[Pkg-shadow-commits] r3226 - in upstream/trunk: . lib libmisc src
Nicolas FRANÇOIS
nekral-guest at alioth.debian.org
Sat Aug 21 17:31:45 UTC 2010
Author: nekral-guest
Date: 2010-08-21 17:31:45 +0000 (Sat, 21 Aug 2010)
New Revision: 3226
Modified:
upstream/trunk/ChangeLog
upstream/trunk/lib/prototypes.h
upstream/trunk/libmisc/copydir.c
upstream/trunk/src/useradd.c
upstream/trunk/src/usermod.c
Log:
* libmisc/copydir.c, lib/prototypes.h: Caller can choose not to
copy the extended attributes (the SELinux context is hence reset)
* src/usermod.c: Copy the extended attributes.
* src/useradd.c: Only reset the SELinux context.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2010-08-21 16:51:53 UTC (rev 3225)
+++ upstream/trunk/ChangeLog 2010-08-21 17:31:45 UTC (rev 3226)
@@ -1,5 +1,12 @@
2010-08-21 Nicolas François <nicolas.francois at centraliens.net>
+ * libmisc/copydir.c, lib/prototypes.h: Caller can choose not to
+ copy the extended attributes (the SELinux context is hence reset)
+ * src/usermod.c: Copy the extended attributes.
+ * src/useradd.c: Only reset the SELinux context.
+
+2010-08-21 Nicolas François <nicolas.francois at centraliens.net>
+
* configure.in: Fixed typo.
2010-08-21 Nicolas François <nicolas.francois at centraliens.net>
Modified: upstream/trunk/lib/prototypes.h
===================================================================
--- upstream/trunk/lib/prototypes.h 2010-08-21 16:51:53 UTC (rev 3225)
+++ upstream/trunk/lib/prototypes.h 2010-08-21 17:31:45 UTC (rev 3226)
@@ -119,6 +119,7 @@
/* copydir.c */
extern int copy_tree (const char *src_root, const char *dst_root,
bool copy_root,
+ bool reset_selinux,
uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid);
#ifdef WITH_SELINUX
Modified: upstream/trunk/libmisc/copydir.c
===================================================================
--- upstream/trunk/libmisc/copydir.c 2010-08-21 16:51:53 UTC (rev 3225)
+++ upstream/trunk/libmisc/copydir.c 2010-08-21 17:31:45 UTC (rev 3226)
@@ -68,26 +68,32 @@
static /*@exposed@*/struct link_name *links;
static int copy_entry (const char *src, const char *dst,
+ bool reset_selinux,
uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid);
static int copy_dir (const char *src, const char *dst,
+ bool reset_selinux,
const struct stat *statp, const struct timeval mt[],
uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid);
#ifdef S_IFLNK
static char *readlink_malloc (const char *filename);
static int copy_symlink (const char *src, const char *dst,
+ unused bool reset_selinux,
const struct stat *statp, const struct timeval mt[],
uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid);
#endif /* S_IFLNK */
static int copy_hardlink (const char *dst,
+ unused bool reset_selinux,
struct link_name *lp);
static int copy_special (const char *src, const char *dst,
+ bool reset_selinux,
const struct stat *statp, const struct timeval mt[],
uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid);
static int copy_file (const char *src, const char *dst,
+ bool reset_selinux,
const struct stat *statp, const struct timeval mt[],
uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid);
@@ -243,6 +249,9 @@
* copy_tree() walks a directory tree and copies ordinary files
* as it goes.
*
+ * When reset_selinux is enabled, extended attributes (and thus
+ * SELinux attributes are not copied.
+ *
* old_uid and new_uid are used to set the ownership of the copied
* files. Unless old_uid is set to -1, only the files owned by
* old_uid have their ownership changed to new_uid. In addition, if
@@ -252,7 +261,7 @@
* old_gid/new_gid.
*/
int copy_tree (const char *src_root, const char *dst_root,
- bool copy_root,
+ bool copy_root, bool reset_selinux,
uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid)
{
@@ -278,7 +287,7 @@
return -1;
}
- return copy_entry (src_root, dst_root,
+ return copy_entry (src_root, dst_root, reset_selinux,
old_uid, new_uid, old_gid, new_gid);
}
@@ -339,6 +348,7 @@
dst_root, ent->d_name);
err = copy_entry (src_name, dst_name,
+ reset_selinux,
old_uid, new_uid,
old_gid, new_gid);
}
@@ -390,6 +400,7 @@
* to -1.
