RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2024-12-11 16:44:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

policycoreutils: let output of fixfiles be redirected (as normal)

Browse Source 
fixfiles was redirecting log output to `tty`.  This overrides user intent
e.g. when shell redirection is used.

Redirect it to stdout, using /proc.  `tty` equally depended on /proc.
We do not depend on /dev/stdout: it might not be present, if a rescue
system is booted with devtmpfs (no udev daemon).

By default, log messages were redirected into the void when not run from a
tty.  We consider this a bug, which is now fixed.

1. If calling scripts happen to require the old behaviour, they can easily
   write the same code themselves.

2. When fixfiles is run from Fedora's selinux-autorelabel.service,
   the calling script is specifically run from a tty.

   Also Fedora's calling script chooses to redirect stdout and stderr to
   /dev/null.  This redirection will now suceed, improving the transparency
   of the code.  The previous behaviour may be obtained by choosing not
   to redirect the progress messages of this long-running process to
   /dev/null.  A patch has been submitted to Fedora to suggest this novel
   approach:  https://bugzilla.redhat.com/show_bug.cgi?id=1415674

Complete disclosure:

* Remove unused variable LOGGER.
* Fix logfiles containing spaces.

Disclaimer:

1. "Log" output may contain escape sequences (backspace?) e.g. in
   `fixfiles -l log.txt restore`.  This is not the usual understanding
   of a log file.

2.  For some reason, not all informative messages are sent to `-l` e.g.
   the list of filesystems, and "cleaning up labels on /tmp".

3. `function logit` is retained, but the logfile is also written to
   outside this function.  Implementing support for the system log
   would require another function which accepts piped input.
   Also see point 1.

Signed-off-by: Alan Jenkins <alan.christopher.jenkins@gmail.com>
This commit is contained in:
Alan Jenkins 2017-01-23 12:15:50 +00:00 committed by Stephen Smalley
parent 7da9bc00f2
commit ac7899fc3a
1 changed files with 3 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
policycoreutils/scripts/fixfiles
View File

@ -119,11 +119,7 @@ VERBOSE="-p"
FORCEFLAG=""
DIRS=""
RPMILES=""
LOGFILE=`tty`
if [ $? != 0 ]; then
LOGFILE="/dev/null"
fi
LOGGER=/usr/sbin/logger
LOGFILE=/proc/self/fd/1
SETFILES=/sbin/setfiles
RESTORECON=/sbin/restorecon
FILESYSTEMSRW=`get_rw_labeled_mounts`
@ -138,11 +134,11 @@ else
fi
#
# Log to either syslog or a LOGFILE
# Write to LOGFILE
#
logit () {
if [ -n $LOGFILE ]; then
echo $1 >> $LOGFILE
echo $1 >> "$LOGFILE"
fi
}
#