Add option to show security attribute and improve extended support

[cgzones]

Add a command line option -Z/--context to show the security context of objects, similar to ls(1).

Show the actual extended attribute values on -@/--extended, instead of just their length.

In case of a symlink, show the extended attributes of the symlink itself, not the target.
This matches the behavior of ls(1) and is more intuitive.

TODO:

• test on macos (should compile)

In the future one might want to add support for SMACK security labels ("security.SMACK64").

Closes: #254 #613

[ariasuni]

The code looks good. How does it work in modes other than long? (grid, grid long, other?)

Also, if you rebase on master it should fix the failing CI check.

[ariasuni]

So here’s a superficial review of your code (at least for now), since I don’t know much about xattr or SELinux.

[ariasuni]

OK second review! I don’t have any knowledge of SELinux, do you have any resources about it so I could check that out and understand better what you’re doing in the code?

Also note to myself if you don’t know/want to do that: --context/-Z should be added to zsh and fish completion files.

[cgzones]

I don’t have any knowledge of SELinux, do you have any resources about it so I could check that out and understand better what you’re doing in the code?

SELinux is a Linux Security Module (like AppArmor) providing mandatory access control.
Every subject and object (process, file, network socket, ...) gets assigned a context, on which the decision whether a operation is allowed or not is based.
For file type objects this context is stored as an Extended security attribute with the name security.selinux (see man:xattr(7)).
An SELinux context consists of 3 or 4 parts (depending whether the SELinux policy enables MCS/MLS 1), which are separated by colons:

• a user part, like system_u
• a role part, like object_r
• a type part, like shadow_t
• and the optional level part, like s2:c1.c4
  See https://wiki.gentoo.org/wiki/SELinux/Quick_introduction#Context_based_approach

[jpds]

I decided to try this patch on one of my systems, there seems to be a special case for /dev and /sys that exa doesn't handle:

$ ls -lZ /
total 87
drwxr-xr-x.   2 root root system_u:object_r:bin_t        114 Jul 21 13:40 bin/
drwxr-xr-x.   4 root root system_u:object_r:boot_t        29 Jul 21 13:42 boot/
drwxr-xr-x.  18 root root system_u:object_r:device_t    4320 Jul 23 11:44 dev/
drwxr-xr-x.  63 root root system_u:object_r:etc_t        143 Jul 23 11:44 etc/
drwxr-xr-x.   3 root root system_u:object_r:home_root_t    4 Jun  7 01:35 home/
drwxr-xr-x.  12 root root system_u:object_r:lib_t         13 Jul 21 13:08 lib/
drwxr-xr-x.   6 root root system_u:object_r:lib_t        159 Jul 21 13:40 lib64/
drwxr-xr-x.   2 root root system_u:object_r:mnt_t          3 Jun  3 14:15 media/
drwxr-xr-x.   4 root root system_u:object_r:mnt_t          5 Jun 24 11:51 mnt/
drwxr-xr-x.   3 root root system_u:object_r:usr_t          4 Jun 19 00:17 opt/
dr-xr-xr-x. 476 root root system_u:object_r:proc_t         0 Jul 23 11:44 proc/
drwx------.   4 root root root:object_r:user_home_dir_t    8 Jul 21 22:37 root/
drwxr-xr-x.  19 root root system_u:object_r:var_run_t    680 Jul 23 11:44 run/
drwxr-xr-x.   2 root root system_u:object_r:bin_t        249 Jul 21 13:40 sbin/
dr-xr-xr-x.  13 root root system_u:object_r:sysfs_t        0 Jul 23 13:00 sys/
drwxrwxrwt.   6 root root system_u:object_r:tmp_t          6 Jul 23 11:46 tmp/
drwxr-xr-x.  12 root root system_u:object_r:usr_t         13 Jun  3 14:17 usr/
drwxr-xr-x.   9 root root system_u:object_r:var_t         11 Jun  3 14:15 var/

