Nicolas Iooss <nicolas.iooss@xxxxxxx> writes:
> On Sun, Jan 31, 2021 at 12:53 PM Petr Lautrbach <plautrba@xxxxxxxxxx> wrote:
>>
>> Commit 331a109f91ea ("libsemanage: fsync final files before rename")
>> added fsync() for policy files and improved situation when something
>> unexpected happens right after rename(). However the module store could
>> be affected as well. After the following steps module files could be 0
>> size:
>>
>> 1. Run `semanage fcontext -a -t var_t "/tmp/abc"`
>> 2. Force shutdown the server during the command is run, or right after
>> it's finished
>> 3. Boot the system and look for empty files:
>> # find /var/lib/selinux/targeted/ -type f -size 0 | wc -l
>> 1266
>>
>> It looks like this situation can be avoided if the filesystem with the
>> sandbox is sync()ed before we start to rename() directories in the
>> store.
>>
>> Signed-off-by: Petr Lautrbach <plautrba@xxxxxxxxxx>
>
> Acked-by: Nicolas Iooss <nicolas.iooss@xxxxxxx>
>
Merged.
> Thanks!
> Nicolas
>
>> ---
>>
>> - syncfs() moved before rename() dance
>>
>> libsemanage/src/semanage_store.c | 13 +++++++++++++
>> 1 file changed, 13 insertions(+)
>>
>> diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
>> index cd5e46bb2401..c6a736fe2d26 100644
>> --- a/libsemanage/src/semanage_store.c
>> +++ b/libsemanage/src/semanage_store.c
>> @@ -1736,6 +1736,19 @@ static int semanage_commit_sandbox(semanage_handle_t * sh)
>> }
>> close(fd);
>>
>> + /* sync changes in sandbox to filesystem */
>> + fd = open(sandbox, O_DIRECTORY);
>> + if (fd == -1) {
>> + ERR(sh, "Error while opening %s for syncfs(): %d", sandbox, errno);
>> + return -1;
>> + }
>> + if (syncfs(fd) == -1) {
>> + ERR(sh, "Error while syncing %s to filesystem: %d", sandbox, errno);
>> + close(fd);
>> + return -1;
>> + }
>> + close(fd);
>> +
>> retval = commit_number;
>>
>> if (semanage_get_active_lock(sh) < 0) {
>> --
>> 2.30.0
>>
