RepoMirrors
/
selinux
mirror of https://github.com/SELinuxProject/selinux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
selinux/policycoreutils/setfiles/setfiles.c

488 lines
11 KiB
C
Raw Normal View History

Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
#include "restore.h"
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
#include <unistd.h>
#include <fcntl.h>
#include <stdio_ext.h>
#include <ctype.h>
#include <regex.h>
#include <sys/vfs.h>
#include <libgen.h>
#ifdef USE_AUDIT
#include <libaudit.h>
#ifndef AUDIT_FS_RELABEL
#define AUDIT_FS_RELABEL 2309
#endif
#endif
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
static char *policyfile;
static int warn_no_match;
static int null_terminated;
policycoreutils: setfiles - Add option to stop setting the digest Add -D option to setfiles and restorecon - Do not set or update directory SHA1 digests when relabeling files. This will allow users the option of not using the "security.restorecon_last" extended attribute feature. Also review and update the man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-09-25 14:49:32 +00:00
static int request_digest;
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
static struct restore_opts r_opts;
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
static int nerr;
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
#define STAT_BLOCK_SIZE 1
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
/* setfiles will abort its operation after reaching the
* following number of errors (e.g. invalid contexts),
* unless it is used in "debug" mode (-d option).
*/
#ifndef ABORT_ON_ERRORS
#define ABORT_ON_ERRORS 10
#endif
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
#define SETFILES "setfiles"
#define RESTORECON "restorecon"
static int iamrestorecon;
/* Behavior flags determined based on setfiles vs. restorecon */
static int ctx_validate; /* Validate contexts */
static const char *altpath; /* Alternate path to file_contexts */
policycoreutils: add noreturn attribute to usage() Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2017-03-05 17:13:05 +00:00
static __attribute__((__noreturn__)) void usage(const char *const name)
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
{
if (iamrestorecon) {
fprintf(stderr,
policycoreutils: setfiles - Add option to stop setting the digest Add -D option to setfiles and restorecon - Do not set or update directory SHA1 digests when relabeling files. This will allow users the option of not using the "security.restorecon_last" extended attribute feature. Also review and update the man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-09-25 14:49:32 +00:00
"usage: %s [-iIDFmnprRv0] [-e excludedir] pathname...\n"
"usage: %s [-iIDFmnprRv0] [-e excludedir] -f filename\n",
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
name, name);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
} else {
fprintf(stderr,
policycoreutils: setfiles - Add option to stop setting the digest Add -D option to setfiles and restorecon - Do not set or update directory SHA1 digests when relabeling files. This will allow users the option of not using the "security.restorecon_last" extended attribute feature. Also review and update the man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-09-25 14:49:32 +00:00
"usage: %s [-diIDlmnpqvFW] [-e excludedir] [-r alt_root_path] spec_file pathname...\n"
"usage: %s [-diIDlmnpqvFW] [-e excludedir] [-r alt_root_path] spec_file -f filename\n"
"usage: %s -s [-diIDlmnpqvFW] spec_file\n"
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
"usage: %s -c policyfile spec_file\n",
name, name, name, name);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
setfiles should always return -1 on failures. Scripts that are looking for -1 failures were getting confused by 1 and > 1 erros. We should be consistant on the error status.
2013-10-11 14:37:44 +00:00
exit(-1);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
Fix gcc -Wstrict-prototypes warnings In C, defining a function with () means "any number of parameters", not "no parameter". Use (void) instead where applicable and add unused parameters when needed. Acked-by: Steve Lawrence <slawrence@tresys.com>
2014-09-14 21:41:49 +00:00
void inc_err(void)
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
{
nerr++;
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
if (nerr > ABORT_ON_ERRORS - 1 && !r_opts.debug) {
fprintf(stderr, "Exiting after %d errors.\n", ABORT_ON_ERRORS);
setfiles should always return -1 on failures. Scripts that are looking for -1 failures were getting confused by 1 and > 1 erros. We should be consistant on the error status.
2013-10-11 14:37:44 +00:00
exit(-1);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
}
void set_rootpath(const char *arg)
{
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
if (strlen(arg) == 1 && strncmp(arg, "/", 1) == 0) {
fprintf(stderr, "%s: invalid alt_rootpath: %s\n",
r_opts.progname, arg);
exit(-1);
}
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
r_opts.rootpath = strdup(arg);
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
if (!r_opts.rootpath) {
fprintf(stderr,
"%s: insufficient memory for r_opts.rootpath\n",
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
r_opts.progname);
setfiles should always return -1 on failures. Scripts that are looking for -1 failures were getting confused by 1 and > 1 erros. We should be consistant on the error status.
