From unknown Tue Aug 19 02:51:34 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#25378: cp does not preserve SElinx context of sub folder
Resent-From: HE Henry <Henry.He@alcatel-lucent.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-coreutils@gnu.org
Resent-Date: Fri, 06 Jan 2017 16:19:02 +0000
Resent-Message-ID: <handler.25378.B.148371953526204@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 25378
X-GNU-PR-Package: coreutils
X-GNU-PR-Keywords: 
To: 25378@debbugs.gnu.org
X-Debbugs-Original-To: "bug-coreutils@gnu.org" <bug-coreutils@gnu.org>
Received: via spool by submit@debbugs.gnu.org id=B.148371953526204
          (code B ref -1); Fri, 06 Jan 2017 16:19:02 +0000
Received: (at submit) by debbugs.gnu.org; 6 Jan 2017 16:18:55 +0000
Received: from localhost ([127.0.0.1]:45295 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cPXEE-0006oZ-95
	for submit@debbugs.gnu.org; Fri, 06 Jan 2017 11:18:55 -0500
Received: from eggs.gnu.org ([208.118.235.92]:50007)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <Henry.He@alcatel-lucent.com>) id 1cPPkL-00089l-Ct
 for submit@debbugs.gnu.org; Fri, 06 Jan 2017 03:19:34 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Henry.He@alcatel-lucent.com>) id 1cPPkF-00086U-9I
 for submit@debbugs.gnu.org; Fri, 06 Jan 2017 03:19:28 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled
 version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:39549)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <Henry.He@alcatel-lucent.com>)
 id 1cPPkF-000868-6b
 for submit@debbugs.gnu.org; Fri, 06 Jan 2017 03:19:27 -0500
Received: from eggs.gnu.org ([2001:4830:134:3::10]:40971)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <Henry.He@alcatel-lucent.com>) id 1cPPkE-0007NS-1E
 for bug-coreutils@gnu.org; Fri, 06 Jan 2017 03:19:27 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Henry.He@alcatel-lucent.com>) id 1cPPkA-0007zI-0x
 for bug-coreutils@gnu.org; Fri, 06 Jan 2017 03:19:25 -0500
Received: from cnshjsmin03.alcatel-sbell.com.cn ([116.246.26.71]:58386)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <Henry.He@alcatel-lucent.com>)
 id 1cPPk9-0007up-Ml
 for bug-coreutils@gnu.org; Fri, 06 Jan 2017 03:19:21 -0500
X-AuditID: ac189297-f79fa6d0000038b2-80-586f5301aa1d
Received: from CNSHJCASHUB01.ad4.ad.alcatel.com (Unknown_Domain
 [135.251.50.71])
 by cnshjsmin03.alcatel-sbell.com.cn (Symantec Messaging Gateway) with SMTP id
 B7.30.14514.1035F685; Fri,  6 Jan 2017 16:19:13 +0800 (HKT)
Received: from CNSHJMBX04.ad4.ad.alcatel.com ([135.251.50.104]) by
 CNSHJCASHUB01.ad4.ad.alcatel.com ([135.251.50.71]) with mapi id
 14.03.0319.002; Fri, 6 Jan 2017 16:19:12 +0800
From: HE Henry <Henry.He@alcatel-lucent.com>
Thread-Topic: cp does not preserve SElinx context of sub folder
Thread-Index: AdJn8jxu0mHNyxltSHS19kDLkjr7ag==
Date: Fri, 6 Jan 2017 08:19:11 +0000
Message-ID: <7942F6CE80E75046AF1E7073DAD1B74448820178@cnshjmbx04>
Accept-Language: zh-CN, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [135.251.88.136]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrCLMWRmVeSWpSXmKPExsXS/tvIXZcxOD/C4OBWQYvG1jXsDowebdPM
 AhijuGxSUnMyy1KL9O0SuDL2ftrDWrCAq2Lme40GxoccXYycHBICJhL7z6xmgrDFJC7cW8/W
 xcjFISRwh1Fi05FnUM5WRol5rQfYQarYBHQkTq7/D9YhImAsseRHMyuILSxgJbFqbTsjRNxe
 YsfEXjYIW0/ixPF/YL0sAioSsw78B4vzCjhKXOv4C9bLKCArMe3RfbCZzALiEreezIe6SEBi
 yZ7zzBC2qMTLx/9YIWwlif8LjrJA1OtILNj9iQ3C1pZYtvA1M8R8QYmTM5+wTGAUnoVk7Cwk
 LbOQtMxC0rKAkWUVo0JyXnFGVnFuZp6BsV5iTnJiSWqObnFSak6OXnJ+rl5y3iZGYNivkZg0
 fQfjsQPehxgFOBiVeHgjvPIihFgTy4orcw8xSnAwK4nwdgXmRwjxpiRWVqUW5ccXleakFh9i
 lOZgURLnvXFFPkJIIB1odnZqakFqEUyWiYNTqoFx+qZ9uZbBni5PC2Rs2RTqxVR22Nqauu/e
 l3y9RHndi0b582IvXaaLHFB0bFnPcnzxu6M99w/N2d7LdCPNqDptMpOly9KFUz3mLLv9wllT
 QZXB7Xzr/3/X9J/dFV/c4KB8PPWCaeJypmxjedOvglpfdSQ5Va0bLQuX8ZpKK//44BR3mJfn
 oZASS3FGoqEWc1FxIgB9l7MRdwIAAA==
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x [fuzzy]
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -4.0 (----)
X-Mailman-Approved-At: Fri, 06 Jan 2017 11:18:52 -0500
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -4.0 (----)

