[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
FYI: depend on gnulib's new getfilecon wrapers
|
From: |
Jim Meyering |
|
Subject: |
FYI: depend on gnulib's new getfilecon wrapers |
|
Date: |
Fri, 09 Oct 2009 19:15:56 +0200 |
I've just pushed this:
>From e11a0319b3b1af2c521cdcf37e09a02b157c3e76 Mon Sep 17 00:00:00 2001
From: Jim Meyering <address@hidden>
Date: Fri, 9 Oct 2009 13:57:02 +0200
Subject: [PATCH 1/3] build: update gnulib submodule to latest, for getfilecon
wrappers
---
gnulib | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/gnulib b/gnulib
index 6f6420c..f4dc806 160000
--- a/gnulib
+++ b/gnulib
@@ -1 +1 @@
-Subproject commit 6f6420cc9705dcfa545a28c674fddf5703e72c86
+Subproject commit f4dc80620e25623a69aa852bec5a52e150cedd4a
--
1.6.5.rc3.193.gdf7a
>From 57d9263ca54a35e76fc8ed2ec3ec8dc36f8da60b Mon Sep 17 00:00:00 2001
From: Jim Meyering <address@hidden>
Date: Wed, 7 Oct 2009 22:29:12 +0200
Subject: [PATCH 2/3] ls: remove explicit getfilecon work-around
* src/ls.c (gobble_file): Remove l?getfilecon work-around,
now that the gnulib wrappers handle it for us.
---
src/ls.c | 11 -----------
1 files changed, 0 insertions(+), 11 deletions(-)
diff --git a/src/ls.c b/src/ls.c
index 30df92c..08fdf5f 100644
--- a/src/ls.c
+++ b/src/ls.c
@@ -2802,17 +2802,6 @@ gobble_file (char const *name, enum filetype type, ino_t
inode,
: lgetfilecon (absolute_name, &f->scontext));
err = (attr_len < 0);
- /* Contrary to its documented API, getfilecon may return 0,
- yet set f->scontext to NULL (on at least Debian's libselinux1
- 2.0.15-2+b1), so work around that bug.
- FIXME: remove this work-around in 2011, or whenever affected
- versions of libselinux are long gone. */
- if (attr_len == 0)
- {
- err = 0;
- f->scontext = xstrdup ("unlabeled");
- }
-
if (err == 0)
have_selinux = ! STREQ ("unlabeled", f->scontext);
else
--
1.6.5.rc3.193.gdf7a
>From 0023f65fd7a2ba53b0209c7b1a66c5c30612d0c2 Mon Sep 17 00:00:00 2001
From: Jim Meyering <address@hidden>
Date: Wed, 7 Oct 2009 15:31:17 +0200
Subject: [PATCH 3/3] chcon: don't disable just because SELinux is disabled
* src/chcon.c (main): Now that gnulib provides getfilecon wrappers,
we can revert most of the 2009-10-05 commit 3a97d664, "chcon: exit
immediately if SELinux is disabled", since chcon is still useful as
long as the file system provides handlers for the security.*
name space. gnulib's getfilecon wrappers ensure that an offending
context now evokes a return value of -1.
Prompted by comments from Stephen Smalley in
http://thread.gmane.org/gmane.comp.gnu.coreutils.bugs/18378/focus=18394
* NEWS (Bug fixes): Mention it.
---
NEWS | 4 ++++
src/chcon.c | 4 ----
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/NEWS b/NEWS
index 75a4207..f8269fc 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,10 @@ GNU coreutils NEWS -*-
outline -*-
** Bug fixes
+ chcon no longer exits immediately just because SELinux is disabled.
+ Even then, chcon may still be useful.
+ [bug introduced in coreutils-8.0]
+
stat -f recognizes more file system types: afs, cifs, anon-inode FS,
btrfs, cgroupfs, cramfs-wend, debugfs, futexfs, hfs, inotifyfs, minux3,
nilfs, securityfs, selinux, xenfs
diff --git a/src/chcon.c b/src/chcon.c
index c0da694..fbfdb4d 100644
--- a/src/chcon.c
+++ b/src/chcon.c
@@ -519,10 +519,6 @@ main (int argc, char **argv)
usage (EXIT_FAILURE);
}
- if (is_selinux_enabled () != 1)
- error (EXIT_FAILURE, 0,
- _("%s may be used only on a SELinux kernel"), program_name);
-
if (reference_file)
{
if (getfilecon (reference_file, &ref_context) < 0)
--
1.6.5.rc3.193.gdf7a
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- FYI: depend on gnulib's new getfilecon wrapers,
Jim Meyering <=