Commit Graph

6 Commits

Author SHA1 Message Date
Nicolas Iooss
5fc701fe11
restorecond: use /run instead of /var/run
On most distributions, /var/run is a symbolic link to /run so using
/var/run or /run lead to the same result. Nevertheless systemd started
to warn about using /var/run in a service file, logging entries such as:

    /usr/lib/systemd/system/restorecond.service:8: PIDFile= references
    path below legacy directory /var/run/, updating
    /var/run/restorecond.pid → /run/restorecond.pid; please update the
    unit file accordingly.

Switch to /run in order to follow this advice.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-03-18 22:07:08 +01:00
Ondrej Mosnacek
385ef2cdc6 restorecond: Do not ignore the -f option
Since the default value of watch_file is set unconditionally *after* the
command-line arguments have been parsed, the -f option is (and has
always been) effectively ignored. Fix this by setting it before the
parsing.

Fixes: 48681bb49c ("policycoreutils: restorecond: make restorecond dbuss-able")
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
2018-10-11 10:53:08 -04:00
Nicolas Iooss
2b0fbebd50
restorecond: close the PID file if writing to it failed
write_pid_file() leaks a file descriptor to /var/run/restorecond.pid if
it fails to write the PID to it. Close the file before returning.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-07-04 22:08:27 +02:00
Nicolas Iooss
04fb15deb7 restorecond: check write() and daemon() results
When compiling restorecond with -Wunused, gcc 4.8.4 (from Ubuntu 14.04)
reports the following warnings:

    restorecond.c: In function ‘main’:
    restorecond.c:208:9: error: ignoring return value of ‘daemon’,
    declared with attribute warn_unused_result [-Werror=unused-result]
       daemon(0, 0);
             ^

    restorecond.c: In function ‘write_pid_file’:
    restorecond.c:106:2: error: ignoring return value of ‘write’,
    declared with attribute warn_unused_result [-Werror=unused-result]
      (void)write(pidfd, val, (unsigned int)len);
      ^

If any of these calls returns an error, it is currently silently
discarded. Add a message in order to warn about such an error.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2017-09-05 12:37:29 -04:00
Stephen Smalley
4480129412 restorecond: break source dependency on policycoreutils/setfiles
Now that restorecond is separated from policycoreutils, we should not
retain a build dependency on the policycoreutils/setfiles source files.
Fork the restore.[ch] files for restorecond.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-11-16 11:19:51 -05:00
Stephen Smalley
00be13634a Move policycoreutils/restorecond to restorecond.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-11-16 11:19:50 -05:00