv)

 	  x.one_file_system = true;

 	  break;

+

+  case 'Z':

+	  /* politely decline if we're not on a selinux-enabled kernel. */

+	  if( !selinux_enabled ) {

+	    fprintf( stderr, "Warning:  ignoring --context (-Z). "

+		             "It requires a SELinux enabled kernel.\n" );

+	    break;

+	  }

+	  if ( x.preserve_security_context ) {

+	    (void) fprintf(stderr, "%s: cannot force target context to '%s' and preserve it\n", argv[0], optarg);

+	    exit( 1 );

+	  }

+	  x.set_security_context = true;

+	  /* if there's a security_context given set new path 

+	     components to that context, too */

+	  if ( setfscreatecon(optarg) < 0 ) {

+	    (void) fprintf(stderr, _("cannot set default security context %s\n"), optarg);

+	    exit( 1 );

+	  }

+	  break;

+

 	case 'S':

 	  make_backups = true;

 	  backup_suffix_string = optarg;

diff -urp coreutils-6.10-orig/src/id.c coreutils-6.10/src/id.c

--- coreutils-6.10-orig/src/id.c	2008-01-05 23:59:11.000000000 +0100

+++ coreutils-6.10/src/id.c	2008-01-25 17:13:53.000000000 +0100

@@ -110,7 +110,7 @@ int

 main (int argc, char **argv)

 {

   int optc;

-  int selinux_enabled = (is_selinux_enabled () > 0);

+  bool selinux_enabled = (is_selinux_enabled () > 0);

   /* If true, output the list of all group IDs. -G */

   bool just_group_list = false;

diff -urp coreutils-6.10-orig/src/install.c coreutils-6.10/src/install.c

--- coreutils-6.10-orig/src/install.c	2008-01-05 23:59:11.000000000 +0100

+++ coreutils-6.10/src/install.c	2008-01-25 17:32:42.000000000 +0100

@@ -146,11 +146,11 @@ static struct option const long_options[

   {"no-target-directory", no_argument, NULL, 'T'},

   {"owner", required_argument, NULL, 'o'},

   {"preserve-timestamps", no_argument, NULL, 'p'},

-  {"preserve-context", no_argument, NULL, PRESERVE_CONTEXT_OPTION},

+  {"preserve-context", no_argument, NULL, 'P'},

   /* Continue silent support for --preserve_context until Jan 2008. FIXME-obs

      After that, FIXME-obs: warn in, say, late 2008, and disable altogether

      a year or two later.  */

-  {"preserve_context", no_argument, NULL, PRESERVE_CONTEXT_OPTION},

+  {"preserve_context", no_argument, NULL, 'P'},

   {"strip", no_argument, NULL, 's'},

   {"suffix", required_argument, NULL, 'S'},

   {"target-directory", required_argument, NULL, 't'},

@@ -178,6 +178,7 @@ cp_option_init (struct cp_options *x)

   x->preserve_timestamps = false;

   x->require_preserve = false;

   x->require_preserve_context = false;

+  x->set_security_context = false;

   x->recursive = false;

   x->sparse_mode = SPARSE_AUTO;

   x->symbolic_link = false;

@@ -346,7 +338,7 @@ main (int argc, char **argv)

      we'll actually use backup_suffix_string.  */

   backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");

-  while ((optc = getopt_long (argc, argv, "bcsDdg:m:o:pt:TvS:Z:", long_options,

+  while ((optc = getopt_long (argc, argv, "bcsDdg:m:o:pPt:TvS:Z:", long_options,

 			      NULL)) != -1)

     {

       switch (optc)

@@ -408,6 +409,7 @@ main (int argc, char **argv)

 	  no_target_directory = true;

 	  break;

+  case 'P':

 	case PRESERVE_CONTEXT_OPTION:

 	  if ( ! selinux_enabled)

 	    {

@@ -415,6 +417,10 @@ main (int argc, char **argv)

 			     "this kernel is not SELinux-enabled."));

 	      break;

 	    }

+    if ( x.set_security_context ) {

+		  (void) fprintf(stderr, "%s: cannot force target context and preserve it\n", argv[0]);

+ 	    exit( 1 );

+ 	  }

 	  x.preserve_security_context = true;

 	  use_default_selinux_context = false;

 	  break;

@@ -432,6 +432,7 @@ main (int argc, char **argv)

 	      break;

 	    }

 	  scontext = optarg;

+	  x.set_security_context = true;

 	  use_default_selinux_context = false;

 	  break;

 	case_GETOPT_HELP_CHAR;

