Re: does mv need a --context=CTX (-Z) option, too?

[James Antill <jantill@redhat.com>]

[-- Attachment #1: Type: text/plain, Size: 2271 bytes --]

On Thu, 2006-08-10 at 17:15 +0200, Jim Meyering wrote:
> kmacmillan@mentalrootkit.com wrote:
> > On Thu, 10 Aug 2006, Jim Meyering wrote:
> >
> >> It might make sense to add a --context=CTX (-Z) option to mv.  Currently,
> >> cp, install, mkdir, mknod, mkfifo all have that option, but not mv.
> >> Most of the time, mv would have no need, since it simply calls rename.
> >> But when that fails, it reverts to using the very same copying code
> >> (copy.c) that cp uses.  It is trivial to add this option to mv, with the
> >> understanding that it'd take effect solely for e.g., cross-device moves.
> >> I.e., if you want to simulate a cross device move, you'd have to use
> >> cp -pr and rm -rf, so if it makes sense for cp to have the --context=CTX
> >> (-Z) option, then it follows that mv must accept it as well.
> >>
> >
> > I think that mv should have that option. Actually, I think that the more
> > pressing option is --preserve so that users can simulate the rename case
> > across devices.
> 
> Why would mv need a new --preserve option?
> mv already tries to preserve as much as possible when
> performing any cross-device copy.

 Then, IMO, it should preserve xattrs and SELinux context by default
too. It already seems to try and do ACLs (although it's a bit
weird[1]) ... so this seems natural. I really wouldn't want to explain
what a mv -Z call did to someone.

> Admittedly, mv doesn't fail if it cannot preserve some attribute,
> but that's a POSIX requirement (cp -p *does*).  Maybe you'd like
> --preserve to change that?  I added a comment suggesting
> just such a change years ago.  From coreutils/src/mv.c:
>   x->require_preserve = false;  /* FIXME: maybe make this an option */
> but no one has been motivated to do that.
> SELinux might be the necessary prod.

 That might be useful, esp. with ACLs and SELinux context.


[1] strace shows:

getxattr("/boot/james/abcd", "system.posix_acl_access", 0xbfdbd580, 132) = -1 EOPNOTSUPP (Operation not supported)
setxattr("./abcd", "system.posix_acl_access", "\x02\x00\x00\x00\x01\x00\x06\x00\xff\xff\xff\xff\x04\x00\x04\x00\xff\xff\xff\xff \x00\x04\x00\xff\xff\xff\xff", 28, 0) = 0

...which is pretty surprising.

-- 
James Antill <jantill@redhat.com>

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]