2013-10-11 14:37:44 +00:00
exit(-1);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
}
int canoncon(char **contextp)
{
char *context = *contextp, *tmpcon;
int rc = 0;
if (policyfile) {
if (sepol_check_context(context) < 0) {
fprintf(stderr, "invalid context %s\n", context);
setfiles should always return -1 on failures. Scripts that are looking for -1 failures were getting confused by 1 and > 1 erros. We should be consistant on the error status.
2013-10-11 14:37:44 +00:00
exit(-1);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
} else if (security_canonicalize_context_raw(context, &tmpcon) == 0) {
free(context);
*contextp = tmpcon;
} else if (errno != ENOENT) {
rc = -1;
inc_err();
}
return rc;
}
#ifndef USE_AUDIT
policycoreutils: setfiles: get rid of some stupid globals We have some useless globals in setfiles that don't need to be. Stop it. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-07-10 15:32:14 +00:00
static void maybe_audit_mass_relabel(int mass_relabel __attribute__((unused)),
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
int mass_relabel_errs __attribute__((unused)))
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
{
#else
policycoreutils: setfiles: get rid of some stupid globals We have some useless globals in setfiles that don't need to be. Stop it. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-07-10 15:32:14 +00:00
static void maybe_audit_mass_relabel(int mass_relabel, int mass_relabel_errs)
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
{
int audit_fd = -1;
int rc = 0;
if (!mass_relabel) /* only audit a forced full relabel */
return;
audit_fd = audit_open();
if (audit_fd < 0) {
fprintf(stderr, "Error connecting to audit system.\n");
exit(-1);
}
rc = audit_log_user_message(audit_fd, AUDIT_FS_RELABEL,
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
"op=mass relabel",
NULL, NULL, NULL, !mass_relabel_errs);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
if (rc <= 0) {
fprintf(stderr, "Error sending audit message: %s.\n",
strerror(errno));
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
/* exit(-1); -- don't exit atm. as fix for eff_cap isn't
* in most kernels.
*/
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
audit_close(audit_fd);
#endif
}
policycoreutils/setfiles: set up a logging callback for libselinux Define a logging callback for libselinux so that any informational or error messages generated by libselinux functions are properly prefixed with the program name and routed to the proper output stream. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2017-01-24 19:34:17 +00:00
static int __attribute__ ((format(printf, 2, 3)))
log_callback(int type, const char *fmt, ...)
{
int rc;
policycoreutils/setfiles: stdout messages don't need program prefix I suggested that if you run a command for its informational output (by passing `-v`), you don't expect it to be prefixed with the program name. Prefixing is used for error messages, so you can tell where your shell script blew up :). If a script is running a command for its informational output, it's usually the script's responsibility to make sure it's in context, e.g. providing headers if there are multiple sections of output. Removing the program name from setfiles/restorecon output is particularly useful because it generates very long lines. But also, it actually helps highlight where there are error messages - the prefix will make them stand out visually. Signed-off-by: Alan Jenkins <alan.christopher.jenkins@gmail.com>
2017-03-26 16:22:43 +00:00
FILE *out;
policycoreutils/setfiles: set up a logging callback for libselinux Define a logging callback for libselinux so that any informational or error messages generated by libselinux functions are properly prefixed with the program name and routed to the proper output stream. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2017-01-24 19:34:17 +00:00
va_list ap;
policycoreutils/setfiles: stdout messages don't need program prefix I suggested that if you run a command for its informational output (by passing `-v`), you don't expect it to be prefixed with the program name. Prefixing is used for error messages, so you can tell where your shell script blew up :). If a script is running a command for its informational output, it's usually the script's responsibility to make sure it's in context, e.g. providing headers if there are multiple sections of output. Removing the program name from setfiles/restorecon output is particularly useful because it generates very long lines. But also, it actually helps highlight where there are error messages - the prefix will make them stand out visually. Signed-off-by: Alan Jenkins <alan.christopher.jenkins@gmail.com>
2017-03-26 16:22:43 +00:00
if (type == SELINUX_INFO) {
out = stdout;
} else {
out = stderr;
policycoreutils/setfiles: don't scramble stdout and stderr together https://bugzilla.redhat.com/show_bug.cgi?id=1435894 When output to a non-tty (as caused by the implementation of fixfiles), stdout is fully buffered. stdout should be flushed before writes to stderr. See e.g. https://news.ycombinator.com/item?id=1271015 Signed-off-by: Alan Jenkins <alan.christopher.jenkins@gmail.com>
2017-03-26 16:22:44 +00:00
fflush(stdout);