*/
static int copy_entry (const char *src, const char *dst,
+ bool reset_selinux,
uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid)
{
@@ -426,7 +437,7 @@
#endif /* !HAVE_STRUCT_STAT_ST_MTIM */
if (S_ISDIR (sb.st_mode)) {
- err = copy_dir (src, dst, &sb, mt,
+ err = copy_dir (src, dst, reset_selinux, &sb, mt,
old_uid, new_uid, old_gid, new_gid);
}
@@ -436,7 +447,7 @@
*/
else if (S_ISLNK (sb.st_mode)) {
- err = copy_symlink (src, dst, &sb, mt,
+ err = copy_symlink (src, dst, reset_selinux, &sb, mt,
old_uid, new_uid, old_gid, new_gid);
}
#endif /* S_IFLNK */
@@ -446,7 +457,7 @@
*/
else if ((lp = check_link (src, &sb)) != NULL) {
- err = copy_hardlink (dst, lp);
+ err = copy_hardlink (dst, reset_selinux, lp);
}
/*
@@ -456,7 +467,7 @@
*/
else if (!S_ISREG (sb.st_mode)) {
- err = copy_special (src, dst, &sb, mt,
+ err = copy_special (src, dst, reset_selinux, &sb, mt,
old_uid, new_uid, old_gid, new_gid);
}
@@ -466,7 +477,7 @@
*/
else {
- err = copy_file (src, dst, &sb, mt,
+ err = copy_file (src, dst, reset_selinux, &sb, mt,
old_uid, new_uid, old_gid, new_gid);
}
}
@@ -485,6 +496,7 @@
* Return 0 on success, -1 on error.
*/
static int copy_dir (const char *src, const char *dst,
+ bool reset_selinux,
const struct stat *statp, const struct timeval mt[],
uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid)
@@ -515,9 +527,9 @@
* file systems with and without ACL support needs some
* additional logic so that no unexpected permissions result.
*/
- || (attr_copy_file (src, dst, NULL, &ctx) != 0)
+ || (!reset_selinux && (attr_copy_file (src, dst, NULL, &ctx) != 0))
#endif /* WITH_ATTR */
- || (copy_tree (src, dst, false,
+ || (copy_tree (src, dst, false, reset_selinux,
old_uid, new_uid, old_gid, new_gid) != 0)
|| (utimes (dst, mt) != 0)) {
err = -1;
@@ -574,6 +586,7 @@
* Return 0 on success, -1 on error.
*/
static int copy_symlink (const char *src, const char *dst,
+ unused bool reset_selinux,
const struct stat *statp, const struct timeval mt[],
uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid)
@@ -650,6 +663,7 @@
* Return 0 on success, -1 on error.
*/
static int copy_hardlink (const char *dst,
+ unused bool reset_selinux,
struct link_name *lp)
{
/* FIXME: selinux, ACL, Extended Attributes needed? */
@@ -679,6 +693,7 @@
* Return 0 on success, -1 on error.
*/
static int copy_special (const char *src, const char *dst,
+ bool reset_selinux,
const struct stat *statp, const struct timeval mt[],
uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid)
@@ -705,7 +720,7 @@
* file systems with and without ACL support needs some
* additional logic so that no unexpected permissions result.
*/
- || (attr_copy_file (src, dst, NULL, &ctx) != 0)
+ || (!reset_selinux && (attr_copy_file (src, dst, NULL, &ctx) != 0))
#endif /* WITH_ATTR */
|| (utimes (dst, mt) != 0)) {
err = -1;
@@ -725,6 +740,7 @@
* Return 0 on success, -1 on error.
*/
static int copy_file (const char *src, const char *dst,
+ bool reset_selinux,
const struct stat *statp, const struct timeval mt[],
uid_t old_uid, uid_t new_uid,
gid_t old_gid, gid_t new_gid)
@@ -759,7 +775,7 @@
* file systems with and without ACL support needs some
* additional logic so that no unexpected permissions result.
*/
- || (attr_copy_fd (src, ifd, dst, ofd, NULL, &ctx) != 0)
+ || (!reset_selinux && (attr_copy_fd (src, ifd, dst, ofd, NULL, &ctx) != 0))
#endif /* WITH_ATTR */
) {
(void) close (ifd);
Modified: upstream/trunk/src/useradd.c
===================================================================
--- upstream/trunk/src/useradd.c 2010-08-21 16:51:53 UTC (rev 3225)
+++ upstream/trunk/src/useradd.c 2010-08-21 17:31:45 UTC (rev 3226)
@@ -2037,7 +2037,7 @@
if (mflg) {
create_home ();
if (home_added) {
- copy_tree (def_template, user_home, false,
+ copy_tree (def_template, user_home, false, false,
(uid_t)-1, user_id, (gid_t)-1, user_gid);
} else {
fprintf (stderr,
Modified: upstream/trunk/src/usermod.c
===================================================================
--- upstream/trunk/src/usermod.c 2010-08-21 16:51:53 UTC (rev 3225)
+++ upstream/trunk/src/usermod.c 2010-08-21 17:31:45 UTC (rev 3226)
@@ -1444,6 +1444,7 @@
} else {
if (EXDEV == errno) {
if (copy_tree (user_home, user_newhome, true,
+ true,
user_id,
uflg ? user_newid : (uid_t)-1,
user_gid,
More information about the Pkg-shadow-commits
mailing list