xattr

experiment/selinux/src/lib.rs

@@ -1 +1,2 @@
-pub mod selinux;
+pub mod selinux;
+pub mod xattr;

experiment/selinux/src/selinux.rs

@@ -1,3 +1,10 @@
+use std::io;
+use crate::xattr::*;
+
+
+const XATTR_NAME_SELINUX: &str = "security.selinux";
+const ERR_EMPTY_PATH: &str = "empty path";
+
 pub fn set_disabled() {
     panic!("not implemented yet")
 }
@@ -10,8 +17,25 @@ pub fn class_index(class: &str) -> Result<i64, String> {
     panic!("not implemented yet")
 }
 
-pub fn set_file_label(fpath: &str, label: &str) {
-    panic!("not implemented yet")
+// set_file_label sets the SELinux label for this path, following symlinks, or returns an error.
+pub fn set_file_label(fpath: &str, label: &str) -> Result<(), std::io::Error> {
+    if fpath.is_empty() {
+        return Err(std::io::Error::new(io::ErrorKind::InvalidInput, ERR_EMPTY_PATH));
+    }
+
+    loop {
+        match set_xattr(fpath, XATTR_NAME_SELINUX, label.as_bytes(), 0) {
+            Ok(_) => break,
+// TODO:           Err(Errno::EINTR) => continue,
+            Err(e) => {
+                return Err(std::io::Error::new(
+                    std::io::ErrorKind::Other,
+                    format!("setxattr failed: {}", e),
+                ));
+            }
+        }
+    }
+    Ok(())
 }
 
 pub fn lset_file_label(fpath: &str, label: &str) {

experiment/selinux/src/xattr/mod.rs

@@ -0,0 +1,3 @@
+mod xattr;
+
+pub use xattr::*;

experiment/selinux/src/xattr/xattr.rs

@@ -0,0 +1,4 @@
+
+pub fn set_xattr(fpath: &str, attr: &str, data: &[u8], flags: i64) -> Result<(), std::io::Error> {
+    panic!("not implemented yet")
+}