@@ -825,8 +831,8 @@ Mandatory arguments to long options are 

   -v, --verbose       print the name of each directory as it is created\n\

 "), stdout);

       fputs (_("\

-      --preserve-context  preserve SELinux security context\n\

-  -Z, --context=CONTEXT  set SELinux security context of files and directories\n\

+  -P, --preserve-context (SELinux) preserve security context\n\

+  -Z, --context=CONTEXT  (SELinux) set security context of files and directories\n\

 "), stdout);

       fputs (HELP_OPTION_DESCRIPTION, stdout);

diff -urp coreutils-6.10-orig/src/ls.c coreutils-6.10/src/ls.c

--- coreutils-6.10-orig/src/ls.c	2008-01-11 11:34:22.000000000 +0100

+++ coreutils-6.10/src/ls.c	2008-01-25 15:34:49.000000000 +0100

@@ -134,7 +134,8 @@ enum filetype

     symbolic_link,

     sock,

     whiteout,

-    arg_directory

+    arg_directory,

+    command_line

   };

 /* Display letters and indicators for each filetype.

@@ -177,8 +178,9 @@ struct fileinfo

        exists, otherwise false.  */

     bool linkok;

-    /* For long listings, true if the file has an access control list,

-       or an SELinux security context.  */

+    /* For long listings, true if the file has an access control list.

+       Unlike with upstream not true for SELinux scontext(#430779) as

+       this removes possibility to detect ACL via ls */

     bool have_acl;

   };

@@ -241,6 +242,7 @@ static void queue_directory (char const 

 static void sort_files (void);

 static void parse_ls_color (void);

 void usage (int status);

+static void print_scontext_format (const struct fileinfo *f);

 /* The name this program was run with.  */

 char *program_name;

@@ -314,7 +316,7 @@ static struct pending *pending_dirs;

 static struct timespec current_time;

-static bool print_scontext;

+static int print_scontext = 0;

 static char UNKNOWN_SECURITY_CONTEXT[] = "?";

 /* Whether any of the files has an ACL.  This affects the width of the

@@ -354,7 +356,9 @@ enum format

     one_per_line,		/* -1 */

     many_per_line,		/* -C */

     horizontal,			/* -x */

-    with_commas			/* -m */

+    with_commas,			/* -m */

+    security_format, /* -Z */

+    invalid_format

   };

 static enum format format;

@@ -731,6 +735,9 @@ enum

   SHOW_CONTROL_CHARS_OPTION,

   SI_OPTION,

   SORT_OPTION,

+  CONTEXT_OPTION,

+  LCONTEXT_OPTION,

+  SCONTEXT_OPTION,

   TIME_OPTION,

   TIME_STYLE_OPTION

 };

@@ -776,7 +783,9 @@ static struct option const long_options[

   {"time-style", required_argument, NULL, TIME_STYLE_OPTION},

   {"color", optional_argument, NULL, COLOR_OPTION},

   {"block-size", required_argument, NULL, BLOCK_SIZE_OPTION},

-  {"context", no_argument, 0, 'Z'},

+  {"context", no_argument, 0, CONTEXT_OPTION},

+  {"lcontext", no_argument, 0, LCONTEXT_OPTION},

+  {"scontext", no_argument, 0, SCONTEXT_OPTION},

   {"author", no_argument, NULL, AUTHOR_OPTION},

   {GETOPT_HELP_OPTION_DECL},

   {GETOPT_VERSION_OPTION_DECL},

@@ -786,12 +795,12 @@ static struct option const long_options[

 static char const *const format_args[] =

 {

   "verbose", "long", "commas", "horizontal", "across",

-  "vertical", "single-column", NULL

+  "vertical", "single-column", "context", NULL

 };

 static enum format const format_types[] =

 {

   long_format, long_format, with_commas, horizontal, horizontal,

-  many_per_line, one_per_line

+  many_per_line, one_per_line, security_format

 };

 ARGMATCH_VERIFY (format_args, format_types);

@@ -1236,7 +1245,7 @@ main (int argc, char **argv)

   format_needs_stat = sort_type == sort_time || sort_type == sort_size

     || format == long_format

-    || print_scontext

+    || format == security_format || print_scontext

     || print_block_size;

   format_needs_type = (! format_needs_stat

 		       && (recursive

@@ -1267,7 +1276,7 @@ main (int argc, char **argv)

     }

   else

     do

-      gobble_file (argv[i++], unknown, NOT_AN_INODE_NUMBER, true, "");

+      gobble_file (argv[i++], command_line, NOT_AN_INODE_NUMBER, true, "");

     while (i < argc);

   if (cwd_n_used)