policycoreutils/setfiles: stdout messages don't need program prefix I suggested that if you run a command for its informational output (by passing `-v`), you don't expect it to be prefixed with the program name. Prefixing is used for error messages, so you can tell where your shell script blew up :). If a script is running a command for its informational output, it's usually the script's responsibility to make sure it's in context, e.g. providing headers if there are multiple sections of output. Removing the program name from setfiles/restorecon output is particularly useful because it generates very long lines. But also, it actually helps highlight where there are error messages - the prefix will make them stand out visually. Signed-off-by: Alan Jenkins <alan.christopher.jenkins@gmail.com>
2017-03-26 16:22:43 +00:00
fprintf(out, "%s: ", r_opts.progname);
}
policycoreutils/setfiles: set up a logging callback for libselinux Define a logging callback for libselinux so that any informational or error messages generated by libselinux functions are properly prefixed with the program name and routed to the proper output stream. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2017-01-24 19:34:17 +00:00
va_start(ap, fmt);
rc = vfprintf(out, fmt, ap);
va_end(ap);
return rc;
}
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
int main(int argc, char **argv)
{
struct stat sb;
int opt, i = 0;
policycoreutils: fix most gcc -Wwrite-strings warnings Acked-by: Steve Lawrence <slawrence@tresys.com>
2014-09-14 21:41:48 +00:00
const char *input_filename = NULL;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
int use_input_file = 0;
char *buf = NULL;
size_t buf_len;
policycoreutils: fix most gcc -Wwrite-strings warnings Acked-by: Steve Lawrence <slawrence@tresys.com>
2014-09-14 21:41:48 +00:00
const char *base;
setfiles: Fix setfiles progress indicator This fixes the following bug: UX regression: setfiles progress indicator is now misleading and confusing in fixfiles. The outputting of * is replaced by the number of files in 1k increments as the previous versions. If "/" is specified on the pathname, then this will indicate a mass relabel, an example output will be: restorecon -nRp /etc /tmp /boot / /etc 100.0% /tmp 100.0% /boot 100.0% 3.2% Also setfiles(8) and restorecon(8) versions that are implemented using the selinux_restorecon(3) function do not support the [-o filename] option as this was deprecated. This has now been made clear by displaying a message to stderr. The documentation has also been updated to reflect these changes. Reported-by: Alan Jenkins <alan.christopher.jenkins@gmail.com> Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2017-01-27 12:47:49 +00:00
int errors = 0;
policycoreutils: setfiles - Add option to stop setting the digest Add -D option to setfiles and restorecon - Do not set or update directory SHA1 digests when relabeling files. This will allow users the option of not using the "security.restorecon_last" extended attribute feature. Also review and update the man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-09-25 14:49:32 +00:00
const char *ropts = "e:f:hiIDlmno:pqrsvFRW0";
const char *sopts = "c:de:f:hiIDlmno:pqr:svFR:W0";
policycoreutils: setfiles/restorecon: fix -r/-R option A spec file was incorrectly stored as rootpath when -r option was used Fixes: /sbin/setfiles: /tmp/install_root is not located in /etc/selinux/targeted/contexts/files/file_contexts Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2015-04-16 15:22:22 +00:00
const char *opts;
policycoreutils/setfiles: set up a logging callback for libselinux Define a logging callback for libselinux so that any informational or error messages generated by libselinux functions are properly prefixed with the program name and routed to the proper output stream. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2017-01-24 19:34:17 +00:00
union selinux_callback cb;
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
/* Initialize variables */
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
memset(&r_opts, 0, sizeof(r_opts));
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
altpath = NULL;
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
null_terminated = 0;
warn_no_match = 0;
policycoreutils: setfiles: reverse the sense of -D Reverse the sense of the -D option, from disabling setting/use of security.restorecon_last to enabling it, making disabled the default state. Rationale: 1) Users often use restorecon to fix labels on files whose labels are wrong even through nothing has changed in file_contexts, e.g. after copying/moving files to a different location. They won't expect restorecon to suddenly stop relabeling by default because the hash of file_contexts hasn't changed. 2) Only processes running with CAP_SYS_ADMIN can set security.restorecon_last, so this will fail for non-root users anyway. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-09-30 15:03:06 +00:00
request_digest = 0;
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
policyfile = NULL;
nerr = 0;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
r_opts.progname = strdup(argv[0]);
if (!r_opts.progname) {
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
fprintf(stderr, "%s: Out of memory!\n", argv[0]);
setfiles should always return -1 on failures. Scripts that are looking for -1 failures were getting confused by 1 and > 1 erros. We should be consistant on the error status.
