diff options
| author | Pádraig Brady <P@draigBrady.com> | 2013-12-04 19:10:37 +0000 |
|---|---|---|
| committer | Pádraig Brady <P@draigBrady.com> | 2013-12-05 00:18:36 +0000 |
| commit | 0013de3e603162081c4464ea1f7ad3285f633d78 (patch) | |
| tree | d93f83bc57d79b098b7d20d9cb60cf1b8296779e /src/copy.c | |
| parent | b53b0fd940382497e58a9e912f1262c2084fe534 (diff) | |
| download | coreutils-0013de3e603162081c4464ea1f7ad3285f633d78.tar.xz | |
selinux: fix --context=CTX for cp and diagnose defaultcon() errors
* src/selinux.h (ignorable_ctx_err): A new function used
to determine if a warning should be given after a call
to defaultcon() or restorecon().
* src/cp.c (main): Fix the setfscreatecon() call to use
the argument passed by the user.
* src/mkdir.c (make_ancestor): Show all but "ignoreable" errors
from defaultcon() and restorecon().
* tests/misc/selinux.sh: Add a test run as root in selinux enforcing
mode, to ensure cp --context=invalid is honored and fails immediately.
Diffstat (limited to 'src/copy.c')
| -rw-r--r-- | src/copy.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/copy.c b/src/copy.c index dab8fdd77..0f044d021 100644 --- a/src/copy.c +++ b/src/copy.c @@ -805,12 +805,12 @@ set_process_security_ctx (char const *src_name, char const *dst_name, { /* With -Z, adjust the default context for the process to have the type component adjusted as per the destination path. */ - if (new_dst && defaultcon (dst_name, mode) < 0) + if (new_dst && defaultcon (dst_name, mode) < 0 + && ! ignorable_ctx_err (errno)) { - if (!errno_unsupported (errno)) - error (0, errno, - _("failed to set default file creation context for %s"), - quote (dst_name)); + error (0, errno, + _("failed to set default file creation context for %s"), + quote (dst_name)); } } |