diff -urN -x '*.orig' -x '*.rej' naut.orig/libnautilus-private/Makefile.am naut.new/libnautilus-private/Makefile.am
--- naut.orig/libnautilus-private/Makefile.am 2009-03-25 15:48:56.404881573 +0000
+++ naut.new/libnautilus-private/Makefile.am 2009-03-25 15:50:31.163076538 +0000
@@ -174,6 +174,8 @@
diff -urN -x '*.orig' -x '*.rej' naut.orig/libnautilus-private/nautilus-module.c naut.new/libnautilus-private/nautilus-module.c
--- naut.orig/libnautilus-private/nautilus-module.c 2009-03-25 15:48:56.426647854 +0000
+++ naut.new/libnautilus-private/nautilus-module.c 2009-03-31 11:05:33.382333482 +0100
@@ -23,6 +23,7 @@
#include <config.h>
#include "nautilus-module.h"
+#include "nautilus-tsol-extensions.h"
#include <eel/eel-gtk-macros.h>
#include <eel/eel-debug.h>
@@ -191,6 +192,15 @@
const char *name;
while ((name = g_dir_read_name (dir))) {
+ /* Brasero extension does not currently work with
+ labeled zones (no dbus system bus)*/
+ if (nautilus_tsol_multi_label_session () &&
+ getzoneid () != 0) {
+ if (g_str_has_prefix (name,
+ "libnautilus-brasero")) {
+ continue;
+ }
+ }
if (g_str_has_suffix (name, "." G_MODULE_SUFFIX)) {
char *filename;
--- /dev/null 2011-07-21 12:37:01.000000000 +0100
+++ nautilus-3.1.3/libnautilus-private/nautilus-tsol-extensions.c 2011-07-21 12:35:45.474396623 +0100
@@ -0,0 +1,307 @@
+/*
+ * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
+ * Use is subject to license terms.
+ */
+
+#include <config.h>
+#include <X11/Xatom.h>
+#include <gdk/gdkx.h>
+#include <gtk/gtk.h>
+#include <gio/gio.h>
+#include <strings.h>
+#include <zone.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <tsol/label.h>
+#include <stdlib.h>
+#include <dlfcn.h>
+#include <link.h>
+
+#include "nautilus-tsol-extensions.h"
+
+typedef int (*tsol_getlabel) (const char*, m_label_t*);
+typedef int (*tsol_getplabel) (m_label_t*);
+typedef m_label_t* (*tsol_blabel_alloc) (void);
+typedef void (*tsol_blabel_free) (m_label_t*);
+typedef int (*tsol_blequal) (m_label_t*, m_label_t*);
+typedef int (*tsol_label_to_str) (const m_label_t*, char**,
+ const m_label_str_t, uint_t);
+typedef int (*tsol_str_to_label) (const char*, m_label_t**,
+ const m_label_type_t, uint_t, int*);
+
+static tsol_getlabel libtsol_getlabel = NULL;
+static tsol_getplabel libtsol_getplabel = NULL;
+static tsol_label_to_str libtsol_label_to_str = NULL;
+static tsol_str_to_label libtsol_str_to_label = NULL;
+static tsol_blabel_alloc libtsol_blabel_alloc = NULL;
+static tsol_blabel_free libtsol_blabel_free = NULL;
+static tsol_blequal libtsol_blequal = NULL;
+
+static gboolean
+init_tsol ()
+{
+ static gboolean tsol_init = FALSE;
+ gpointer handle = NULL;
+
+ if (!tsol_init) {
+ if (handle = dlopen ("/usr/lib/libtsol.so.2", RTLD_LAZY)) {
+ libtsol_getlabel = (tsol_getlabel) dlsym (handle,
+ "getlabel");
+ libtsol_getplabel = (tsol_getplabel) dlsym (handle,
+ "getplabel");
+ libtsol_label_to_str = (tsol_label_to_str)dlsym (handle,
+ "label_to_str");
