Modify setfiles and restorecon to make use of the libselinux
selinux_restorecon* set of functions.
The output from these commands should be much the same as before
with some minor wording changes, the only exceptions being that for
setfiles(8) and restorecon(8) the following options have been added:
1) -I to ignore checking the directory digests.
2) -m to ignore reading /proc/mounts.
These additional options are described in the updated man pages.
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
The restorecon is unable to resolve paths using braced expressions like this: /sbin/
./restorecon: lstat(/sbin/ip{6,}tables*) failed: No such file or directory
The problem is that restorecon calls glob function without GLOB_BRACE flag, which en
If a user requested a label be reset but no default label is specified,
give a useful error message. Do not print the message if this is a
recursive restore, and that is very common.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
This patch started with work from John Reiser patch to estimate the
percent progress for restorecon/setfiles.
It has a lot of changes since then, to make it only happen on full
relabel, overwrite itself, shows 10ths of %, and does a lot better and
more useful job of estimation. We get all of the inodes on all mounted
FS. Since the number of inodes is not fixed and only an estimate I added
5% to the inode number, and forced the number to never go over 100.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
process_one_realpath returns 1 if it changed the context of the file but
process_glob treats all non-zero values as errors. This results in
setfiles exiting with non-zero status even though it was successful.
Fix process_glob to only treat negative return values of
process_one_realpath as errors.
cf. http://bugs.debian.org/662990
Signed-off-by: Martin Orr <martin@martinorr.name>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
restorecon should return 0 when a file has changed context with no
error. With the last version it's returning 1.
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662990
Signed-off-by: Laurent Bigonville <bigon@debian.org>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
Basically this change stops sysloging if the change did not actually
happen.
By default we do not modify a label if the type of the SELinug context
was unchanged, but we were sending a syslog message as if something had
changed.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
This patch allows us to use restorecon on MCS Separated File Systems or MLS
Environments, Basically allows a user to check his type enforcement.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
There are code paths where ret can be returned without being initialized
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
When testing for mount points to exclude we read /proc/mounts. Close
this file when we are finished reading it.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
Instead of coding the exact same thing and calling it symlink_realpath
use the function exported by libselinux.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
Russell Coker pointed out most displays are no 80 chars so we should just
put out * and let the terminal wrap itself.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Acked-by: Eric Paris <eparis@redhat.com>
If fts_read() fails for any reason ftsent will be NULL. Previously we
would have reported the error and then continued processing. Now we
report the error and stop using the NULL pointer.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
When we converted from nftw to fts we had to remove the automatic large
file support had to be removed. Thus we switch from stat to stat64 on
all archs.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
Rather than error when a glob does not match return success as this is
not a problem.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Eric Paris <eparis@redhat.com>
move exclude_non_seclabel_mounts from setfiles.c to restore.c so it can
be used by other functions later.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
Use the glob library to handle ~ and . in filenames passed from the
command line.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
Rather than blow up in horible ways, error out if we detect
initialization wasn't done properly.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
We have dumb code in setfiles which will set a static variable called
ignore_enoent. Thing is, nothing uses it. So move the setting to where
it is useful and use it!
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
Email: tliu@redhat.com
Subject: policycoreutils: share setfiles restore function with restorecond
Date: Wed, 19 Aug 2009 15:51:44 -0400
This is the first of two patches.
This patch splits all of the restore functionality in setfiles
into another two files, restore.c and restore.h.
The reason for this is shown in the next patch, which patches
restorecond to share this code.
To use it, instantiate a restore_opts struct with the proper options
and then pass a pointer to it into restore_init, and call restore_destroy
later.
Signed-off-by: Thomas Liu <tliu@redhat.com>
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
I've rebased this so that it will apply to current trunk.
Signed-off-by: Chad Sellers <csellers@tresys.com>
