coreutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Make mv work better with SELinux.


From: Pádraig Brady
Subject: Re: Make mv work better with SELinux.
Date: Thu, 08 Nov 2012 23:42:23 +0000
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:13.0) Gecko/20120615 Thunderbird/13.0.1

On 11/08/2012 10:20 PM, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Another pass at the patch.

This time -Z is not optional, only --context is.

- -Z or --context indicates use default label.

- --context=CTX uses previous behavior.

You can now do

cp -aZ and cp -Za and the right thing will happen.

Excellent.

I have turned off the warning SELinux is disabled if you specify -Z or
- --context.  Now it will quietly ignore.  I can add a comment to the usage if
you think it is worth while.   The reason I want to do this, is to allow
people to do "mkdir -Z /var/run/XYZ" in a script and not worry about whether
or not SELinux is enabled.  Currently we have lots of init script that do
things like

mkdir -Z /var/run/XYZ
restorecon /var/run/XYZ

Where restorecon quietly exits if SELinux is disabled.

Yes that makes sense.
--context without args just means set the system default
for the path, which can be nothing if SELinux is disabled.

I've no time to review now,
but hope to review fully and merge over the weekend.
I might get time to do some docs and tests too.

thanks!
Pádraig.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]