policycoreutils: setfiles: print error if no default label found

If a user requested a label be reset but no default label is specified, give a useful error message. Do not print the message if this is a recursive restore, and that is very common. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
2025-03-10 04:07:29 +00:00 · 2012-11-05 15:02:37 -05:00 · 2012-11-05 15:02:37 -05:00 · 36f1ccbb57
commit 36f1ccbb57
parent dd6c619ccb
2 changed files with 15 additions and 14 deletions
--- a/policycoreutils/setfiles/restore.c
+++ b/policycoreutils/setfiles/restore.c
@ -100,16 +100,19 @@ static int match(const char *name, struct stat *sb, char **con)
 	else
 		return selabel_lookup_raw(r_opts->hnd, con, name, sb->st_mode);
 }
-static int restore(FTSENT *ftsent)
+static int restore(FTSENT *ftsent, int recurse)
 {
 	char *my_file = strdupa(ftsent->fts_path);
 	int ret = -1;
 	security_context_t curcon = NULL, newcon = NULL;
 	float progress;
+	if (match(my_file, ftsent->fts_statp, &newcon) < 0) {
+		if ((errno == ENOENT) && ((!recurse) || (r_opts->verbose)))
+			fprintf(stderr, "%s:  Warning no default label for %s\n", r_opts->progname, my_file);

-	if (match(my_file, ftsent->fts_statp, &newcon) < 0)
 		/* Check for no matching specification. */
 		return (errno == ENOENT) ? 0 : -1;
+	}

 	if (r_opts->progress) {
 		r_opts->count++;
@ -275,7 +278,7 @@ err:
 * This function is called by fts on each file during
 * the directory traversal.
 */
-static int apply_spec(FTSENT *ftsent)
+static int apply_spec(FTSENT *ftsent, int recurse)
 {
 	if (ftsent->fts_info == FTS_DNR) {
 		fprintf(stderr, "%s:  unable to read directory %s\n",
@ -283,7 +286,7 @@ static int apply_spec(FTSENT *ftsent)
 		return SKIP;
 	}
 	
-	int rc = restore(ftsent);
+	int rc = restore(ftsent, recurse);
 	if (rc == ERR) {
 		if (!r_opts->abort_on_error)
 			return SKIP;
@ -343,7 +346,7 @@ static int process_one(char *name, int recurse_this_path)
 			}
 		}

-		rc = apply_spec(ftsent);
+		rc = apply_spec(ftsent, recurse_this_path);
 		if (rc == SKIP)
 			fts_set(fts_handle, ftsent, FTS_SKIP);
 		if (rc == ERR)
--- a/policycoreutils/setfiles/restorecon.8
+++ b/policycoreutils/setfiles/restorecon.8
@ -41,29 +41,27 @@ default file context, changing the user, role, range portion as well as the type
 .TP
 .B \-h, \-?
 display usage information and exit.
-.TP 
+.TP
 .B \-i
 ignore files that do not exist.
-.TP 
-.B \-R, \-r
-change files and directories file labels recursively (descend directories).
-.TP 
+.TP
 .B \-n
 don't change any file labels (passive check).
-.TP 
+.TP
 .B \-o outfilename
 save list of files with incorrect context in outfilename.
 .TP
 .B \-p
 show progress by printing * every STAR_COUNT files.  (If you relabel the entire OS, this will show you the percentage complete.)
-
 .TP
 .B \-R, \-r
 change files and directories file labels recursively (descend directories).
+.br
+.B Note: restorecon reports warnings on paths without default labels only if called non-recursively or in verbose mode.
 .TP
 .B \-v
 show changes in file labels, if type or role are going to be changed.
-.TP 
+.TP
 .B \-0
 the separator for the input items is assumed to be the null character
 (instead of the white space).  The quotes and the backslash characters are
@ -85,7 +83,7 @@ operate recursively on directories.

 .SH "AUTHOR"
 This man page was written by Dan Walsh <dwalsh@redhat.com>.
-Some of the content of this man page was taken from the setfiles 
+Some of the content of this man page was taken from the setfiles
 man page written by Russell Coker <russell@coker.com.au>.
 The program was written by Dan Walsh <dwalsh@redhat.com>.