From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 149131395F0 for ; Tue, 4 Aug 2015 19:41:45 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 479D114157; Tue, 4 Aug 2015 19:41:42 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id CF0F914157 for ; Tue, 4 Aug 2015 19:41:41 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id E278F340562 for ; Tue, 4 Aug 2015 19:41:39 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id F09DD111 for ; Tue, 4 Aug 2015 19:41:35 +0000 (UTC) From: "William Hubbs" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "William Hubbs" Message-ID: <1438631476.6a422982579786cb8308af04ccca6622afa06e50.williamh@OpenRC> Subject: [gentoo-commits] proj/openrc:master commit in: sh/ X-VCS-Repository: proj/openrc X-VCS-Files: sh/tmpfiles.sh.in X-VCS-Directories: sh/ X-VCS-Committer: williamh X-VCS-Committer-Name: William Hubbs X-VCS-Revision: 6a422982579786cb8308af04ccca6622afa06e50 X-VCS-Branch: master Date: Tue, 4 Aug 2015 19:41:35 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: e97cac0e-1d50-4955-aaf8-6a58df7b3e84 X-Archives-Hash: 172840eba6f3a86c708a19dae11c1602 commit: 6a422982579786cb8308af04ccca6622afa06e50 Author: Jason Zaman perfinion com> AuthorDate: Fri Jul 10 20:45:11 2015 +0000 Commit: William Hubbs gentoo org> CommitDate: Mon Aug 3 19:51:16 2015 +0000 URL: https://gitweb.gentoo.org/proj/openrc.git/commit/?id=6a422982 tmpfiles: run restorecon on the entire path The tmpfiles "d" entry will create a full path and only the last dir in the path will have its SELinux label set correctly. This patch will restorecon the parents as well so that the selinux labels are correct. eg, "d /run/libvirt/lxc", then "lxc" would have the correct SELinux label but "libvirt" would not. Signed-off-by: Jason Zaman perfinion.com> sh/tmpfiles.sh.in | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/sh/tmpfiles.sh.in b/sh/tmpfiles.sh.in index 89bd03e..43442d7 100644 --- a/sh/tmpfiles.sh.in +++ b/sh/tmpfiles.sh.in @@ -53,10 +53,18 @@ relabel() { done } +splitpath() { + local path=$1 + while [ -n "$path" ]; do + echo $path + path=${path%/*} + done +} + _restorecon() { local path=$1 if [ -x /sbin/restorecon ]; then - dryrun_or_real restorecon -F "$path" + dryrun_or_real restorecon -F $(splitpath "$path") fi } @@ -122,6 +130,7 @@ _d() { if [ ! -d "$path" ]; then dryrun_or_real mkdir -p "$path" 2>/dev/null + _restorecon "$path" dryrun_or_real $CHECKPATH -dq -m "$mode" -o "$uid:$gid" "$path" fi } @@ -137,6 +146,7 @@ _D() { if [ $CREATE -gt 0 ]; then dryrun_or_real mkdir -p "$path" 2>/dev/null + _restorecon "$path" dryrun_or_real $CHECKPATH -Dq -m "$mode" -o "$uid:$gid" "$path" fi }