2013-10-11 14:37:44 +00:00
exit(-1);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
base = basename(r_opts.progname);
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
if (!strcmp(base, SETFILES)) {
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
/*
* setfiles:
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
* Recursive descent,
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
* Does not expand paths via realpath,
* Aborts on errors during the file tree walk,
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
* Try to track inode associations for conflict detection,
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
* Does not follow mounts (sets SELINUX_RESTORECON_XDEV),
* Validates all file contexts at init time.
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
*/
iamrestorecon = 0;
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
r_opts.recurse = SELINUX_RESTORECON_RECURSE;
r_opts.userealpath = 0; /* SELINUX_RESTORECON_REALPATH */
r_opts.abort_on_error = SELINUX_RESTORECON_ABORT_ON_ERROR;
r_opts.add_assoc = SELINUX_RESTORECON_ADD_ASSOC;
/* FTS_PHYSICAL and FTS_NOCHDIR are always set by selinux_restorecon(3) */
r_opts.xdev = SELINUX_RESTORECON_XDEV;
r_opts.ignore_mounts = 0; /* SELINUX_RESTORECON_IGNORE_MOUNTS */
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
ctx_validate = 1;
policycoreutils: setfiles/restorecon: fix -r/-R option A spec file was incorrectly stored as rootpath when -r option was used Fixes: /sbin/setfiles: /tmp/install_root is not located in /etc/selinux/targeted/contexts/files/file_contexts Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2015-04-16 15:22:22 +00:00
opts = sopts;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
} else {
/*
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
* restorecon:
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
* No recursive descent unless -r/-R,
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
* Expands paths via realpath,
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
* Do not abort on errors during the file tree walk,
* Do not try to track inode associations for conflict detection,
* Follows mounts,
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
* Does lazy validation of contexts upon use.
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
*/
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
if (strcmp(base, RESTORECON))
fprintf(stderr, "Executed with unrecognized name (%s), defaulting to %s behavior.\n",
base, RESTORECON);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
iamrestorecon = 1;
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
r_opts.recurse = 0;
r_opts.userealpath = SELINUX_RESTORECON_REALPATH;
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
r_opts.abort_on_error = 0;
r_opts.add_assoc = 0;
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
r_opts.xdev = 0;
r_opts.ignore_mounts = 0;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
ctx_validate = 0;
policycoreutils: setfiles/restorecon: fix -r/-R option A spec file was incorrectly stored as rootpath when -r option was used Fixes: /sbin/setfiles: /tmp/install_root is not located in /etc/selinux/targeted/contexts/files/file_contexts Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2015-04-16 15:22:22 +00:00
opts = ropts;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
/* restorecon only: silent exit if no SELinux.
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
* Allows unconditional execution by scripts.
*/
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
if (is_selinux_enabled() <= 0)
exit(0);
}
/* Process any options. */
policycoreutils: setfiles/restorecon: fix -r/-R option A spec file was incorrectly stored as rootpath when -r option was used Fixes: /sbin/setfiles: /tmp/install_root is not located in /etc/selinux/targeted/contexts/files/file_contexts Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2015-04-16 15:22:22 +00:00
while ((opt = getopt(argc, argv, opts)) > 0) {
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
switch (opt) {
case 'c':
{
FILE *policystream;
if (iamrestorecon)
usage(argv[0]);
policyfile = optarg;
policystream = fopen(policyfile, "r");
if (!policystream) {
fprintf(stderr,
"Error opening %s: %s\n",
policyfile, strerror(errno));
setfiles should always return -1 on failures. Scripts that are looking for -1 failures were getting confused by 1 and > 1 erros. We should be consistant on the error status.
2013-10-11 14:37:44 +00:00
exit(-1);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
__fsetlocking(policystream,
FSETLOCKING_BYCALLER);
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
if (sepol_set_policydb_from_file(policystream)
< 0) {
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
fprintf(stderr,
"Error reading policy %s: %s\n",
policyfile, strerror(errno));
setfiles should always return -1 on failures. Scripts that are looking for -1 failures were getting confused by 1 and > 1 erros. We should be consistant on the error status.
