[PATCH] policycoreutils: fixfiles: failure to create /.autorelabel is fatal

Fix the following ambiguous output (from booting with init=/bin/sh): # /usr/sbin/fixfiles onboot /usr/sbin/fixfiles: line 313: /.autorelabel: Read-only file system /usr/sbin/fixfiles: line 317: /.autorelabel: Read-only file system System will relabel on next boot System will not

Re: [PATCH 01/10] policycoreutils: fixfiles: tidy up usage(), manpage synopsis

On 09/05/17 19:28, James Carter wrote: We normally add a "signed-off-by" line to patches. Can I add "Signed-off-by: Alan Jenkins <alan.christopher.jenk...@gmail.com>" to your patches? Jim Please do. Sorry, it looks like I forgot about that after the first few I

[PATCH 08/10] policycoreutils: fixfiles: remove bad modes of "relabel" command

* `fixfiles -B relabel` or `fixfiles -C previouscontext relabel` would skip the code that handles e.g. `/var/tmp`, which would be run by `fixfiles relabel`. It would still remove all files in /tmp (subject to user confirmation). This is confusing, undocumented, and unlikely to be

[PATCH 06/10] policycoreutils: fixfiles: refactor into the `set -u` dialect

This commit allows the use of `set -u` to detect reads of unset variables. But what I really liked was making the code more explicit about these modes. I hope that this is easier for a new reader to reason about. `fixfiles restore` has accumulated five different modes it can run in. Now use a

[PATCH 10/10] policycoreutils: fixfiles: use a consistent order for options to restorecon

It helps see the differences (hopefully there are only intended differences now!). --- policycoreutils/scripts/fixfiles | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles index cff..0a4 100755 ---

[PATCH 02/10] policycoreutils: fixfiles: remove two unused variables

DIRS was suspicious because you can't store file names in a normal variable, and it's not that common to use arrays in bash. It's not actually used. While we're here, there's another variable which is never used and should just be removed. (Pointed out by `shellcheck`. It makes a couple of

[PATCH 09/10] policycoreutils: fixfiles: don't ignore `-F` when run in `-C` mode

This was supposedly fixed in 2009. http://selinux.fedoraproject.narkive.com/ZskMsNrx/fixfiles-f-option `-F` was mentioned again in 2013 (commit 2910ca21). It doesn't look like `-F -C` was fixed though. --- policycoreutils/scripts/fixfiles | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

[PATCH 01/10] policycoreutils: fixfiles: tidy up usage(), manpage synopsis

Make sure usage() in fixfiles shows all the current options. It's printed when there's a user error, so it needs to be helpful! (Excluding the deprecated option - see below). manpage: Remove the deprecated option `-l logfile`. Add missing space in `restore|[-f] relabel`. It's not clear why

[PATCH 07/10] policycoreutils: fixfiles: un-document `-R -a` option

`fixfiles -R -a` is much less useful than it was made to sound, because -R now works recursively. Therefore `fixfiles -R -a` relabels every file on the system, multiple times. On my system it took over 5 times as long as plain `fixfiles` (which takes about a minute). ---

[PATCH 03/10] policycoreutils: fixfiles: syntax error

$ shellcheck fixfiles ... In fixfiles line 94: [[ "${i}" =~ "^[[:blank:]]*#" ]] && continue ^-- SC2076: Don't quote rhs of =~, it'll match literally rather than as a regex. --- policycoreutils/scripts/fixfiles | 2 +- 1 file

[PATCH 05/10] policycoreutils: fixfiles: if restorecon aborts, we should too

New users may try something like `fixfiles restore -v /dir/file` - not realizing they are required to use `fixfiles -v restore /dir/file`. Detect that `restorecon` aborts due to being run on the non-existent file `-v`, and stop immediately. This will show the error much more clearly, instead of

