diff options
author | Ondřej Vašík <ovasik@redhat.com> | 2009-02-17 15:53:39 +0100 |
---|---|---|
committer | Jim Meyering <meyering@redhat.com> | 2009-02-18 15:27:10 +0100 |
commit | 8c243ff965d477a89582a1b329923516a4d64668 (patch) | |
tree | b0b9d6e5c1d4f3b9aa0134ffe327b1c9ddec4aed /src | |
parent | 86cef85b3671ed0a14a444eef3b6cb07fa26ee64 (diff) | |
download | coreutils-8c243ff965d477a89582a1b329923516a4d64668.tar.xz |
cp: -a now preserves SELinux context, with reduced diagnostics
* copy.c (copy_reg): Reduce SELinux context diagnostics for 'cp -a'.
(copy_internal): Likewise
* copy.h (cp_options): Add boolean reduce_diagnostics.
* cp.c (usage): Say that --archive (-a) behaves like -dR --preserve=all.
(cp_option_init): Initialize added reduce_diagnostics.
(main): Add reduce_diagnostics for the -a option, and preserve SELinux
context, if possible.
* mv.c (cp_options_init): Initialize new cp_options booleans.
* install.c (cp_option_init): Likewise.
* NEWS: Mention those behaviour changes.
* doc/coreutils.texi: Document --preserve=context, document that
diagnostics are not shown for failures of non-mandatory attributes
(just SELinux at the moment).
* tests/cp/cp-a-selinux: Check not only failures, but succesful use
of preserving SELinux context in cp.
Diffstat (limited to 'src')
-rw-r--r-- | src/copy.c | 28 | ||||
-rw-r--r-- | src/copy.h | 6 | ||||
-rw-r--r-- | src/cp.c | 8 | ||||
-rw-r--r-- | src/install.c | 2 | ||||
-rw-r--r-- | src/mv.c | 2 |
5 files changed, 32 insertions, 14 deletions
diff --git a/src/copy.c b/src/copy.c index a6ca9dda4..7a7fae449 100644 --- a/src/copy.c +++ b/src/copy.c @@ -450,7 +450,8 @@ copy_reg (char const *src_name, char const *dst_name, security_context_t con = NULL; if (getfscreatecon (&con) < 0) { - error (0, errno, _("failed to get file system create context")); + if (!x->reduce_diagnostics) + error (0, errno, _("failed to get file system create context")); if (x->require_preserve_context) { return_val = false; @@ -462,9 +463,10 @@ copy_reg (char const *src_name, char const *dst_name, { if (fsetfilecon (dest_desc, con) < 0) { - error (0, errno, - _("failed to set the security context of %s to %s"), - quote_n (0, dst_name), quote_n (1, con)); + if (!x->reduce_diagnostics) + error (0, errno, + _("failed to set the security context of %s to %s"), + quote_n (0, dst_name), quote_n (1, con)); if (x->require_preserve_context) { return_val = false; @@ -472,7 +474,7 @@ copy_reg (char const *src_name, char const *dst_name, goto close_src_and_dst_desc; } } - freecon(con); + freecon (con); } } @@ -495,7 +497,7 @@ copy_reg (char const *src_name, char const *dst_name, if (*new_dst) { int open_flags = O_WRONLY | O_CREAT | O_BINARY; - dest_desc = open (dst_name, open_flags | O_EXCL , + dest_desc = open (dst_name, open_flags | O_EXCL, dst_mode & ~omitted_permissions); dest_errno = errno; @@ -1721,9 +1723,10 @@ copy_internal (char const *src_name, char const *dst_name, { if (setfscreatecon (con) < 0) { - error (0, errno, - _("failed to set default file creation context to %s"), - quote (con)); + if (!x->reduce_diagnostics) + error (0, errno, + _("failed to set default file creation context to %s"), + quote (con)); if (x->require_preserve_context) { freecon (con); @@ -1736,9 +1739,10 @@ copy_internal (char const *src_name, char const *dst_name, { if (errno != ENOTSUP && errno != ENODATA) { - error (0, errno, - _("failed to get security context of %s"), - quote (src_name)); + if (!x->reduce_diagnostics) + error (0, errno, + _("failed to get security context of %s"), + quote (src_name)); if (x->require_preserve_context) return false; } diff --git a/src/copy.h b/src/copy.h index 0cdf16be1..8e0b4080e 100644 --- a/src/copy.h +++ b/src/copy.h @@ -186,6 +186,12 @@ struct cp_options this flag is "true", while with "cp --preserve=all", it is false. */ bool require_preserve_xattr; + /* Used as difference boolean between cp -a and cp -dR --preserve=all. + If true, non-mandatory failure diagnostics are not displayed. This + should prevent poluting cp -a output. + */ + bool reduce_diagnostics; + /* If true, copy directories recursively and copy special files as themselves rather than copying their contents. */ bool recursive; @@ -160,7 +160,7 @@ Copy SOURCE to DEST, or multiple SOURCE(s) to DIRECTORY.\n\ Mandatory arguments to long options are mandatory for short options too.\n\ "), stdout); fputs (_("\ - -a, --archive same as -dpR\n\ + -a, --archive same as -dR --preserve=all\n\ --backup[=CONTROL] make a backup of each existing destination file\n\ -b like --backup but does not accept an argument\n\ --copy-contents copy contents of special files when recursive\n\ @@ -766,6 +766,7 @@ cp_option_init (struct cp_options *x) x->preserve_security_context = false; x->require_preserve_context = false; x->preserve_xattr = false; + x->reduce_diagnostics = false; x->require_preserve_xattr = false; x->require_preserve = false; @@ -921,13 +922,16 @@ main (int argc, char **argv) sparse_type_string, sparse_type); break; - case 'a': /* Like -dpR. */ + case 'a': /* Like -dR --preserve=all with reduced failure diagnostics. */ x.dereference = DEREF_NEVER; x.preserve_links = true; x.preserve_ownership = true; x.preserve_mode = true; x.preserve_timestamps = true; x.require_preserve = true; + if (selinux_enabled) + x.preserve_security_context = true; + x.reduce_diagnostics = true; x.recursive = true; break; diff --git a/src/install.c b/src/install.c index 2aa27d0af..b09c405c4 100644 --- a/src/install.c +++ b/src/install.c @@ -289,8 +289,10 @@ cp_option_init (struct cp_options *x) x->preserve_links = false; x->preserve_mode = false; x->preserve_timestamps = false; + x->reduce_diagnostics=false; x->require_preserve = false; x->require_preserve_context = false; + x->require_preserve_xattr = false; x->recursive = false; x->sparse_mode = SPARSE_AUTO; x->symbolic_link = false; @@ -122,9 +122,11 @@ cp_option_init (struct cp_options *x) x->preserve_mode = true; x->preserve_timestamps = true; x->preserve_security_context = selinux_enabled; + x->reduce_diagnostics = false; x->require_preserve = false; /* FIXME: maybe make this an option */ x->require_preserve_context = false; x->preserve_xattr = true; + x->require_preserve_xattr = false; x->recursive = true; x->sparse_mode = SPARSE_AUTO; /* FIXME: maybe make this an option */ x->symbolic_link = false; |