Hi coreutils team,

When using cp with --parents options, the SELinux context of sub folders ar=
e not preserved.

Example as below:

1. Before using cp:
[root@oame0 etc]# pwd
/etc
[root@oame0 etc]# ls -Z selinux/
-rw-r--r--. root root system_u:object_r:selinux_config_t:s0 config
-rw-r--r--. root root system_u:object_r:selinux_config_t:s0 semanage.conf
drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 targeted
[root@oame0 etc]#  ls -Z -d selinux/
drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 selinux/


2. Using cp to copy /etc/selinux/targeted/seusers with full path to /tmp
[root@oame0 etc]# cp -r --preserve=3Dcontext --parents selinux/targeted/seu=
sers  /tmp

3. After using cp, the SELinux context of sub folder are changed, like seli=
nux, targeted=20

[root@oame0 etc]# ls -Z /tmp/selinux/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 targeted
[root@oame0 etc]# ls -Z -d /tmp/selinux/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/
[root@oame0 etc]# ls -Z -d /tmp/selinux/targeted/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/targ=
eted/
[root@oame0 etc]# ls -Z /tmp/selinux/targeted/  =20
-rw-------. root root system_u:object_r:selinux_config_t:s0 seusers

Thanks,
Henry




From unknown Tue Aug 19 02:51:34 2025
MIME-Version: 1.0
X-Mailer: MIME-tools 5.505 (Entity 5.505)
X-Loop: help-debbugs@gnu.org
From: help-debbugs@gnu.org (GNU bug Tracking System)
To: HE Henry <Henry.He@alcatel-lucent.com>
Subject: bug#25378: closed (Re: bug#25378: cp does not preserve SElinx
 context of sub folder)
Message-ID: <handler.25378.D25378.148764668417846.notifdone@debbugs.gnu.org>
References: <eeec537d-3985-f7a9-bbc2-2314e0557899@draigBrady.com>
 <7942F6CE80E75046AF1E7073DAD1B74448820178@cnshjmbx04>
X-Gnu-PR-Message: they-closed 25378
X-Gnu-PR-Package: coreutils
Reply-To: 25378@debbugs.gnu.org
Date: Tue, 21 Feb 2017 03:12:02 +0000
Content-Type: multipart/mixed; boundary="----------=_1487646722-17895-1"

This is a multi-part message in MIME format...

------------=_1487646722-17895-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Your bug report

#25378: cp does not preserve SElinx context of sub folder

which was filed against the coreutils package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 25378@debbugs.gnu.org.