+ libtsol_str_to_label = (tsol_str_to_label)dlsym (handle,
+ "str_to_label");
+ libtsol_blabel_alloc = (tsol_blabel_alloc)dlsym (handle,
+ "blabel_alloc");
+ libtsol_blabel_free = (tsol_blabel_free)dlsym (handle,
+ "blabel_free");
+ libtsol_blequal = (tsol_blequal) dlsym (handle,
+ "blequal");
+ }
+ tsol_init = TRUE;
+ }
+
+ if (!libtsol_getlabel || !libtsol_getplabel || !libtsol_blabel_alloc ||
+ !libtsol_blabel_free || !libtsol_label_to_str || !libtsol_blequal ||
+ !libtsol_str_to_label) {
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+char*
+nautilus_tsol_get_process_label (void)
+{
+ char *label_str;
+ m_label_t *label = NULL;
+
+ if (init_tsol ()) {
+ label = libtsol_blabel_alloc ();
+ if (libtsol_getplabel (label) == -1) {
+ label_str = NULL;
+ } else if (libtsol_label_to_str (label, &label_str, M_LABEL,
+ DEF_NAMES)) {
+ label_str = NULL;
+ }
+
+ libtsol_blabel_free (label);
+
+ return label_str;
+ } else {
+ return NULL;
+ }
+}
+
+char*
+nautilus_tsol_get_file_label (const char *uri)
+{
+ char *label_str;
+ m_label_t *label;
+ char *path;
+ GFile *file;
+
+ if (init_tsol () && strncmp (uri, "file://", 7) == 0) {
+ label = libtsol_blabel_alloc ();
+
+ file = g_file_new_for_uri (uri);
+ path = g_file_get_path (file);
+ g_object_unref (file);
+ if (libtsol_getlabel (path, label) == -1) {
+ label_str = NULL;
+ } else if (libtsol_label_to_str (label, &label_str, M_LABEL,
+ LONG_NAMES)) {
+ label_str = NULL;
+ }
+ g_free (path);
+
+ libtsol_blabel_free (label);
+
+ return label_str;
+ } else {
+ return g_strdup ("ADMIN_LOW");
+ }
+}
+
+gboolean
+nautilus_tsol_label_equal_to_process_label (char *label_str)
+{
+ gboolean ret = TRUE;
+ m_label_t *plabel = NULL, *label = NULL;
+ int error;
+
+ if (init_tsol ()) {
+ plabel = libtsol_blabel_alloc ();
+ label = libtsol_blabel_alloc ();
+
+ if (libtsol_getplabel (plabel) == -1) {
+ ret = TRUE;
+ } else if (libtsol_str_to_label (label_str, &label, MAC_LABEL,
+ L_NO_CORRECTION, &error) ==-1){
+ ret = TRUE;
+ } else if (libtsol_blequal (plabel, label)) {
+ ret = TRUE;
+ } else {
+ ret = FALSE;
+ }
+
+ libtsol_blabel_free (plabel);
+ libtsol_blabel_free (label);
+ }
+
+ return ret;
+}
+
+gboolean
+nautilus_tsol_multi_label_session (void)
+{
+ static int trusted = -1;
+
+ if (trusted < 0) {
+ if (getenv ("TRUSTED_SESSION")) {
+ trusted = 1;
+ } else {
+ trusted = 0;
+ }
+ }
+
+ return trusted ? TRUE : FALSE;
+}
+
+static char*
+nautilus_tsol_get_active_desktop_id (void)
+{
+ static char *dwid = NULL;
+ uid_t uid;
+ zoneid_t zid;
+
+ if (!dwid) {
+ uid = getuid();
+ zid = getzoneid();
+ dwid = g_strdup_printf ("%d_%d", uid, zid);
+ }
+
+ return dwid;
+}
+
+gboolean
+nautilus_tsol_show_desktop_window (GdkScreen *screen)
+{
+ char *dwid;
+ int format;
+ unsigned long nitems;
+ unsigned long bytesafter;
+ unsigned char *prop_data = NULL;
+ char *p;
+ int i, n_strings;
+ Atom atom, utf8_string;
+ Atom type = None;
+ Window root_win;
+ char **contents;
+ GdkDisplay *gdk_dpy = gdk_display_get_default ();
