diff options
| author | Jim Meyering <jim@meyering.net> | 2007-01-31 23:01:50 +0100 |
|---|---|---|
| committer | Jim Meyering <jim@meyering.net> | 2007-03-29 21:37:06 +0200 |
| commit | 8a86223d45be7597b229a95381aebab3512bf6d7 (patch) | |
| tree | 6e26ddcaefd7f1cc3dd92cb014c5a2fb4135b585 /src/copy.h | |
| parent | adcfd944a8e7b64e11672ef8d0d077bb8de1b666 (diff) | |
| download | coreutils-8a86223d45be7597b229a95381aebab3512bf6d7.tar.xz | |
* tests/cp/cp-a-selinux: New file. Test for the bug reported in
* tests/cp/Makefile.am (TESTS): Add cp-a-selinux.
* tests/selinux: New file.
* tests/Makefile.am (EXTRA_DIST): Add selinux.
* tests/misc/selinux: Source the new script, rather than open coding it.
Change how "cp -a" and "cp --preserve=context" work with SELinux.
Now, cp -a attempts to preserve context, but failure to do so does
not change cp's exit status. However "cp --preserve=context" is
similar, but failure *does* cause cp to exit with nonzero status.
* src/copy.h (struct cp_options) [require_preserve_context]: New member.
* src/copy.c (copy_reg, copy_internal): Implement the above.
* src/mv.c (cp_option_init): Initialize the new member.
* src/install.c (cp_option_init): Likewise.
* src/cp.c (cp_option_init): Likewise.
(decode_preserve_arg): Set it or reset it.
FIXME: add an on-writable-NFS-only test
Diffstat (limited to 'src/copy.h')
| -rw-r--r-- | src/copy.h | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/src/copy.h b/src/copy.h index eab6c8678..0d6233f95 100644 --- a/src/copy.h +++ b/src/copy.h @@ -127,9 +127,6 @@ struct cp_options bool preserve_ownership; bool preserve_mode; bool preserve_timestamps; - /* If true, attempt to preserve the SELinux security context, too. - Set this only if the kernel is SELinux enabled. */ - bool preserve_security_context; /* Enabled for mv, and for cp by the --preserve=links option. If true, attempt to preserve in the destination files any @@ -145,10 +142,25 @@ struct cp_options /* If true and any of the above (for preserve) file attributes cannot be applied to a destination file, treat it as a failure and return - nonzero immediately. E.g. cp -p requires this be nonzero, mv requires - it be zero. */ + nonzero immediately. E.g. for cp -p this must be true, for mv it + must be false. */ bool require_preserve; + /* If true, attempt to preserve the SELinux security context, too. + Set this only if the kernel is SELinux enabled. */ + bool preserve_security_context; + + /* Useful only when preserve_security_context is true. + If true, a failed attempt to preserve a file's security context + propagates failure "out" to the caller. If false, a failure to + preserve a file's security context does not change the invoking + application's exit status. Give diagnostics for failed syscalls + regardless of this setting. For example, with "cp --preserve=context" + this flag is "true", while with "cp -a", it is false. That means + "cp -a" attempts to preserve any security context, but does not + fail if it is unable to do so. */ + bool require_preserve_context; + /* If true, copy directories recursively and copy special files as themselves rather than copying their contents. */ bool recursive; |