@@ -1429,7 +1438,7 @@ decode_switches (int argc, char **argv)

   ignore_mode = IGNORE_DEFAULT;

   ignore_patterns = NULL;

   hide_patterns = NULL;

-  print_scontext = false;

+  print_scontext = 0;

   /* FIXME: put this in a function.  */

   {

@@ -1811,13 +1820,27 @@ decode_switches (int argc, char **argv)

 	  break;

 	case 'Z':

-	  print_scontext = true;

+	  print_scontext = 1;

+    format = security_format;

 	  break;

 	case_GETOPT_HELP_CHAR;

 	case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);

+  case CONTEXT_OPTION: /* default security context format */

+		print_scontext = 1;

+		format = security_format;

+		break;

+	case LCONTEXT_OPTION: /* long format plus security context */

+		print_scontext = 1;

+		format = long_format;

+		break;

+	case SCONTEXT_OPTION: /* short form of new security format */

+		print_scontext = 0;

+		format = security_format;

+		break;

+

 	default:

 	  usage (LS_FAILURE);

 	}

@@ -2517,8 +2540,10 @@ clear_files (void)

       struct fileinfo *f = sorted_file[i];

       free (f->name);

       free (f->linkname);

-      if (f->scontext != UNKNOWN_SECURITY_CONTEXT)

-	freecon (f->scontext);

+      if (f->scontext != UNKNOWN_SECURITY_CONTEXT) {

+       	freecon (f->scontext);

+        f->scontext = NULL;

+      }

     }

   cwd_n_used = 0;

@@ -2560,6 +2585,7 @@ gobble_file (char const *name, enum file

   memset (f, '\0', sizeof *f);

   f->stat.st_ino = inode;

   f->filetype = type;

+  f->scontext = NULL;

   if (command_line_arg

       || format_needs_stat

@@ -2659,7 +2685,7 @@ gobble_file (char const *name, enum file

       f->stat_ok = true;

-      if (format == long_format || print_scontext)

+      if (format == long_format || format == security_format || print_scontext)

 	{

 	  bool have_acl = false;

 	  int attr_len = (do_deref

@@ -2667,9 +2694,7 @@ gobble_file (char const *name, enum file

 	      f->scontext = xstrdup ("unlabeled");

 	    }

-	  if (err == 0)

-	    have_acl = ! STREQ ("unlabeled", f->scontext);

-	  else

+	  if (err != 0)

 	    {

 	      f->scontext = UNKNOWN_SECURITY_CONTEXT;

@@ -2681,7 +2706,7 @@ gobble_file (char const *name, enum file

 		err = 0;

 	    }

-	  if (err == 0 && ! have_acl && format == long_format)

+	  if (err == 0 && format == long_format)

 	    {

 	      int n = file_has_acl (absolute_name, &f->stat);

 	      err = (n < 0);

@@ -3255,6 +3281,13 @@ print_current_files (void)

 	  print_long_format (sorted_file[i]);

 	  DIRED_PUTCHAR ('\n');

 	}

+     break;

+    case security_format:

+      for (i = 0; i < cwd_n_used; i++)

+      {

+        print_scontext_format (sorted_file[i]);

+        DIRED_PUTCHAR ('\n');

+      }

       break;

     }

 }

@@ -3481,7 +3514,7 @@ print_long_format (const struct fileinfo

 	 The latter is wrong when inode_number_width is zero.  */

       p += strlen (p);

     }

-

+  

   if (print_block_size)

     {

       char hbuf[LONGEST_HUMAN_READABLE + 1];

@@ -3510,9 +3543,15 @@ print_long_format (const struct fileinfo

      The latter is wrong when nlink_width is zero.  */

   p += strlen (p);

+  if (print_scontext)

+    {

+      sprintf (p, "%-32s ", f->scontext ? f->scontext : "");

+      p += strlen (p);

+    }

+

   DIRED_INDENT ();

-  if (print_owner | print_group | print_author | print_scontext)

+  if (print_owner | print_group | print_author)

     {

       DIRED_FPUTS (buf, stdout, p - buf);

@@ -3525,9 +3564,6 @@ print_long_format (const struct fileinfo

       if (print_author)

 	format_user (f->stat.st_author, author_width, f->stat_ok);

-      if (print_scontext)

-	format_user_or_group (f->scontext, 0, scontext_width);

-

       p = buf;

     }

@@ -3864,9 +3900,6 @@ print_file_name_and_frills (const struct

 	    human_readable (ST_NBLOCKS (f->stat), buf, human_output_opts,

 			    ST_NBLOCKSIZE, output_block_size));

-  if (print_scontext)

-    printf ("%*s ", format == with_commas ? 0 : scontext_width, f->scontext);

