[Pkg-shadow-devel] packaging next 4.1.3
Nicolas François
nicolas.francois at centraliens.net
Wed Apr 15 00:20:43 UTC 2009
On Tue, Apr 14, 2009 at 11:40:10AM +0200, pvrabec at redhat.com wrote:
> On Saturday 11 April 2009 08:51:48 pm Nicolas François wrote:
> >
> > * You added setfscreatecon (NULL) in copy_tree() (libmisc/copydir.c).
> > Do you think it would be better to just call selinux_file_context() in
> > copy_tree() or shall we also call setfscreatecon (NULL) from each of
> > the copy_*() functions.
> I would say that we can call selinux_file_context() from copy_tree().
There's still some points I do not get.
selinux_file_context(<path>) set the default context to the context of
<path>.
in copy_tree() (in the sub copy*), selinux_file_context is called with the
destination path. The destination should not exist, so this should use the
default context of the system for this path.
(Note regarding the above question: The context may depend on the
path, so the selinux_file_context has to be called in each copy_*()
function)
It's not clear to me if copy_tree should reset the context of each file of
the copied tree to the default context of the system (for this path), or
if the context of each file should be copied.
My guess would have been for the second, but the first one is implemented.
Best Regards,
--
Nekral
More information about the Pkg-shadow-devel
mailing list