--=20
25378: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D25378
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems

------------=_1487646722-17895-1
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Received: (at 25378-done) by debbugs.gnu.org; 21 Feb 2017 03:11:24 +0000
Received: from localhost ([127.0.0.1]:47998 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cg0rM-0004dm-A4
	for submit@debbugs.gnu.org; Mon, 20 Feb 2017 22:11:24 -0500
Received: from midir.magicbluesmoke.com ([82.195.144.46]:49006
 helo=mail.magicbluesmoke.com)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <P@draigBrady.com>) id 1cg0rH-0004da-OD
 for 25378-done@debbugs.gnu.org; Mon, 20 Feb 2017 22:11:20 -0500
Received: from [10.0.0.126] (c-73-170-254-78.hsd1.ca.comcast.net
 [73.170.254.78])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by mail.magicbluesmoke.com (Postfix) with ESMTPSA id 0F31AED;
 Tue, 21 Feb 2017 03:11:17 +0000 (GMT)
Subject: Re: bug#25378: cp does not preserve SElinx context of sub folder
To: HE Henry <Henry.He@alcatel-lucent.com>, 25378-done@debbugs.gnu.org
References: <7942F6CE80E75046AF1E7073DAD1B74448820178@cnshjmbx04>
From: =?UTF-8?Q?P=c3=a1draig_Brady?= <P@draigBrady.com>
Message-ID: <eeec537d-3985-f7a9-bbc2-2314e0557899@draigBrady.com>
Date: Mon, 20 Feb 2017 19:11:15 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <7942F6CE80E75046AF1E7073DAD1B74448820178@cnshjmbx04>
Content-Type: multipart/mixed; boundary="------------3A8A86BBFF2C77990E87A01F"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 25378-done
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.0 (/)

This is a multi-part message in MIME format.
--------------3A8A86BBFF2C77990E87A01F
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit

On 06/01/17 00:19, HE Henry wrote:
> Hi coreutils team,
> 
> When using cp with --parents options, the SELinux context of sub folders are not preserved.
> 
> Example as below:
> 
> 1. Before using cp:
> [root@oame0 etc]# pwd
> /etc
> [root@oame0 etc]# ls -Z selinux/
> -rw-r--r--. root root system_u:object_r:selinux_config_t:s0 config
> -rw-r--r--. root root system_u:object_r:selinux_config_t:s0 semanage.conf
> drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 targeted
> [root@oame0 etc]#  ls -Z -d selinux/
> drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 selinux/
> 
> 
> 2. Using cp to copy /etc/selinux/targeted/seusers with full path to /tmp
> [root@oame0 etc]# cp -r --preserve=context --parents selinux/targeted/seusers  /tmp
> 
> 3. After using cp, the SELinux context of sub folder are changed, like selinux, targeted 
> 
> [root@oame0 etc]# ls -Z /tmp/selinux/
> drwx------. root root unconfined_u:object_r:user_tmp_t:s0 targeted
> [root@oame0 etc]# ls -Z -d /tmp/selinux/
> drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/
> [root@oame0 etc]# ls -Z -d /tmp/selinux/targeted/
> drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/targeted/
> [root@oame0 etc]# ls -Z /tmp/selinux/targeted/   
> -rw-------. root root system_u:object_r:selinux_config_t:s0 seusers

The attached should fix that.

thanks!
Pádraig


--------------3A8A86BBFF2C77990E87A01F
Content-Type: text/x-patch;
 name="cp-Z-parents.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="cp-Z-parents.patch"

>From d17ca013f3aadcf697663830fa9ec34cba551f66 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
Date: Mon, 20 Feb 2017 18:46:49 -0800
Subject: [PATCH] cp: set SElinux context for --parents directories

* src/copy.h (set_process_security_ctx, set_file_security_ctx):
Export for use in cp.c.
* src/copy.h: Likewise.
* src/cp.c (make_dir_parents_private): Call the exported functions
to set the security context for new and updated directories.
* tests/cp/cp-a-selinux.sh: Add a test case.