2013-10-11 14:37:44 +00:00
exit(-1);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
fclose(policystream);
ctx_validate = 1;
break;
}
case 'e':
Patch setfiles to only warn if add_remove fails to lstat on user initiated excludes. On Tue, 2009-08-11 at 08:12 -0400, Daniel J Walsh wrote: > On 08/10/2009 04:12 PM, Stephen Smalley wrote: > > On Mon, 2009-08-10 at 16:03 -0400, Stephen Smalley wrote: > >> On Mon, 2009-08-10 at 11:13 -0400, Daniel J Walsh wrote: > >>> Currently in F12 if you have file systems that root can not read > >>> > >>> # restorecon -R -v /var/lib/libvirt/ > >>> Can't stat directory "/home/dwalsh/.gvfs", Permission denied. > >>> Can't stat directory "/home/dwalsh/redhat", Permission denied. > >>> > >>> After patch > >>> > >>> # ./restorecon -R -v /var/lib/libvirt/ > >> > >> But if you were to run > >> ./restorecon -R /home/dwalsh > >> that would try to descend into .gvfs and redhat, right? > >> > >> I think you want instead to ignore the lstat error if the error was > >> permission denied and add the entry to the exclude list so that > >> restorecon will not try to descend into it. It is ok to exclude a > >> directory to which you lack permission. Try this: > > > > Also, why limit -e to only directories? Why not let the user exclude > > individual files if they choose to do so? In which case we could drop > > the mode test altogether, and possibly drop the lstat() call altogether? > > Or if you truly want to warn the user about non-existent paths, then > > take the lstat() and warning to the 'e' option processing in main() > > instead of doing it inside of add_exclude(). > > > I agree lets remove the directory check and warn on non existing files. Does this handle it correctly for you? Remove the directory check for the -e option and only apply the existence test to user-specified entries. Also ignore permission denied errors as it is ok to exclude a directory or file to which the caller lacks permission. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2009-08-11 13:33:29 +00:00
if (lstat(optarg, &sb) < 0 && errno != EACCES) {
fprintf(stderr, "Can't stat exclude path \"%s\", %s - ignoring.\n",
optarg, strerror(errno));
break;
}
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
add_exclude(optarg);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
case 'f':
use_input_file = 1;
input_filename = optarg;
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
break;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
case 'd':
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
if (iamrestorecon)
usage(argv[0]);
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
r_opts.debug = 1;
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
r_opts.log_matches =
SELINUX_RESTORECON_LOG_MATCHES;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
case 'i':
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
r_opts.ignore_noent =
SELINUX_RESTORECON_IGNORE_NOENTRY;
break;
case 'I': /* Force label check by ignoring directory digest. */
r_opts.ignore_digest =
SELINUX_RESTORECON_IGNORE_DIGEST;
policycoreutils: setfiles: make -I imply -D -I only makes sense if we are also enabling digests. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-09-30 16:12:28 +00:00
request_digest = 1;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
policycoreutils: setfiles - Add option to stop setting the digest Add -D option to setfiles and restorecon - Do not set or update directory SHA1 digests when relabeling files. This will allow users the option of not using the "security.restorecon_last" extended attribute feature. Also review and update the man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-09-25 14:49:32 +00:00
case 'D': /*
policycoreutils: setfiles: reverse the sense of -D Reverse the sense of the -D option, from disabling setting/use of security.restorecon_last to enabling it, making disabled the default state. Rationale: 1) Users often use restorecon to fix labels on files whose labels are wrong even through nothing has changed in file_contexts, e.g. after copying/moving files to a different location. They won't expect restorecon to suddenly stop relabeling by default because the hash of file_contexts hasn't changed. 2) Only processes running with CAP_SYS_ADMIN can set security.restorecon_last, so this will fail for non-root users anyway. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-09-30 15:03:06 +00:00
* Request file_contexts digest in selabel_open
* This will effectively enable usage of the
policycoreutils: setfiles - Add option to stop setting the digest Add -D option to setfiles and restorecon - Do not set or update directory SHA1 digests when relabeling files. This will allow users the option of not using the "security.restorecon_last" extended attribute feature. Also review and update the man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-09-25 14:49:32 +00:00
* security.restorecon_last extended attribute.