$ exa -lZ /
drwxr-xr-x - root system_u:object_r:bin_t       21 Jul 13:40 bin
drwxr-xr-x - root system_u:object_r:boot_t      21 Jul 13:42 boot
drwxr-xr-x - root ?                             23 Jul 11:44 dev
drwxr-xr-x - root system_u:object_r:etc_t       23 Jul 11:44 etc
drwxr-xr-x - root system_u:object_r:home_root_t  7 Jun 01:35 home
drwxr-xr-x - root system_u:object_r:lib_t       21 Jul 13:08 lib
drwxr-xr-x - root system_u:object_r:lib_t       21 Jul 13:40 lib64
drwxr-xr-x - root system_u:object_r:mnt_t        3 Jun 14:15 media
drwxr-xr-x - root system_u:object_r:mnt_t       24 Jun 11:51 mnt
drwxr-xr-x - root system_u:object_r:usr_t       19 Jun 00:17 opt
dr-xr-xr-x - root system_u:object_r:proc_t      23 Jul 11:44 proc
drwx------ - root root:object_r:user_home_dir_t 21 Jul 22:37 root
drwxr-xr-x - root system_u:object_r:var_run_t   23 Jul 11:44 run
drwxr-xr-x - root system_u:object_r:bin_t       21 Jul 13:40 sbin
dr-xr-xr-x - root ?                             23 Jul 13:00 sys
drwxrwxrwt - root system_u:object_r:tmp_t       23 Jul 11:46 tmp
drwxr-xr-x - root system_u:object_r:usr_t        3 Jun 14:17 usr
drwxr-xr-x - root system_u:object_r:var_t        3 Jun 14:15 var

$ ls -lZ /sys/
total 0
drwxr-xr-x.   2 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 block/
drwxr-xr-x.  44 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 bus/
drwxr-xr-x.  73 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 class/
drwxr-xr-x.   4 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 dev/
drwxr-xr-x.  21 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 devices/
drwxr-xr-x.   6 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 firmware/
drwxr-xr-x.   9 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 fs/
drwxr-xr-x.   2 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 hypervisor/
drwxr-xr-x.  14 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 kernel/
drwxr-xr-x. 226 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 module/
drwxr-xr-x.   3 root root system_u:object_r:sysfs_t 0 Jul 23 13:04 power/

$ exa -lZ /sys/
drwxr-xr-x - root ? 23 Jul 13:04 block
drwxr-xr-x - root ? 23 Jul 13:04 bus
drwxr-xr-x - root ? 23 Jul 13:04 class
drwxr-xr-x - root ? 23 Jul 13:04 dev
drwxr-xr-x - root ? 23 Jul 13:04 devices
drwxr-xr-x - root ? 23 Jul 13:04 firmware
drwxr-xr-x - root ? 23 Jul 13:04 fs
drwxr-xr-x - root ? 23 Jul 13:04 hypervisor
drwxr-xr-x - root ? 23 Jul 13:04 kernel
drwxr-xr-x - root ? 23 Jul 13:04 module
drwxr-xr-x - root ? 23 Jul 13:04 power

[jpds]

I can confirm that b4504f9 is working fantastically on my SELinux enabled systems.

[ariasuni]

Did you take a look at the unit tests error? Sorry for the long time between reviews, I just don’t have much time these days.

[linusg]

@ariasuni @cgzones Hi, what's the state of this PR? Would love to see this merged.

[ariasuni]

Last review for me, afterward I’d like to merge this, but the Vagrant tests aren’t up-to-date.

Do you think you could either add this to this PR, or do a PR later to add them? Right now, there are tests checking the output of exa with xattrs in xtests/attributes.toml and xtests/details-view-permissions.toml.

It’s fine if you can’t, but I honestly would prefer not to merge anything that breaks existing tests (in the future, these tests will be part of the CI).

[ariasuni]

I’m not quite sure why we need to do that? We didn’t need to do that before for xattrs.