Fixes http://bugs.gnu.org/25378
---
 NEWS                     |  4 ++++
 src/copy.c               |  4 ++--
 src/copy.h               |  9 +++++++++
 src/cp.c                 | 20 ++++++++++++++++++++
 tests/cp/cp-a-selinux.sh | 23 +++++++++++++++++++++--
 5 files changed, 56 insertions(+), 4 deletions(-)

diff --git a/NEWS b/NEWS
index 7473e6e..167c376 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,10 @@ GNU coreutils NEWS                                    -*- outline -*-
 
 ** Bug fixes
 
+  cp --parents will now set an SELinux context for created directories,
+  as appropriate for the -a, --preseve=context, or -Z options.
+  [bug present since SELinux support added in coreutils-6.10]
+
   date again converts from a specified time zone.  Previously output was
   not converted to the local time zone, and remained in the specified one.
   [bug introduced in coreutils-8.26]
diff --git a/src/copy.c b/src/copy.c
index 9dbd536..3711539 100644
--- a/src/copy.c
+++ b/src/copy.c
@@ -889,7 +889,7 @@ set_author (const char *dst_name, int dest_desc, const struct stat *src_sb)
    Based on CP_OPTIONS, diagnose warnings and fail when appropriate.
    Return FALSE on failure, TRUE on success.  */
 
-static bool
+extern bool
 set_process_security_ctx (char const *src_name, char const *dst_name,
                           mode_t mode, bool new_dst, const struct cp_options *x)
 {
@@ -951,7 +951,7 @@ set_process_security_ctx (char const *src_name, char const *dst_name,
    failure, when allowed by various settings in CP_OPTIONS.
    Return FALSE on failure, TRUE on success.  */
 
-static bool
+extern bool
 set_file_security_ctx (char const *dst_name, bool process_local,
                        bool recurse, const struct cp_options *x)
 {
diff --git a/src/copy.h b/src/copy.h
index f7047bc..db65c4a 100644
--- a/src/copy.h
+++ b/src/copy.h
@@ -285,6 +285,15 @@ bool copy (char const *src_name, char const *dst_name,
            bool nonexistent_dst, const struct cp_options *options,
            bool *copy_into_self, bool *rename_succeeded);
 
+bool
+set_process_security_ctx (char const *src_name, char const *dst_name,
+                          mode_t mode, bool new_dst,
+                          const struct cp_options *x);
+
+bool
+set_file_security_ctx (char const *dst_name, bool process_local,
+                       bool recurse, const struct cp_options *x);
+
 void dest_info_init (struct cp_options *);
 void src_info_init (struct cp_options *);
 
diff --git a/src/cp.c b/src/cp.c
index 88db3a3..6e18263 100644
--- a/src/cp.c
+++ b/src/cp.c
@@ -394,6 +394,8 @@ make_dir_parents_private (char const *const_dir, size_t src_offset,
 
   *attr_list = NULL;
 
+  /* XXX: If all dirs present at the destination,
+     no permissions or security contexts will be updated.  */
   if (stat (dst_dir, &stats) != 0)
     {
       /* A parent of CONST_DIR does not exist.
@@ -437,6 +439,12 @@ make_dir_parents_private (char const *const_dir, size_t src_offset,
               *attr_list = new;
             }
 
+          /* If required set the default context for created dirs.  */
+          if (! set_process_security_ctx (src, dir,
+                                          missing_dir ? new->st.st_mode : 0,
+                                          missing_dir, x))
+            return false;
+
           if (missing_dir)
             {
               mode_t src_mode;
@@ -524,6 +532,18 @@ make_dir_parents_private (char const *const_dir, size_t src_offset,
             }
           else
             *new_dst = false;
+
+          /* For existing dirs, set the security context as per that already
+             set for the process global context.  */
+          if (! *new_dst
+              && (x->set_security_context || x->preserve_security_context))
+            {
+              if (! set_file_security_ctx (dir, x->preserve_security_context,
+                                           false, x)
+                  && x->require_preserve_context)
+                  return false;
+            }
+
           *slash++ = '/';
 