*/
policycoreutils: setfiles: reverse the sense of -D Reverse the sense of the -D option, from disabling setting/use of security.restorecon_last to enabling it, making disabled the default state. Rationale: 1) Users often use restorecon to fix labels on files whose labels are wrong even through nothing has changed in file_contexts, e.g. after copying/moving files to a different location. They won't expect restorecon to suddenly stop relabeling by default because the hash of file_contexts hasn't changed. 2) Only processes running with CAP_SYS_ADMIN can set security.restorecon_last, so this will fail for non-root users anyway. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-09-30 15:03:06 +00:00
request_digest = 1;
break;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
case 'l':
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
r_opts.syslog_changes =
SELINUX_RESTORECON_SYSLOG_CHANGES;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
case 'F':
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
r_opts.set_specctx =
SELINUX_RESTORECON_SET_SPECFILE_CTX;
break;
case 'm':
r_opts.ignore_mounts =
SELINUX_RESTORECON_IGNORE_MOUNTS;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
case 'n':
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
r_opts.nochange = SELINUX_RESTORECON_NOCHANGE;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
case 'o': /* Deprecated */
setfiles: Fix setfiles progress indicator This fixes the following bug: UX regression: setfiles progress indicator is now misleading and confusing in fixfiles. The outputting of * is replaced by the number of files in 1k increments as the previous versions. If "/" is specified on the pathname, then this will indicate a mass relabel, an example output will be: restorecon -nRp /etc /tmp /boot / /etc 100.0% /tmp 100.0% /boot 100.0% 3.2% Also setfiles(8) and restorecon(8) versions that are implemented using the selinux_restorecon(3) function do not support the [-o filename] option as this was deprecated. This has now been made clear by displaying a message to stderr. The documentation has also been updated to reflect these changes. Reported-by: Alan Jenkins <alan.christopher.jenkins@gmail.com> Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2017-01-27 12:47:49 +00:00
fprintf(stderr, "%s: -o option no longer supported\n",
r_opts.progname);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
case 'q':
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
/* Deprecated - Was only used to say whether print
* filespec_eval() params. Now uses verbose flag.
*/
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
case 'R':
case 'r':
if (iamrestorecon) {
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
r_opts.recurse = SELINUX_RESTORECON_RECURSE;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
}
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
if (lstat(optarg, &sb) < 0 && errno != EACCES) {
fprintf(stderr,
"Can't stat alt_root_path \"%s\", %s\n",
optarg, strerror(errno));
exit(-1);
}
if (r_opts.rootpath) {
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
fprintf(stderr,
"%s: only one -r can be specified\n",
argv[0]);
setfiles should always return -1 on failures. Scripts that are looking for -1 failures were getting confused by 1 and > 1 erros. We should be consistant on the error status.
2013-10-11 14:37:44 +00:00
exit(-1);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
policycoreutils: setfiles/restorecon: fix -r/-R option A spec file was incorrectly stored as rootpath when -r option was used Fixes: /sbin/setfiles: /tmp/install_root is not located in /etc/selinux/targeted/contexts/files/file_contexts Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2015-04-16 15:22:22 +00:00
set_rootpath(optarg);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
case 's':
use_input_file = 1;
input_filename = "-";
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
r_opts.add_assoc = 0;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
case 'v':
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
if (r_opts.progress) {
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
fprintf(stderr,
"Progress and Verbose mutually exclusive\n");
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
usage(argv[0]);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
r_opts.verbose = SELINUX_RESTORECON_VERBOSE;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
case 'p':
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
if (r_opts.verbose) {
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
fprintf(stderr,
"Progress and Verbose mutually exclusive\n");
usage(argv[0]);
}
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
r_opts.progress = SELINUX_RESTORECON_PROGRESS;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
case 'W':
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
warn_no_match = 1; /* Print selabel_stats() */
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
break;
case '0':
null_terminated = 1;
break;
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
case 'h':
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
case '?':
usage(argv[0]);
}
}
policycoreutils: setfiles: estimate percent progress This patch started with work from John Reiser patch to estimate the percent progress for restorecon/setfiles. It has a lot of changes since then, to make it only happen on full relabel, overwrite itself, shows 10ths of %, and does a lot better and more useful job of estimation. We get all of the inodes on all mounted FS. Since the number of inodes is not fixed and only an estimate I added 5% to the inode number, and forced the number to never go over 100. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
