diff options
| author | Nicolas Iooss | 2017-08-14 21:27:28 +0200 |
|---|---|---|
| committer | Nicolas Iooss | 2017-08-14 21:32:07 +0200 |
| commit | 1427658177e989137cc89720b30618dd5efcc7d4 (patch) | |
| tree | 7310e0c025d458286ea8825d394cf8e127f8ab63 /selinux-alpm-hook | |
| parent | 03b752d1a8547bb844cf1048ee9dba18e7aed471 (diff) | |
| download | aur-1427658177e989137cc89720b30618dd5efcc7d4.tar.gz | |
selinux-alpm-hook 0.1-3 update
Call restorecon in batches in order to improve performance. It it not
possible to pipe the list of package files into "| xargs restorecon -F"
because restorecon could fail sometimes (for example when there is an
invalid file on the filesystem which makes calls to getxattr() fail).
Implement a simple filter as a while loop which sanitizes the list of
packages files before running restorecon on it, in batches handled by
xargs.
Diffstat (limited to 'selinux-alpm-hook')
| -rwxr-xr-x | selinux-alpm-hook | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/selinux-alpm-hook b/selinux-alpm-hook index 15abf73bd858..9ac5b060753f 100755 --- a/selinux-alpm-hook +++ b/selinux-alpm-hook @@ -22,12 +22,13 @@ fi echo 'Relabeling package files...' while read -r FILE; do if [ -e "$FILE" ] || [ -L "$FILE" ] ; then - /usr/bin/restorecon -F "$FILE" || die "Error while relabeling $FILE" + # Transmit existing files to restorecon + printf '%s\0' "$FILE" else # Only show a warning when a file does not exist as this is not fatal - echo "Ugh, an installed file does not exist: $FILE" + echo >&2 "Ugh, an installed file does not exist: $FILE" fi -done +done | xargs -0 /usr/bin/restorecon -F || die "Error while relabeling files" # The install hooks of packages create files which got labelled with the wrong SELinux user # (e.g. sysadm_u instead of system_u). Relabel all these files too. |