From: James Antill <jantill@redhat.com>
To: Jim Meyering <jim@meyering.net>
Cc: SE Linux <selinux@tycho.nsa.gov>
Subject: Re: We currently have a problem with cp -a /media/cdrom /etc
Date: Mon, 15 Jan 2007 00:16:37 -0500 [thread overview]
Message-ID: <1168838197.25232.9.camel@code.and.org> (raw)
In-Reply-To: <873b6ffdi6.fsf@rho.meyering.net>
[-- Attachment #1: Type: text/plain, Size: 1268 bytes --]
On Sat, 2007-01-13 at 11:05 +0100, Jim Meyering wrote:
> Isn't that fsetfilecon call useful, since your example must
> also handle an existing destination file?
Ahh, I see. I'd somehow missed the if check before the ifdef, or not
parsed what it meant.
Note that this does mean that:
% echo me > uid
% sudo touch ouid_r ouid_w
% sudo chmod o+w ouid_w
% cp -a uid ouid_r
cp: cannot create regular file `ouid_r': Permission denied
zsh: 25994 exit 1 cp -a uid ouid_r
% cp -a uid ouid_w
zsh: 25995 exit 1 cp -a uid ouid_w
> This is a good opportunity to ask about an old note I made:
> - is it worthwhile to check for getfscreatecon failure?
> The documentation says it can fail, but not how.
> Even it's truly a "can't happen" condition now, that might change.
IIRC it:
open's /proc/self/task/$$/attr/fscreate
reads the data
malloc's the correct length for the result and copies.
...either of these three operations can fail.
> I presume the lack of a diagnostic for failed fsetfilecon
> is just an oversight.
Yeh, probably the test case above wasn't obvious so it was hard to
test.
So any ideas on how to make cp do the right thing in all cases ?:)
--
James Antill <jantill@redhat.com>
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2007-01-15 5:15 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-12 18:46 We currently have a problem with cp -a /media/cdrom /etc Daniel J Walsh
2007-01-12 18:55 ` Stephen Smalley
2007-01-12 20:10 ` James Antill
2007-01-12 20:24 ` Stephen Smalley
2007-01-12 20:29 ` Stephen Smalley
2007-01-12 22:29 ` Casey Schaufler
2007-01-13 9:13 ` Russell Coker
2007-01-13 20:01 ` Casey Schaufler
2007-01-12 21:15 ` James Antill
2007-01-12 21:19 ` Stephen Smalley
2007-01-13 10:05 ` Jim Meyering
2007-01-15 5:16 ` James Antill [this message]
2007-01-15 7:54 ` Jim Meyering
2007-01-16 13:33 ` Stephen Smalley
2007-01-13 10:55 ` Russell Coker
2007-01-12 21:01 ` Stephen Smalley
2007-01-12 21:29 ` Jim Meyering
2007-01-12 21:19 ` Jim Meyering
2007-01-12 21:21 ` Stephen Smalley
2007-01-12 21:47 ` Jim Meyering
2007-01-12 21:56 ` Stephen Smalley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1168838197.25232.9.camel@code.and.org \
--to=jantill@redhat.com \
--cc=jim@meyering.net \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.