2012-02-03 16:56:39 +00:00
for (i = optind; i < argc; i++) {
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
if (!strcmp(argv[i], "/"))
setfiles: Fix setfiles progress indicator This fixes the following bug: UX regression: setfiles progress indicator is now misleading and confusing in fixfiles. The outputting of * is replaced by the number of files in 1k increments as the previous versions. If "/" is specified on the pathname, then this will indicate a mass relabel, an example output will be: restorecon -nRp /etc /tmp /boot / /etc 100.0% /tmp 100.0% /boot 100.0% 3.2% Also setfiles(8) and restorecon(8) versions that are implemented using the selinux_restorecon(3) function do not support the [-o filename] option as this was deprecated. This has now been made clear by displaying a message to stderr. The documentation has also been updated to reflect these changes. Reported-by: Alan Jenkins <alan.christopher.jenkins@gmail.com> Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2017-01-27 12:47:49 +00:00
r_opts.mass_relabel = SELINUX_RESTORECON_MASS_RELABEL;
policycoreutils: setfiles: estimate percent progress This patch started with work from John Reiser patch to estimate the percent progress for restorecon/setfiles. It has a lot of changes since then, to make it only happen on full relabel, overwrite itself, shows 10ths of %, and does a lot better and more useful job of estimation. We get all of the inodes on all mounted FS. Since the number of inodes is not fixed and only an estimate I added 5% to the inode number, and forced the number to never go over 100. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
2012-02-03 16:56:39 +00:00
}
policycoreutils/setfiles: set up a logging callback for libselinux Define a logging callback for libselinux so that any informational or error messages generated by libselinux functions are properly prefixed with the program name and routed to the proper output stream. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2017-01-24 19:34:17 +00:00
cb.func_log = log_callback;
selinux_set_callback(SELINUX_CB_LOG, cb);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
if (!iamrestorecon) {
if (policyfile) {
if (optind != (argc - 1))
usage(argv[0]);
} else if (use_input_file) {
if (optind != (argc - 1)) {
/* Cannot mix with pathname arguments. */
usage(argv[0]);
}
} else {
if (optind > (argc - 2))
usage(argv[0]);
}
/* Use our own invalid context checking function so that
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
* we can support either checking against the active policy or
* checking against a binary policy file.
*/
policycoreutils/setfiles: set up a logging callback for libselinux Define a logging callback for libselinux so that any informational or error messages generated by libselinux functions are properly prefixed with the program name and routed to the proper output stream. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2017-01-24 19:34:17 +00:00
cb.func_validate = canoncon;
selinux_set_callback(SELINUX_CB_VALIDATE, cb);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
if (stat(argv[optind], &sb) < 0) {
perror(argv[optind]);
setfiles should always return -1 on failures. Scripts that are looking for -1 failures were getting confused by 1 and > 1 erros. We should be consistant on the error status.
2013-10-11 14:37:44 +00:00
exit(-1);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
if (!S_ISREG(sb.st_mode)) {
fprintf(stderr, "%s: spec file %s is not a regular file.\n",
argv[0], argv[optind]);
setfiles should always return -1 on failures. Scripts that are looking for -1 failures were getting confused by 1 and > 1 erros. We should be consistant on the error status.
2013-10-11 14:37:44 +00:00
exit(-1);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
altpath = argv[optind];
optind++;
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
} else if (argc == 1)
usage(argv[0]);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
policycoreutils: setfiles - Add option to stop setting the digest Add -D option to setfiles and restorecon - Do not set or update directory SHA1 digests when relabeling files. This will allow users the option of not using the "security.restorecon_last" extended attribute feature. Also review and update the man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-09-25 14:49:32 +00:00
/* Set selabel_open options. */
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
r_opts.selabel_opt_validate = (ctx_validate ? (char *)1 : NULL);
policycoreutils: setfiles - Add option to stop setting the digest Add -D option to setfiles and restorecon - Do not set or update directory SHA1 digests when relabeling files. This will allow users the option of not using the "security.restorecon_last" extended attribute feature. Also review and update the man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-09-25 14:49:32 +00:00
r_opts.selabel_opt_digest = (request_digest ? (char *)1 : NULL);
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
r_opts.selabel_opt_path = altpath;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
if (nerr)
setfiles should always return -1 on failures. Scripts that are looking for -1 failures were getting confused by 1 and > 1 erros. We should be consistant on the error status.
