[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Acl-devel] [PATCH 2/2] Suppress error messages when copying security.im
|
From: |
Stefan Berger |
|
Subject: |
[Acl-devel] [PATCH 2/2] Suppress error messages when copying security.ima fails |
|
Date: |
Tue, 25 Oct 2016 13:36:35 -0400 |
From: Stefan Berger <address@hidden>
The security.ima extended attribute may be copied when it contains
a digital signature. In case it is a hash, the copying will fail
and we suppress the error message in that case.
Signed-off-by: Stefan Berger <address@hidden>
---
libattr/attr_copy_fd.c | 4 +++-
libattr/attr_copy_file.c | 4 +++-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/libattr/attr_copy_fd.c b/libattr/attr_copy_fd.c
index af237c9..515a2fb 100644
--- a/libattr/attr_copy_fd.c
+++ b/libattr/attr_copy_fd.c
@@ -139,7 +139,9 @@ attr_copy_fd(const char *src_path, int src_fd,
if (fsetxattr (dst_fd, name, value, size, 0) != 0) {
if (errno == ENOTSUP)
setxattr_ENOTSUP++;
- else {
+ else if (!strcmp(name, "security.ima")) {
+ /* security.ima may not be copyable if it's a
hash */
+ } else {
const char *qpath = quote (ctx, dst_path);
if (errno == ENOSYS) {
diff --git a/libattr/attr_copy_file.c b/libattr/attr_copy_file.c
index 6cd8f81..fa38653 100644
--- a/libattr/attr_copy_file.c
+++ b/libattr/attr_copy_file.c
@@ -137,7 +137,9 @@ attr_copy_file(const char *src_path, const char *dst_path,
if (lsetxattr (dst_path, name, value, size, 0) != 0) {
if (errno == ENOTSUP)
setxattr_ENOTSUP++;
- else {
+ else if (!strcmp(name, "security.ima")) {
+ /* security.ima may not be copyable if it's a
hash */
+ } else {
const char *qpath = quote (ctx, dst_path);
if (errno == ENOSYS) {
error (ctx, _("setting attributes for "
--
2.7.0