On Sat Mar 10 02:45:22 2012, Russell Coker wrote:
On Sat, 10 Mar 2012, Martin Orr <mar...@martinorr.name> wrote:
So far as I can see, restorecon 2.1.10 exits with status 1 if it
changed the context of any files and 0 if not.
I bisected this to upstream commit 17c577ac where it appears to be a
mistake: process_one_realpath returns 1 if it changed the context, 0
if it did not, and something negative if an error occurred. But the
check for the return value being negative became a check for it being
non-zero. I will write a patch this weekend.
I've attached the patch that I wrote for this independently of the work that
you are doing.
Probably just rolling back the patch would be best, but I'll leave that for
you to determine.
It appears that the positive return value from process_one_realpath is
needed for restorecond. Reverting 17c577ac would remove the ability
of restorecon to handle globs by itself (according to Dan Walsh, this
is useful if you supply the list of files in the input instead of on
the command line). I attach my own patch.
Sorry for the delay, I wrote this a few days ago but got sick and didn't send
it anywhere.
Also some help with the init script issue on upgrade would be good.
Is this about the init script being renamed? I have not seen that
causing any problems on upgrade, only on downgrade which shouldn't
need to be supported.
--
Martin Orr
diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c
index 9a7d315..9176790 100644
--- a/policycoreutils/setfiles/restore.c
+++ b/policycoreutils/setfiles/restore.c
@@ -341,7 +341,9 @@ int process_glob(char *name, int recurse) {
continue;
if (len > 0 && strcmp(&globbuf.gl_pathv[i][len], "/..") == 0)
continue;
- errors |= process_one_realpath(globbuf.gl_pathv[i], recurse);
+ int rc = process_one_realpath(globbuf.gl_pathv[i], recurse);
+ if (rc < 0)
+ errors = rc;
}
globfree(&globbuf);
return errors;
diff --git a/policycoreutils/setfiles/setfiles.c b/policycoreutils/setfiles/setfiles.c
index fa0cd6a..8d2eadf 100644
--- a/policycoreutils/setfiles/setfiles.c
+++ b/policycoreutils/setfiles/setfiles.c
@@ -409,7 +409,7 @@ int main(int argc, char **argv)
buf[len - 1] = 0;
if (!strcmp(buf, "/"))
mass_relabel = 1;
- errors |= process_glob(buf, recurse);
+ errors |= process_glob(buf, recurse) < 0;
}
if (strcmp(input_filename, "-") != 0)
fclose(f);
@@ -418,7 +418,7 @@ int main(int argc, char **argv)
if (!strcmp(argv[i], "/"))
mass_relabel = 1;
- errors |= process_glob(argv[i], recurse);
+ errors |= process_glob(argv[i], recurse) < 0;
}
}