[PATCH 04/10] policycoreutils: fixfiles: usage errors are fatal

The idea is to print a usage error, then terminate with EXIT_FAILURE. Don't print the usage error twice when run with no command. Don't try to check for bogus extra arguments _after_ performing a long-running operation... particularly if that operation terminates the script with EXIT_SUCCESS

[PATCH 2/6] policycoreutils: fixfiles: remove (broken) redundant code

setfiles is now run with $exclude_dirs. We shouldn't need to patch the file contexts as well. This is fortunate, since the file context patching code was broken (by the same commit which introduced the redundancy). It takes the list of directories to exclude from $tempdirs, but $tempdirs is

[PATCH 6/6] policycoreutils: fixfiles: deprecate -l option

...and write log messages to standard output. Some versions of fixfiles in 2004 created a logfile by default. Apparently they also used `tee` to log to standard output at the same time. We're also told that the logfile was implemented because there was too much output generated for use on a tty,

[PATCH 1/6] Revert "policycoreutils: let output of `fixfiles` be redirected (as normal)"

This reverts commit ac7899fc3ad6221e195dd13cdf14b346897314ae, which is not yet part of an officially tagged release (or release candidate). `LOGFILE=/proc/self/fd/1` was wrong. `LOGFILE=$(tty)` was being relied on in one case (exclude_dirs), to log messages from a function run specifically with

[PATCH 3/6] policycoreutils: fixfiles: clarify exclude_dirs()

The usage of exclude_dirs() is non-obvious. It turns out it is only used by the `-C` mode of fixfiles. The other four modes use the narrower list generated by exclude_dirs_from_relabelling(). Let's make this distinction more obvious. (The purpose of the extra exclusions is not clear. E.g.

[PATCH 5/6] policycoreutils: fixfiles: move logit call outside of redirected function

Move call to logit() outside a function which has its output redirected. See next commit for explanation. The logit calls are moved into a new function LogExcluded(), similar to LogReadOnly(). I don't see a pretty way to resolve this, so I just went for the most explicit approach I could think

Re: [PATCH] libsemanage: remove lock files

*expands thread Sorry, I see this has already been addressed. On 24/04/17 13:06, Alan Jenkins wrote: On 20/04/17 15:38, Guido Trentalancia wrote: Remove semanage read and transaction lock files upon releasing them. What prevents this sequence? A release lock B acquire lock A unlink lock

Re: [PATCH] libsemanage: remove lock files

On 20/04/17 15:38, Guido Trentalancia wrote: Remove semanage read and transaction lock files upon releasing them. What prevents this sequence? A release lock B acquire lock A unlink lock file C create lock file C acquire lock Signed-off-by: Guido Trentalancia

[PATCH 1/3] policycoreutils/setfiles: stdout messages don't need program prefix

where there are error messages - the prefix will make them stand out visually. Signed-off-by: Alan Jenkins <alan.christopher.jenk...@gmail.com> --- policycoreutils/setfiles/setfiles.c | 10 -- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/policycoreutils/setfiles/setfile

[PATCH 2/3] policycoreutils/setfiles: don't scramble stdout and stderr together

https://bugzilla.redhat.com/show_bug.cgi?id=1435894 When output to a non-tty (as caused by the implementation of fixfiles), stdout is fully buffered. stdout should be flushed before writes to stderr. See e.g. https://news.ycombinator.com/item?id=1271015 Signed-off-by: Alan Jenkins

[PATCH 3/3] policycoreutils: fixfiles: remove useless use of cat

backspace characters on non-TTY outputs. Signed-off-by: Alan Jenkins <alan.christopher.jenk...@gmail.com> --- policycoreutils/scripts/fixfiles | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles index

[PATCH 2/2] policycoreutils: fixfiles: handle unexpected spaces in command

I accidently ran `fixfiles "a b"` during testing. Let's fix this too. Before: /sbin/fixfiles: line 394: [: a: binary operator expected Usage: ... After: Usage: ... Signed-off-by: Alan Jenkins <alan.christopher.jenk...@gmail.com> --- policycoreutils/scrip