+ Display *x_dpy = GDK_DISPLAY_XDISPLAY (gdk_dpy);
+
+ root_win = GDK_WINDOW_XID (gdk_screen_get_root_window (screen));
+
+ utf8_string = XInternAtom (x_dpy, "UTF8_STRING", FALSE);
+ dwid = nautilus_tsol_get_active_desktop_id ();
+ atom = XInternAtom (x_dpy, "NAUTILUS_ACTIVE_DESKTOP_ID", FALSE);
+
+ if (XGetWindowProperty (x_dpy, root_win, atom, 0L, (long)1024, False,
+ utf8_string, &type, &format, &nitems,
+ &bytesafter, (unsigned char **)&prop_data)
+ != Success) {
+ return FALSE;
+ }
+
+ if (type != utf8_string || format != 8 || nitems == 0) {
+ if (prop_data) {
+ XFree (prop_data);
+ }
+ return FALSE;
+ }
+
+ i = 0;
+ n_strings = 0;
+ while (i < nitems) {
+ if (prop_data[i] == '\0') {
+ ++n_strings;
+ }
+ ++i;
+ }
+
+ if (prop_data[nitems -1] != '/0') {
+ ++n_strings;
+ }
+
+ contents = g_new0 (char *, n_strings+1);
+
+ p = prop_data;
+ i = 0;
+ while (i < n_strings) {
+ if (!g_utf8_validate ((const gchar *)p, -1, NULL)) {
+ g_warning ("Property contained invalid utf8\n");
+ XFree (prop_data);
+ g_strfreev (contents);
+ return FALSE;
+ }
+ contents[i] = g_strdup (p);
+ p = p + strlen (p) +1;
+ ++i;
+ }
+
+ if (prop_data) XFree (prop_data);
+
+ if (strcmp (contents[0], dwid) == 0) {
+ return TRUE;
+ } else {
+ return FALSE;
+ }
+}
+
+GdkFilterReturn
+nautilus_tsol_filter_func (GdkXEvent *gdkxevent, GdkEvent *event, gpointer data)
+{
+ Atom atom;
+ XEvent *xevent = gdkxevent;
+ GtkWidget *widget = (GtkWidget *)data;
+ GdkScreen *screen = gtk_widget_get_screen (widget);
+ GdkDisplay *gdk_dpy = gdk_display_get_default ();
+ Display *x_dpy = GDK_DISPLAY_XDISPLAY (gdk_dpy);
+
+ if (xevent->type != PropertyNotify) {
+ return GDK_FILTER_CONTINUE;
+ }
+
+ atom = XInternAtom (x_dpy, "NAUTILUS_ACTIVE_DESKTOP_ID", FALSE);
+
+ if (xevent->xproperty.atom != atom) {
+ return GDK_FILTER_CONTINUE;
+ }
+
+ if (nautilus_tsol_show_desktop_window (screen)) {
+ gtk_widget_show (widget);
+ } else {
+ gtk_widget_hide (widget);
+ }
+
+ return GDK_FILTER_CONTINUE;
+}
+
+void
+nautilus_tsol_update_paste_location_property (GtkClipboard *cb, char *dir)
+{
+ GtkWidget *widget = g_object_get_data (gtk_clipboard_get_display (cb),
+ "gtk-clipboard-widget");
+ Display *x_dpy = GDK_DISPLAY_XDISPLAY (gtk_widget_get_display (widget));
+ Atom atom = XInternAtom (x_dpy, "_NAUTILUS_TARGET_DIR", FALSE);
+ Atom utf8 = XInternAtom (x_dpy, "UTF8_STRING", FALSE);
+ Window win = GDK_WINDOW_XID (gtk_widget_get_window(widget));
+
+ XChangeProperty (x_dpy, win, atom, utf8, 8, PropModeReplace, dir,
+ strlen (dir));
+
+ XSync (x_dpy, FALSE);
+}
diff -urN -x '*.orig' -x '*.rej' naut.orig/libnautilus-private/nautilus-tsol-extensions.h naut.new/libnautilus-private/nautilus-tsol-extensions.h
--- naut.orig/libnautilus-private/nautilus-tsol-extensions.h 1970-01-01 01:00:00.000000000 +0100
+++ naut.new/libnautilus-private/nautilus-tsol-extensions.h 2009-03-25 15:50:31.164171360 +0000
@@ -0,0 +1,20 @@
+/*
+ * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
+ * Use is subject to license terms.
