-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlD+p6kACgkQrlYvE4MpobO41gCgzANVTeHJSXie/LODUpuzNQHp
bNoAoNt3WO5QJE8cuZUdZe0cprkicvSF
=uh0y
-----END PGP SIGNATURE-----
>From e23f9f58c2408530ae875d40da2e499d1316a68a Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Mon, 5 Nov 2012 15:02:37 -0500
Subject: [PATCH 52/84] policycoreutils: setfiles: print error if no default
label found
If a user requested a label be reset but no default label is specified,
give a useful error message. Do not print the message if this is a
recursive restore, and that is very common.
Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---
policycoreutils/setfiles/restore.c | 13 ++++++++-----
policycoreutils/setfiles/restorecon.8 | 16 +++++++---------
2 files changed, 15 insertions(+), 14 deletions(-)
diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c
index 01fc818..a0e5415 100644
--- a/policycoreutils/setfiles/restore.c
+++ b/policycoreutils/setfiles/restore.c
@@ -100,16 +100,19 @@ static int match(const char *name, struct stat *sb, char **con)
else
return selabel_lookup_raw(r_opts->hnd, con, name, sb->st_mode);
}
-static int restore(FTSENT *ftsent)
+static int restore(FTSENT *ftsent, int recurse)
{
char *my_file = strdupa(ftsent->fts_path);
int ret = -1;
security_context_t curcon = NULL, newcon = NULL;
float progress;
+ if (match(my_file, ftsent->fts_statp, &newcon) < 0) {
+ if ((errno == ENOENT) && ((!recurse) || (r_opts->verbose)))
+ fprintf(stderr, "%s: Warning no default label for %s\n", r_opts->progname, my_file);
- if (match(my_file, ftsent->fts_statp, &newcon) < 0)
/* Check for no matching specification. */
return (errno == ENOENT) ? 0 : -1;
+ }
if (r_opts->progress) {
r_opts->count++;
@@ -275,7 +278,7 @@ err:
* This function is called by fts on each file during
* the directory traversal.
*/
-static int apply_spec(FTSENT *ftsent)
+static int apply_spec(FTSENT *ftsent, int recurse)
{
if (ftsent->fts_info == FTS_DNR) {
fprintf(stderr, "%s: unable to read directory %s\n",
@@ -283,7 +286,7 @@ static int apply_spec(FTSENT *ftsent)
return SKIP;
}
- int rc = restore(ftsent);
+ int rc = restore(ftsent, recurse);
if (rc == ERR) {
if (!r_opts->abort_on_error)
return SKIP;
@@ -343,7 +346,7 @@ static int process_one(char *name, int recurse_this_path)
}
}
- rc = apply_spec(ftsent);
+ rc = apply_spec(ftsent, recurse_this_path);
if (rc == SKIP)
fts_set(fts_handle, ftsent, FTS_SKIP);
if (rc == ERR)
diff --git a/policycoreutils/setfiles/restorecon.8 b/policycoreutils/setfiles/restorecon.8
index 91d02bd..80b6d6e 100644
--- a/policycoreutils/setfiles/restorecon.8
+++ b/policycoreutils/setfiles/restorecon.8
@@ -41,29 +41,27 @@ default file context, changing the user, role, range portion as well as the type
.TP
.B \-h, \-?
display usage information and exit.
-.TP
+.TP
.B \-i
ignore files that do not exist.
-.TP
-.B \-R, \-r
-change files and directories file labels recursively (descend directories).
-.TP
+.TP
.B \-n
don't change any file labels (passive check).
-.TP
+.TP
.B \-o outfilename
save list of files with incorrect context in outfilename.
.TP
.B \-p
show progress by printing * every STAR_COUNT files. (If you relabel the entire OS, this will show you the percentage complete.)
-
.TP
.B \-R, \-r
change files and directories file labels recursively (descend directories).
+.br
+.B Note: restorecon reports warnings on paths without default labels only if called non-recursively or in verbose mode.
.TP
.B \-v
show changes in file labels, if type or role are going to be changed.
-.TP
+.TP
.B \-0
the separator for the input items is assumed to be the null character
(instead of the white space). The quotes and the backslash characters are
@@ -85,7 +83,7 @@ operate recursively on directories.
.SH "AUTHOR"
This man page was written by Dan Walsh <dwalsh@xxxxxxxxxx>.
-Some of the content of this man page was taken from the setfiles
+Some of the content of this man page was taken from the setfiles
man page written by Russell Coker <russell@xxxxxxxxxxxx>.
The program was written by Dan Walsh <dwalsh@xxxxxxxxxx>.
--
1.8.1
