Displaying 10 results from an estimated 10 matches for "do_selinux_relabel".
2017 Mar 20
2
[PATCH] daemon: selinux: Add setfiles -vv flags when verbose.
...put) when we are not verbose.
---
daemon/selinux-relabel.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c
index 2f48ee6..e7da42d 100644
--- a/daemon/selinux-relabel.c
+++ b/daemon/selinux-relabel.c
@@ -112,8 +112,11 @@ do_selinux_relabel (const char *specfile, const char *path,
ADD_ARG (argv, i, sysroot);
}
- /* Suppress non-error output. */
- ADD_ARG (argv, i, "-q");
+ if (verbose)
+ ADD_ARG (argv, i, "-vv");
+ else
+ /* Suppress non-error output. */
+ ADD_ARG (argv, i, "-q");...
2017 Mar 20
2
[PATCH] daemon: selinux: Add setfiles -m option to suppress extra excludes (RHBZ#1433577).
...(flag == -1) {
+ ignore_value (command (NULL, &err, str_setfiles, "-m", NULL));
+ flag = err && strstr (err, /* "invalid option -- " */ "'m'") == NULL;
+ }
+
+ return flag;
+}
+
/* Takes optional arguments, consult optargs_bitmask. */
int
do_selinux_relabel (const char *specfile, const char *path,
@@ -83,6 +99,13 @@ do_selinux_relabel (const char *specfile, const char *path,
ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux);
ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_sys);
+ /* You have to use the -m option (where av...
2016 Sep 09
2
[PATCH] daemon: Use reply_with_error instead of *_perror for setfiles command.
...205f1c284a69390907120ca44f5c723fecc244.
---
daemon/selinux-relabel.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c
index daafe9e..cfc4cf8 100644
--- a/daemon/selinux-relabel.c
+++ b/daemon/selinux-relabel.c
@@ -92,7 +92,7 @@ do_selinux_relabel (const char *specfile, const char *path,
ADD_ARG (argv, i, NULL);
if (commandv (NULL, &err, argv) == -1) {
- reply_with_perror ("%s", err);
+ reply_with_error ("%s", err);
return -1;
}
--
2.7.4
2017 Mar 21
0
Re: [PATCH] daemon: selinux: Add setfiles -vv flags when verbose.
...daemon/selinux-relabel.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c
> index 2f48ee6..e7da42d 100644
> --- a/daemon/selinux-relabel.c
> +++ b/daemon/selinux-relabel.c
> @@ -112,8 +112,11 @@ do_selinux_relabel (const char *specfile, const char *path,
> ADD_ARG (argv, i, sysroot);
> }
>
> - /* Suppress non-error output. */
> - ADD_ARG (argv, i, "-q");
> + if (verbose)
> + ADD_ARG (argv, i, "-vv");
> + else
> + /* Suppress non-error output....
2014 May 26
2
[PATCH 2/2] Use setfiles from the appliance for the SELinux relabel (RHBZ#1089100).
...UX_H
#include <selinux/selinux.h>
@@ -31,6 +33,8 @@
#include "actions.h"
#include "optgroups.h"
+GUESTFSD_EXT_CMD(str_setfiles, setfiles);
+
#if defined(HAVE_LIBSELINUX)
int
@@ -92,28 +96,188 @@ OPTGROUP_SELINUX_NOT_AVAILABLE
#endif /* !HAVE_LIBSELINUX */
int
-do_selinux_relabel (const char *root)
+optgroup_selinuxtools_available (void)
+{
+ return prog_exists (str_setfiles);
+}
+
+#define SELINUXTYPE "SELINUXTYPE"
+
+static int
+has_selinux_mountpoint (void)
+{
+ static int has_mp = -1;
+ if (has_mp == -1) {
+ struct stat sb;
+ dev_t root_dev;
+
+ if...
2014 May 24
9
SELinux relabel API
[
I realized that we were discussing adding this feature, in various
private email, IRC, and this long bugzilla thread:
https://bugzilla.redhat.com/show_bug.cgi?id=1060423
That's not how we should do things. Let's discuss it on the
mailing list.
]
One thing that virt-customize/virt-sysprep/virt-builder have to do is
relabel SELinux guests.
What we do at the moment
2017 Jul 27
0
[PATCH v2] daemon: Remove GUESTFSD_EXT_CMD.
...ore_value (command (NULL, &err, str_setfiles, "-m", NULL));
+ ignore_value (command (NULL, &err, "setfiles", "-m", NULL));
flag = err && strstr (err, /* "invalid option -- " */ "'m'") == NULL;
}
@@ -86,7 +84,7 @@ do_selinux_relabel (const char *specfile, const char *path,
* observations to the bug report:
* https://bugzilla.redhat.com/show_bug.cgi?id=1396297
*/
- ADD_ARG (argv, i, str_setfiles);
+ ADD_ARG (argv, i, "setfiles");
if (force)
ADD_ARG (argv, i, "-F");
diff --git a/daemon...
2017 Jul 24
0
[PATCH 2/2] daemon: Replace GUESTFSD_EXT_CMD with --print-external-commands.
...ore_value (command (NULL, &err, str_setfiles, "-m", NULL));
+ ignore_value (command (NULL, &err, "setfiles", "-m", NULL));
flag = err && strstr (err, /* "invalid option -- " */ "'m'") == NULL;
}
@@ -86,7 +86,7 @@ do_selinux_relabel (const char *specfile, const char *path,
* observations to the bug report:
* https://bugzilla.redhat.com/show_bug.cgi?id=1396297
*/
- ADD_ARG (argv, i, str_setfiles);
+ ADD_ARG (argv, i, "setfiles");
if (force)
ADD_ARG (argv, i, "-F");
diff --git a/daemon...
2017 Jul 27
3
[PATCH v2] daemon: Remove GUESTFSD_EXT_CMD.
This is a simpler patch that removes GUESTFSD_EXT_CMD completely.
2017 Jul 24
6
[PATCH 0/2] daemon: Replace GUESTFSD_EXT_CMD with --print-external-commands.
Replace GUESTFSD_EXT_CMD with a command line option
‘./guestfsd --print-external-commands’