+ */
+#ifndef NAUTILUS_TSOL_EXTENSIONS_H
+#define NAUTILUS_TSOL_EXTENSIONS_H
+#include <config.h>
+#include <gdk/gdk.h>
+#include <gtk/gtk.h>
+#include <glib/glist.h>
+
+gboolean nautilus_tsol_multi_label_session (void);
+gboolean nautilus_tsol_show_desktop_window (GdkScreen *screen);
+gboolean nautilus_tsol_label_equal_to_process_label (char *label);
+GdkFilterReturn nautilus_tsol_filter_func (GdkXEvent *gdkxevent, GdkEvent *event, gpointer data);
+char *nautilus_tsol_get_file_label (const char *filename);
+char *nautilus_tsol_get_process_label ();
+void nautilus_tsol_update_paste_location_property (GtkClipboard *cb, char *dir);
+
+#endif
--- nautilus-3.1.3/src/nautilus-view.c.orig 2011-07-21 11:01:16.583972781 +0100
+++ nautilus-3.1.3/src/nautilus-view.c 2011-07-21 11:18:36.907409513 +0100
@@ -78,6 +78,7 @@
#include <libnautilus-private/nautilus-trash-monitor.h>
#include <libnautilus-private/nautilus-ui-utilities.h>
#include <libnautilus-private/nautilus-signaller.h>
+#include <libnautilus-private/nautilus-tsol-extensions.h>
#include <libnautilus-private/nautilus-icon-names.h>
#define DEBUG_FLAG NAUTILUS_DEBUG_DIRECTORY_VIEW
@@ -5952,6 +5953,7 @@
{
gboolean cut;
GList *item_uris;
+ char *label = NULL;
cut = FALSE;
item_uris = nautilus_clipboard_get_uri_list_from_selection_data (selection_data, &cut,
@@ -5962,9 +5964,11 @@
_("There is nothing on the clipboard to paste."),
NULL);
} else {
- nautilus_view_move_copy_items (view, item_uris, NULL, destination_uri,
+ if (!label || nautilus_tsol_label_equal_to_process_label (label)){
+ nautilus_view_move_copy_items (view, item_uris, NULL, destination_uri,
cut ? GDK_ACTION_MOVE : GDK_ACTION_COPY,
0, 0);
+ }
/* If items are cut then remove from clipboard */
if (cut) {
@@ -6035,6 +6039,12 @@
view = NAUTILUS_VIEW (callback_data);
+ if (nautilus_tsol_multi_label_session ()) {
+ char *target_dir = nautilus_view_get_backing_uri (view);
+ nautilus_tsol_update_paste_location_property (nautilus_clipboard_get (view), target_dir);
+ g_free (target_dir);
+ }
+
g_object_ref (view);
gtk_clipboard_request_contents (nautilus_clipboard_get (GTK_WIDGET (view)),
copied_files_atom,
--- nautilus-3.1.3/libnautilus-private/nautilus-clipboard-monitor.c.orig 2011-07-21 11:09:02.778809192 +0100
+++ nautilus-3.1.3/libnautilus-private/nautilus-clipboard-monitor.c 2011-07-21 11:16:46.259405161 +0100
@@ -223,7 +223,7 @@
gsize *len)
{
GString *uris;
- char *uri, *tmp;
+ char *uri, *tmp, *label;
GFile *f;
guint i;
GList *l;
@@ -232,6 +232,12 @@
uris = g_string_new (NULL);
} else {
uris = g_string_new (info->cut ? "cut" : "copy");
+ if (nautilus_tsol_multi_label_session ()) {
+ label = nautilus_tsol_get_process_label ();
+ g_string_append_c (uris, '\n');
+ g_string_append (uris, label);
+ g_free (label);
+ }
}
for (i = 0, l = info->files; l != NULL; l = l->next, i++) {
--- nautilus-3.1.3/src/nautilus-properties-window.c.orig 2011-07-21 11:48:26.624629724 +0100
+++ nautilus-3.1.3/src/nautilus-properties-window.c 2011-07-21 11:47:32.230194229 +0100
@@ -60,6 +60,7 @@
#include <libnautilus-private/nautilus-module.h>
#include <libnautilus-private/nautilus-undo.h>
+#include <libnautilus-private/nautilus-tsol-extensions.h>
#if HAVE_SYS_VFS_H
#include <sys/vfs.h>
@@ -4520,7 +4521,9 @@
{
GtkWidget *vbox, *button, *hbox;
GtkTable *page_table;
+ GtkLabel *label_label;
char *file_name, *prompt_text;