[PATCH 1/2] policycoreutils: fixfiles should handle path arguments more robustly

/fs/cgroup /sbin/restorecon: lstat(a b) failed: No such file or directory Signed-off-by: Alan Jenkins <alan.christopher.jenk...@gmail.com> --- policycoreutils/scripts/fixfiles | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/policycoreutils/scripts/fixfiles b/policyc

Re: [PATCH] setfiles: Fix setfiles progress indicator

s deprecated. This has now been made clear by > > displaying > > a message to stderr. > > > > The documentation has also been updated to reflect these changes. > > > > Reported-by: Alan Jenkins <alan.christopher.jenk...@gmail.com> > > Si

Re: [PATCH] libselinux: disable filespec hash table stats on non-debug builds

On 24/01/17 19:46, Stephen Smalley wrote: Disable generating filespec hash table stats on non-debug builds, as they are not useful information for users and cause fixfiles check to produce noisy output. Reported-by: Alan Jenkins <alan.christopher.jenk...@gmail.com> Signed-off-by: S

Re: [PATCH] policycoreutils/setfiles: set up a logging callback for libselinux

On 24/01/17 19:39, Stephen Smalley wrote: Define a logging callback for libselinux so that any informational or error messages generated by libselinux functions are properly prefixed with the program name and routed to the proper output stream. Makes sense. It's a shame it makes the info

Re: selinux post

derated lists. (Hmm...) On 23/01/17 15:09, Stephen Smalley wrote: > > On Mon, 2017-01-23 at 14:54 +, Alan Jenkins wrote: >> >> On 23/01/2017, Stephen Smalley <s...@tycho.nsa.gov> wrote: >>> >>> Hi, >>> >>> You attempte

[PATCH] policycoreutils: let output of `fixfiles` be redirected (as normal)

ls on /tmp". 3. `function logit` is retained, but the logfile is also written to outside this function. Implementing support for the system log would require another function which accepts piped input. Also see point 1. Signed-off-by: Alan Jenkins <alan.christopher.jenk...@gmail.co

Re: [PATCH] libselinux: selinux_restorecon: only log no default label warning for caller-supplied pathname

On 13/01/2017, Stephen Smalley wrote: > $ touch /tmp/foo > $ chcon -t etc_t /tmp/foo > $ restorecon /tmp/foo > Warning no default label for /tmp/foo > $ restorecon -R /tmp/foo > Warning no default label for /tmp/foo > $ restorecon -R /tmp Thanks again! restorecon works as

Re: [PATCH] restorecon manpage: link back to fixfiles

On 13/01/17 19:56, Alan Jenkins wrote: On 13/01/17 19:38, Stephen Smalley wrote: On Fri, 2017-01-13 at 13:29 -0500, Daniel J Walsh wrote: On 01/13/2017 10:27 AM, Stephen Smalley wrote: On Fri, 2017-01-13 at 09:48 -0500, Stephen Smalley wrote: On Thu, 2017-01-12 at 23:42 +, Alan Jenkins

Re: [PATCH] restorecon manpage: link back to fixfiles

On 13/01/17 19:38, Stephen Smalley wrote: On Fri, 2017-01-13 at 13:29 -0500, Daniel J Walsh wrote: On 01/13/2017 10:27 AM, Stephen Smalley wrote: On Fri, 2017-01-13 at 09:48 -0500, Stephen Smalley wrote: On Thu, 2017-01-12 at 23:42 +, Alan Jenkins wrote: My main puzzle here[*] is why

[PATCH] policycoreutils, python: Fix bad manpage formatting in "SEE ALSO"

wrong. .B selinux (8) commits both of the above mistakes. .BR selinux (8), apparmor (8) omits the space separating "selinux(8)," and "apparmor(8)", this is wrong. Correct all the above using the following markup: .BR selinux (8), .BR apparmor (8) Sig