diff options
author | Nicolas Iooss | 2017-08-14 21:27:28 +0200 |
---|---|---|
committer | Nicolas Iooss | 2017-08-14 21:32:07 +0200 |
commit | 1427658177e989137cc89720b30618dd5efcc7d4 (patch) | |
tree | 7310e0c025d458286ea8825d394cf8e127f8ab63 | |
parent | 03b752d1a8547bb844cf1048ee9dba18e7aed471 (diff) | |
download | aur-1427658177e989137cc89720b30618dd5efcc7d4.tar.gz |
selinux-alpm-hook 0.1-3 update
Call restorecon in batches in order to improve performance. It it not
possible to pipe the list of package files into "| xargs restorecon -F"
because restorecon could fail sometimes (for example when there is an
invalid file on the filesystem which makes calls to getxattr() fail).
Implement a simple filter as a while loop which sanitizes the list of
packages files before running restorecon on it, in batches handled by
xargs.
-rw-r--r-- | .SRCINFO | 4 | ||||
-rw-r--r-- | PKGBUILD | 4 | ||||
-rwxr-xr-x | selinux-alpm-hook | 7 |
3 files changed, 8 insertions, 7 deletions
@@ -1,7 +1,7 @@ pkgbase = selinux-alpm-hook pkgdesc = SELinux ALPM hook pkgver = 0.1 - pkgrel = 2 + pkgrel = 3 url = https://github.com/archlinuxhardened/selinux arch = any groups = selinux @@ -10,7 +10,7 @@ pkgbase = selinux-alpm-hook source = relabel-selinux.hook source = selinux-alpm-hook sha256sums = 4df844a89a50fe1caebe0cb92fc925b3dedf7a1a8258eef53f0dd328c1cc089e - sha256sums = 61df36242f62a8434756d96fd6639f0fbdea9a4bb64f0d6c3a673e64546bc5d7 + sha256sums = c85dbba69b776fbbc5f6886eb3e89406de9237f935a295f7c49d6696ea275187 pkgname = selinux-alpm-hook @@ -2,7 +2,7 @@ pkgname=selinux-alpm-hook pkgver=0.1 -pkgrel=2 +pkgrel=3 pkgdesc="SELinux ALPM hook" arch=('any') url="https://github.com/archlinuxhardened/selinux" @@ -12,7 +12,7 @@ depends=('policycoreutils') source=('relabel-selinux.hook' 'selinux-alpm-hook') sha256sums=('4df844a89a50fe1caebe0cb92fc925b3dedf7a1a8258eef53f0dd328c1cc089e' - '61df36242f62a8434756d96fd6639f0fbdea9a4bb64f0d6c3a673e64546bc5d7') + 'c85dbba69b776fbbc5f6886eb3e89406de9237f935a295f7c49d6696ea275187') package() { cd "${srcdir}" diff --git a/selinux-alpm-hook b/selinux-alpm-hook index 15abf73bd858..9ac5b060753f 100755 --- a/selinux-alpm-hook +++ b/selinux-alpm-hook @@ -22,12 +22,13 @@ fi echo 'Relabeling package files...' while read -r FILE; do if [ -e "$FILE" ] || [ -L "$FILE" ] ; then - /usr/bin/restorecon -F "$FILE" || die "Error while relabeling $FILE" + # Transmit existing files to restorecon + printf '%s\0' "$FILE" else # Only show a warning when a file does not exist as this is not fatal - echo "Ugh, an installed file does not exist: $FILE" + echo >&2 "Ugh, an installed file does not exist: $FILE" fi -done +done | xargs -0 /usr/bin/restorecon -F || die "Error while relabeling files" # The install hooks of packages create files which got labelled with the wrong SELinux user # (e.g. sysadm_u instead of system_u). Relabel all these files too. |