2013-10-11 14:37:44 +00:00
exit(-1);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
restore_init(&r_opts);
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
if (use_input_file) {
FILE *f = stdin;
ssize_t len;
int delim;
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
if (strcmp(input_filename, "-") != 0)
f = fopen(input_filename, "r");
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
if (f == NULL) {
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
fprintf(stderr, "Unable to open %s: %s\n",
input_filename,
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
strerror(errno));
usage(argv[0]);
}
__fsetlocking(f, FSETLOCKING_BYCALLER);
delim = (null_terminated != 0) ? '\0' : '\n';
while ((len = getdelim(&buf, &buf_len, delim, f)) > 0) {
buf[len - 1] = 0;
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
if (!strcmp(buf, "/"))
setfiles: Fix setfiles progress indicator This fixes the following bug: UX regression: setfiles progress indicator is now misleading and confusing in fixfiles. The outputting of * is replaced by the number of files in 1k increments as the previous versions. If "/" is specified on the pathname, then this will indicate a mass relabel, an example output will be: restorecon -nRp /etc /tmp /boot / /etc 100.0% /tmp 100.0% /boot 100.0% 3.2% Also setfiles(8) and restorecon(8) versions that are implemented using the selinux_restorecon(3) function do not support the [-o filename] option as this was deprecated. This has now been made clear by displaying a message to stderr. The documentation has also been updated to reflect these changes. Reported-by: Alan Jenkins <alan.christopher.jenkins@gmail.com> Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2017-01-27 12:47:49 +00:00
r_opts.mass_relabel = SELINUX_RESTORECON_MASS_RELABEL;
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
errors |= process_glob(buf, &r_opts) < 0;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
if (strcmp(input_filename, "-") != 0)
fclose(f);
} else {
policycoreutils: setfiles: estimate percent progress This patch started with work from John Reiser patch to estimate the percent progress for restorecon/setfiles. It has a lot of changes since then, to make it only happen on full relabel, overwrite itself, shows 10ths of %, and does a lot better and more useful job of estimation. We get all of the inodes on all mounted FS. Since the number of inodes is not fixed and only an estimate I added 5% to the inode number, and forced the number to never go over 100. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
2012-02-03 16:56:39 +00:00
for (i = optind; i < argc; i++)
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
errors |= process_glob(argv[i], &r_opts) < 0;
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
setfiles: Fix setfiles progress indicator This fixes the following bug: UX regression: setfiles progress indicator is now misleading and confusing in fixfiles. The outputting of * is replaced by the number of files in 1k increments as the previous versions. If "/" is specified on the pathname, then this will indicate a mass relabel, an example output will be: restorecon -nRp /etc /tmp /boot / /etc 100.0% /tmp 100.0% /boot 100.0% 3.2% Also setfiles(8) and restorecon(8) versions that are implemented using the selinux_restorecon(3) function do not support the [-o filename] option as this was deprecated. This has now been made clear by displaying a message to stderr. The documentation has also been updated to reflect these changes. Reported-by: Alan Jenkins <alan.christopher.jenkins@gmail.com> Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2017-01-27 12:47:49 +00:00
maybe_audit_mass_relabel(r_opts.mass_relabel, errors);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
if (warn_no_match)
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
selabel_stats(r_opts.hnd);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
Author: Thomas Liu Email: tliu@redhat.com Subject: policycoreutils: share setfiles restore function with restorecond Date: Wed, 19 Aug 2009 15:51:44 -0400 This is the first of two patches. This patch splits all of the restore functionality in setfiles into another two files, restore.c and restore.h. The reason for this is shown in the next patch, which patches restorecond to share this code. To use it, instantiate a restore_opts struct with the proper options and then pass a pointer to it into restore_init, and call restore_destroy later. Signed-off-by: Thomas Liu <tliu@redhat.com> Signed-off-by: Dan Walsh <dwalsh@redhat.com> I've rebased this so that it will apply to current trunk. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-09-10 18:54:35 +00:00
selabel_close(r_opts.hnd);
restore_finish();
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
setfiles: Fix setfiles progress indicator This fixes the following bug: UX regression: setfiles progress indicator is now misleading and confusing in fixfiles. The outputting of * is replaced by the number of files in 1k increments as the previous versions. If "/" is specified on the pathname, then this will indicate a mass relabel, an example output will be: restorecon -nRp /etc /tmp /boot / /etc 100.0% /tmp 100.0% /boot 100.0% 3.2% Also setfiles(8) and restorecon(8) versions that are implemented using the selinux_restorecon(3) function do not support the [-o filename] option as this was deprecated. This has now been made clear by displaying a message to stderr. The documentation has also been updated to reflect these changes. Reported-by: Alan Jenkins <alan.christopher.jenkins@gmail.com> Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2017-01-27 12:47:49 +00:00
if (r_opts.progress)
fprintf(stdout, "\n");
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
policycoreutils: setfiles - Modify to use selinux_restorecon Modify setfiles and restorecon to make use of the libselinux selinux_restorecon* set of functions. The output from these commands should be much the same as before with some minor wording changes, the only exceptions being that for setfiles(8) and restorecon(8) the following options have been added: 1) -I to ignore checking the directory digests. 2) -m to ignore reading /proc/mounts. These additional options are described in the updated man pages. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-07-26 08:44:44 +00:00
exit(errors ? -1 : 0);
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
}