[Selinux-commits] SF.net SVN: selinux: [2460] trunk/policycoreutils/setfiles/setfiles.c

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 2460
          http://svn.sourceforge.net/selinux/?rev=2460&view=rev
Author:   ssmalley
Date:     2007-06-05 06:59:27 -0700 (Tue, 05 Jun 2007)

Log Message:
-----------
Author: Yuichi Nakamura
Email: yn...@hi...
Subject: Bug in restorecon
Date: Tue, 5 Jun 2007 09:20:55 +0900

On Mon, 04 Jun 2007 09:28:44 -0400
Stephen Smalley wrote:
> On Mon, 2007-06-04 at 03:18 +0900, Yuichi Nakamura wrote:
> In that case, why have 'fullname' vs. 'name' at all?  Just directly
> manipulate name and use it throughout.
fullname is unnecessary, so removed.

> Make sure that setfiles -r /path/to/altroot
> file_contexts /path/to/altroot still works as expected, e.g.
> labels /path/to/altroot/etc/shadow with the label of /etc/shadow in
> policy.
I tested, 
"touch /altroot/etc/shadow, setfiles -r /altroot"
then /altroot/etc/shadow was labeled as same label for /etc/shadow.

Please see below patch.

Modified Paths:
--------------
    trunk/policycoreutils/setfiles/setfiles.c

Modified: trunk/policycoreutils/setfiles/setfiles.c
===================================================================

--- trunk/policycoreutils/setfiles/setfiles.c	2007-06-05 13:55:56 UTC (rev 2459)
+++ trunk/policycoreutils/setfiles/setfiles.c	2007-06-05 13:59:27 UTC (rev 2460)
@@ -146,20 +146,19 @@
 int match(const char *name, struct stat *sb, char **con)
 {
 	int ret;
-	const char *fullname = name;
 	char path[PATH_MAX + 1];
 
 	if (excludeCtr > 0) {
-		if (exclude(fullname)) {
+		if (exclude(name)) {
 			return -1;
 		}
 	}
-	ret = lstat(fullname, sb);
+	ret = lstat(name, sb);
 	if (ret) {
 		if (ignore_enoent && errno == ENOENT)
 			return 0;
 		fprintf(stderr, "%s:  unable to stat file %s: %s\n", progname,
-			fullname, strerror(errno));
+			name, strerror(errno));
 		return -1;
 	}
 
@@ -168,12 +167,12 @@
 			if (verbose > 1)
 				fprintf(stderr,
 					"Warning! %s refers to a symbolic link, not following last component.\n",
-					fullname);
+					name);
 			char *p = NULL, *file_sep;
-			char *tmp_path = strdupa(fullname);
+			char *tmp_path = strdupa(name);
 			size_t len = 0;
 			if (!tmp_path) {
-				fprintf(stderr, "strdupa on %s failed:  %s\n", fullname,
+				fprintf(stderr, "strdupa on %s failed:  %s\n", name,
 					strerror(errno));
 				return -1;
 			}
@@ -192,7 +191,7 @@
 			if (p)
 				len = strlen(p);
 			if (!p || len + strlen(file_sep) + 2 > PATH_MAX) {
-				fprintf(stderr, "realpath(%s) failed %s\n", fullname,
+				fprintf(stderr, "realpath(%s) failed %s\n", name,
 					strerror(errno));
 				return -1;
 			}
@@ -203,25 +202,23 @@
 				p++;
 			}
 			strcpy(p, file_sep);
-			fullname = path;
-			if (excludeCtr > 0 && exclude(fullname))
+			name = path;
+			if (excludeCtr > 0 && exclude(name))
 				return -1;
 		} else {
 			char *p;
-			p = realpath(fullname, path);
+			p = realpath(name, path);
 			if (!p) {
-				fprintf(stderr, "realpath(%s) failed %s\n", fullname,
+				fprintf(stderr, "realpath(%s) failed %s\n", name,
 					strerror(errno));
 				return -1;
 			}
-			fullname = p;
-			if (excludeCtr > 0 && exclude(fullname))
+			name = p;
+			if (excludeCtr > 0 && exclude(name))
 				return -1;
 		}
 	}
 
-	/* fullname will be the real file that gets labeled
-	 * name will be what is matched in the policy */
 	if (NULL != rootpath) {
 		if (0 != strncmp(rootpath, name, rootpathlen)) {
 			fprintf(stderr, "%s:  %s is not located in %s\n",


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


