1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
From 3e7a91463476d5f0a98a59b52d9b808629c7ab25 Mon Sep 17 00:00:00 2001
From: Nicolas Iooss <nicolas.iooss_git@m4x.org>
Date: Sat, 18 Jan 2014 13:57:31 +0100
Subject: [PATCH 1/2] copy: fix SELinux context preservation for existing
directories
Apply upstream fix on src/copy.c
http://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=243128dbf0293be7b170dd47c8dbf3ed1834c093
---
src/copy.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/src/copy.c b/src/copy.c
index 0f044d0..2572f3f 100644
--- a/src/copy.c
+++ b/src/copy.c
@@ -2408,6 +2408,17 @@ copy_internal (char const *src_name, char const *dst_name,
else
{
omitted_permissions = 0;
+
+ /* For directories, the process global context could be reset for
+ descendents, so use it to set the context for existing dirs here.
+ This will also give earlier indication of failure to set ctx. */
+ if (x->set_security_context || x->preserve_security_context)
+ if (! set_file_security_ctx (dst_name, x->preserve_security_context,
+ false, x))
+ {
+ if (x->require_preserve_context)
+ goto un_backup;
+ }
}
/* Decide whether to copy the contents of the directory. */
@@ -2598,7 +2609,7 @@ copy_internal (char const *src_name, char const *dst_name,
/* With -Z or --preserve=context, set the context for existing files.
Note this is done already for copy_reg() for reasons described therein. */
- if (!new_dst && !x->copy_as_regular
+ if (!new_dst && !x->copy_as_regular && !S_ISDIR (src_mode)
&& (x->set_security_context || x->preserve_security_context))
{
if (! set_file_security_ctx (dst_name, x->preserve_security_context,
--
1.8.5.3
|