[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
sed suggestion: selinux context based on symlink when using -i
|
From: |
Jakub Martisko |
|
Subject: |
sed suggestion: selinux context based on symlink when using -i |
|
Date: |
Wed, 11 Jan 2017 09:19:09 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 |
First of all, congratulations and thanks for the GNU sed 4.3
release.
Now to the main topic. There was a suggestion (see the
discussion in [1]) to change how the sed handles the selinux
context when working with symlinked files when using the -i
option. It was suggested that the context should be based on
the link instead of the target file itself. Patch that
changes this behavior was also proposed and is attached to
this message. Any thoughts about this suggestion?
Regards,
Jakub
P.S. I hope that his is a correct list where to post this.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1401442
>From 4e77e211fec75a97c195a53bf825532bb6f2e82f Mon Sep 17 00:00:00 2001
From: Jakub Martisko <address@hidden>
Date: Tue, 10 Jan 2017 10:20:08 +0100
Subject: [PATCH] sed: set the selinux context based on the symlink when using
-i
* sed/execute.c: use lgetfilecon instead of getfilecon when checking
for the current selinux context when working inplace
Change provided by Petr Lautrbach
---
sed/execute.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sed/execute.c b/sed/execute.c
index 2302a1e..e0efa95 100644
--- a/sed/execute.c
+++ b/sed/execute.c
@@ -607,7 +607,7 @@ open_next_file(const char *name, struct input *input)
if (is_selinux_enabled () > 0)
{
security_context_t con;
- if (getfilecon (input->in_file_name, &con) != -1)
+ if (lgetfilecon (input->in_file_name, &con) != -1)
{
/* Save and restore the old context for the sake of w and W
commands. */
--
2.7.4
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- sed suggestion: selinux context based on symlink when using -i,
Jakub Martisko <=