[cgzones]

Cause currently the extended attributes are retrieved from the filesystem at the point when the output is generated (potentially even in another process), now the attributes are used in more places, e.g. whether to show the extended attribute hint (@), so the extended attributes are gathered at scan time, e.g. strace(1) output:

old:

statx(AT_FDCWD, "/datadrive/", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=STATX_ATTR_MOUNT_ROOT, stx_mode=S_IFDIR|0755, stx_size=4096, ...}) = 0
openat(AT_FDCWD, "/datadrive/", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x56db6bc84130 /* 5 entries */, 32768) = 136
getdents64(3, 0x56db6bc84130 /* 0 entries */, 32768) = 0
close(3)                                = 0
statx(AT_FDCWD, "/datadrive/vm", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0755, stx_size=4096, ...}) = 0
statx(AT_FDCWD, "/datadrive/lost+found", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0700, stx_size=16384, ...}) = 0
statx(AT_FDCWD, "/datadrive/christian", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0755, stx_size=4096, ...}) = 0

[later in separate process]

listxattr("/datadrive/lost+found", NULL, 0) = 17
listxattr("/datadrive/lost+found", "security.selinux\0", 17) = 17
getxattr("/datadrive/lost+found", "security.selinux", NULL, 0) = 27

new:

statx(AT_FDCWD, "/datadrive/", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=STATX_ATTR_MOUNT_ROOT, stx_mode=S_IFDIR|0755, stx_size=4096, ...}) = 0
llistxattr("/datadrive/", NULL, 0)      = 17
llistxattr("/datadrive/", "security.selinux\0", 17) = 17
lgetxattr("/datadrive/", "security.selinux", NULL, 0) = 27
lgetxattr("/datadrive/", "security.selinux", "system_u:object_r:var_t:s0", 27) = 27
openat(AT_FDCWD, "/datadrive/", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x598099e93220 /* 5 entries */, 32768) = 136
getdents64(3, 0x598099e93220 /* 0 entries */, 32768) = 0
close(3)                                = 0
statx(AT_FDCWD, "/datadrive/vm", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0755, stx_size=4096, ...}) = 0
llistxattr("/datadrive/vm", NULL, 0)    = 17
llistxattr("/datadrive/vm", "security.selinux\0", 17) = 17
lgetxattr("/datadrive/vm", "security.selinux", NULL, 0) = 37
lgetxattr("/datadrive/vm", "security.selinux", "system_u:object_r:libvirt_state_"..., 37) = 37
statx(AT_FDCWD, "/datadrive/lost+found", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0700, stx_size=16384, ...}) = 0
llistxattr("/datadrive/lost+found", NULL, 0) = 17
llistxattr("/datadrive/lost+found", "security.selinux\0", 17) = 17
lgetxattr("/datadrive/lost+found", "security.selinux", NULL, 0) = 27
lgetxattr("/datadrive/lost+found", "security.selinux", "system_u:object_r:var_t:s0", 27) = 27
statx(AT_FDCWD, "/datadrive/christian", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0755, stx_size=4096, ...}) = 0
llistxattr("/datadrive/christian", NULL, 0) = 17
llistxattr("/datadrive/christian", "security.selinux\0", 17) = 17
lgetxattr("/datadrive/christian", "security.selinux", NULL, 0) = 27
lgetxattr("/datadrive/christian", "security.selinux", "system_u:object_r:var_t:s0", 27) = 27

[cgzones]

Last review for me, afterward I’d like to merge this, but the Vagrant tests aren’t up-to-date.

Thanks for reviewing.

Do you think you could either add this to this PR, or do a PR later to add them? Right now, there are tests checking the output of exa with xattrs in xtests/attributes.toml and xtests/details-view-permissions.toml.

I briefly tried to run a vagrant virtual machine with a libvirt backend, but it didn't seem to work out of the box. For me it would be easiest if the integration tests are enabled in the GitHub CI.

[ariasuni]

I didn’t know Vagrant could use libvirt; I’ve successfully used it with Virtualbox. But these tests should obviously be in the CI in the mid/longterm (I had COVID so couldn’t really progress much on that front, anyway).

[nnsee]

Hello!

What's the status on this? Would love to see this merged. Is there any way I can help?

[rustysys-dev]

I would also love to see this merged if there are no blockers.

[ariasuni]

Closing this since exa is unmaintained (see #1243), and this has been done in the active fork eza. Thanks anyway!