| commit | 4ce7488e8d96080f18b518bcf6a6356e0c392dda | |
| author | Pádraig Brady <P@draigBrady.com> | |
| Thu, 21 May 2015 10:38:13 +0000 (21 11:38 +0100) | ||
| committer | Pádraig Brady <P@draigBrady.com> | |
| Sat, 23 May 2015 01:04:24 +0000 (23 02:04 +0100) | ||
| tree | d6ab80621d20c4eea51f817f105d68785434e789 | treesnapshot (tar.gz zip) |
| parent | b5f332cfe06956f972aa385b38a40d2a0c675d09 | commitdiff |
mkdir: fix -pZ with existing parent directories
When the parent directory exists and has a different
default context to the final directory, the context
was incorrectly left as that of the parent directory.
* src/mkdir.c (process_dir): Because defaultcon() is called for
existing ancestors (as it must be to avoid races), then we must
unconditionally call restorecon() on the last component due to
the already documented caveat with make_dir_parents().
Alternatively you could temp disable o->set_security_context
around make_dir_parents(), but that would be subject to races.
* tests (tests/mkdir/restorecon.sh): Add a TODO for improvement.
Reference mknod and mkfifo with print_ver_.
* NEWS: Mention the bug fix.
Fixes http://bugs.gnu.org/20616
When the parent directory exists and has a different
default context to the final directory, the context
was incorrectly left as that of the parent directory.
* src/mkdir.c (process_dir): Because defaultcon() is called for
existing ancestors (as it must be to avoid races), then we must
unconditionally call restorecon() on the last component due to
the already documented caveat with make_dir_parents().
Alternatively you could temp disable o->set_security_context
around make_dir_parents(), but that would be subject to races.
* tests (tests/mkdir/restorecon.sh): Add a TODO for improvement.
Reference mknod and mkfifo with print_ver_.
* NEWS: Mention the bug fix.
Fixes http://bugs.gnu.org/20616
| NEWS | diffblobblamehistory | |
| src/mkdir.c | diffblobblamehistory | |
| tests/mkdir/restorecon.sh | diffblobblamehistory |