-

   print_name_with_quoting (f->name, FILE_OR_LINK_MODE (f), f->linkok,

 			   f->stat_ok, f->filetype, NULL);

@@ -4030,9 +4063,6 @@ length_of_file_name_and_frills (const st

 					  output_block_size))

 		: block_size_width);

-  if (print_scontext)

-    len += 1 + (format == with_commas ? strlen (f->scontext) : scontext_width);

-

   quote_name (NULL, f->name, filename_quoting_options, &name_width);

   len += name_width;

@@ -4461,9 +4491,16 @@ Mandatory arguments to long options are 

   -w, --width=COLS           assume screen width instead of current value\n\

   -x                         list entries by lines instead of by columns\n\

   -X                         sort alphabetically by entry extension\n\

-  -Z, --context              print any SELinux security context of each file\n\

   -1                         list one file per line\n\

 "), stdout);

+      fputs(_("\nSELinux options:\n\n\

+  --lcontext                 Display security context.   Enable -l. Lines\n\

+                             will probably be too wide for most displays.\n\

+  -Z, --context              Display security context so it fits on most\n\

+                             displays.  Displays only mode, user, group,\n\

+                             security context and file name.\n\

+  --scontext                 Display only security context and file name.\n\

+"), stdout);

       fputs (HELP_OPTION_DESCRIPTION, stdout);

       fputs (VERSION_OPTION_DESCRIPTION, stdout);

       fputs (_("\n\

@@ -4487,3 +4524,67 @@ Exit status is 0 if OK, 1 if minor probl

     }

   exit (status);

 }

+

+static void

+print_scontext_format (const struct fileinfo *f)

+{

+  char modebuf[12];

+

+  /* 7 fields that may require LONGEST_HUMAN_READABLE bytes,

+     1 10-byte mode string,

+     9 spaces, one following each of these fields, and

+     1 trailing NUL byte.  */

+

+  char init_bigbuf[7 * LONGEST_HUMAN_READABLE + 10  + 9 + 1];

+  char *buf = init_bigbuf;

+  size_t bufsize = sizeof (init_bigbuf);

+  size_t s;

+  char *p;

+  const char *fmt;

+  char *user_name;

+  char *group_name;

+  int rv;

+  char *scontext;

+

+  p = buf;

+

+  if ( print_scontext ) { /* zero means terse listing */

+    filemodestring (&f->stat, modebuf);

+    modebuf[10] = (f->have_acl ? '+' : ' ');

+    modebuf[11] = '\0';

+

+    /* print mode */

+

+    (void) sprintf (p, "%s ", modebuf);

+    p += strlen (p);

+

+    /* print standard user and group */

+

+    DIRED_FPUTS (buf, stdout, p - buf);

+    format_user (f->stat.st_uid, owner_width, f->stat_ok);

+    format_group (f->stat.st_gid, group_width, f->stat_ok);

+    p = buf;

+  }

+

+  (void) sprintf (p, "%-32s ", f->scontext ?: "");

+  p += strlen (p);

+ 

+  DIRED_INDENT ();

+  DIRED_FPUTS (buf, stdout, p - buf);

+  print_name_with_quoting (f->name, f->stat.st_mode, f->linkok,

+			   f->stat_ok, f->filetype, &dired_obstack);

+ 

+  if (f->filetype == symbolic_link) {

+      if (f->linkname) {

+	  DIRED_FPUTS_LITERAL (" -> ", stdout);

+	  print_name_with_quoting (f->linkname, f->linkmode, f->linkok - 1,

+				   f->stat_ok, f->filetype, NULL);

+	  if (indicator_style != none)

+	    print_type_indicator (f->stat_ok, f->linkmode, f->filetype);

+      }

+  }

+  else {

+    if (indicator_style != none)

+      print_type_indicator (f->stat_ok, f->stat.st_mode, f->filetype);

+  }

+}

diff -urp coreutils-6.10-orig/src/mkdir.c coreutils-6.10/src/mkdir.c

--- coreutils-6.10-orig/src/mkdir.c	2008-01-05 23:58:25.000000000 +0100

+++ coreutils-6.10/src/mkdir.c	2008-01-25 16:35:14.000000000 +0100

@@ -41,6 +41,7 @@ char *program_name;

 static struct option const longopts[] =

 {

   {GETOPT_SELINUX_CONTEXT_OPTION_DECL},

+  {"context", required_argument, NULL, 'Z'},

   {"mode", required_argument, NULL, 'm'},

   {"parents", no_argument, NULL, 'p'},

   {"verbose", no_argument, NULL, 'v'},