+ char *label_str, *uri;
GList *file_list;
guint last_row;
gint nrows;
@@ -4568,6 +4571,17 @@
"selinux_context", INCONSISTENT_STATE_STRING,
FALSE);
#endif
+ if (nautilus_tsol_multi_label_session ()) {
+ last_row = append_title_field (page_table,
+ /* SUN_BRANDING TJDS */
+ _("File Label:"), &label_label);
+ uri = nautilus_file_get_uri (get_target_file (window));
+ label_str = nautilus_tsol_get_file_label (uri);
+ attach_value_label (page_table, last_row, VALUE_COLUMN,
+ label_str);
+ g_free (label_str);
+ }
+
append_title_value_pair
(window, page_table, _("Last changed:"),
"date_permissions", INCONSISTENT_STATE_STRING,
--- nautilus-3.1.3/src/nautilus-application.c.orig 2011-07-21 11:53:31.797178031 +0100
+++ nautilus-3.1.3/src/nautilus-application.c 2011-07-21 11:54:33.211398258 +0100
@@ -75,6 +75,8 @@
#include <libnotify/notify.h>
#include <gdk/gdkx.h>
#include <gtk/gtk.h>
+#include <zone.h>
+#include <unistd.h>
/* Keep window from shrinking down ridiculously small; numbers are somewhat arbitrary */
#define APPLICATION_WINDOW_MIN_WIDTH 300
@@ -328,12 +330,12 @@
static GtkWidget *
get_desktop_manager_selection (GdkDisplay *display, int screen)
{
- char selection_name[32];
+ char selection_name[52];
GdkAtom selection_atom;
Window selection_owner;
GtkWidget *selection_widget;
- g_snprintf (selection_name, sizeof (selection_name), "_NET_DESKTOP_MANAGER_S%d", screen);
+ g_snprintf (selection_name, sizeof (selection_name), "_NET_DESKTOP_MANAGER_S%d_%d_%d", screen, getuid(), getzoneid());
selection_atom = gdk_atom_intern (selection_name, FALSE);
selection_owner = XGetSelectionOwner (GDK_DISPLAY_XDISPLAY (display),
--- nautilus-3.1.3/src/nautilus-desktop-window.c.orig 2011-06-28 14:41:41.000000000 +0100
+++ nautilus-3.1.3/src/nautilus-desktop-window.c 2011-07-21 11:28:07.126974447 +0100
@@ -37,6 +37,7 @@
#include <libnautilus-private/nautilus-icon-names.h>
+#include <libnautilus-private/nautilus-tsol-extensions.h>
struct NautilusDesktopWindowDetails {
gulong size_changed_id;
@@ -148,6 +149,7 @@
NautilusDesktopWindow *
nautilus_desktop_window_new (GdkScreen *screen)
{
+ GdkWindow *root_window;
NautilusDesktopWindow *window;
int width_request, height_request;
@@ -166,6 +168,12 @@
g_signal_connect (window, "delete_event", G_CALLBACK (nautilus_desktop_window_delete_event), NULL);
+ if (nautilus_tsol_multi_label_session ()) {
+ root_window = gdk_screen_get_root_window (screen);
+ gdk_window_add_filter (root_window, nautilus_tsol_filter_func,
+ window);
+ }
+
/* Point window at the desktop folder.
* Note that nautilus_desktop_window_init is too early to do this.
*/
--- nautilus-3.1.3/src/nautilus-window-manage-views.c.orig 2011-06-28 14:41:41.000000000 +0100
+++ nautilus-3.1.3/src/nautilus-window-manage-views.c 2011-07-21 11:38:19.932567467 +0100
@@ -59,6 +59,7 @@
#include <libnautilus-private/nautilus-module.h>
#include <libnautilus-private/nautilus-monitor.h>
+#include <libnautilus-private/nautilus-tsol-extensions.h>
#define DEBUG_FLAG NAUTILUS_DEBUG_WINDOW
#include <libnautilus-private/nautilus-debug.h>
@@ -1300,6 +1301,12 @@
}
setup_loading_floating_bar (slot);
+
+ if (nautilus_tsol_multi_label_session () &&
+ NAUTILUS_IS_DESKTOP_WINDOW (window) &&
+ !nautilus_tsol_show_desktop_window (gtk_widget_get_screen (GTK_WIDGET (window)))) {
+ gtk_widget_hide (GTK_WIDGET (window));
+ }
}
static void