           /* Avoid unnecessary calls to 'stat' when given
diff --git a/tests/cp/cp-a-selinux.sh b/tests/cp/cp-a-selinux.sh
index 19a9e64..de07406 100755
--- a/tests/cp/cp-a-selinux.sh
+++ b/tests/cp/cp-a-selinux.sh
@@ -48,7 +48,6 @@ rm -f f
 # due to recursion, and was handled incorrectly in coreutils-8.22
 # Note standard permissions are updated for existing directories
 # in the destination, so SELinux contexts should be updated too.
-chmod o+rw restore/existing_dir
 mkdir -p backup/existing_dir/ || framework_failure_
 ls -Zd backup/existing_dir > ed_ctx || fail=1
 grep $ctx ed_ctx && framework_failure_
@@ -57,11 +56,31 @@ chcon $ctx backup/existing_dir/file || framework_failure_
 # Set the dir context to ensure it is reset
 mkdir -p --context="$ctx" restore/existing_dir || framework_failure_
 # Copy and ensure existing directories updated
-cp -a backup/. restore/
+cp -a backup/. restore/ || fail=1
 ls -Zd restore/existing_dir > ed_ctx || fail=1
 grep $ctx ed_ctx &&
   { ls -lZd restore/existing_dir; fail=1; }
 
+# Check context preserved with directories created with --parents,
+# which was not handled before coreutils-8.27
+mkdir -p parents/a/b || framework_failure_
+ls -Zd parents/a/b > ed_ctx || fail=1
+grep $ctx ed_ctx && framework_failure_
+touch parents/a/b/file || framework_failure_
+chcon $ctx parents/a/b || framework_failure_
+# Set the dir context to ensure it is reset
+mkdir -p --context="$ctx" parents_dest/parents/a || framework_failure_
+# Copy and ensure existing directories updated
+cp -r --parents --preserve=context parents/a/b/file parents_dest || fail=1
+# Check new context
+ls -Zd parents_dest/parents/a/b > ed_ctx || fail=1
+grep $ctx ed_ctx ||
+  { ls -lZd parents_dest/parents/a/b; fail=1; }
+# Check updated context
+ls -Zd parents_dest/parents/a > ed_ctx || fail=1
+grep $ctx ed_ctx &&
+  { ls -lZd parents_dest/parents/a; fail=1; }
+
 # Check restorecon (-Z) functionality for file and directory
 # Also make a dir with our known context
 mkdir c_d || framework_failure_
-- 
2.5.5


--------------3A8A86BBFF2C77990E87A01F--


------------=_1487646722-17895-1
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Received: (at submit) by debbugs.gnu.org; 6 Jan 2017 16:18:55 +0000
Received: from localhost ([127.0.0.1]:45295 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cPXEE-0006oZ-95
	for submit@debbugs.gnu.org; Fri, 06 Jan 2017 11:18:55 -0500
Received: from eggs.gnu.org ([208.118.235.92]:50007)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <Henry.He@alcatel-lucent.com>) id 1cPPkL-00089l-Ct
 for submit@debbugs.gnu.org; Fri, 06 Jan 2017 03:19:34 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Henry.He@alcatel-lucent.com>) id 1cPPkF-00086U-9I
 for submit@debbugs.gnu.org; Fri, 06 Jan 2017 03:19:28 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled
 version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:39549)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <Henry.He@alcatel-lucent.com>)
 id 1cPPkF-000868-6b
 for submit@debbugs.gnu.org; Fri, 06 Jan 2017 03:19:27 -0500
Received: from eggs.gnu.org ([2001:4830:134:3::10]:40971)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <Henry.He@alcatel-lucent.com>) id 1cPPkE-0007NS-1E
 for bug-coreutils@gnu.org; Fri, 06 Jan 2017 03:19:27 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Henry.He@alcatel-lucent.com>) id 1cPPkA-0007zI-0x
 for bug-coreutils@gnu.org; Fri, 06 Jan 2017 03:19:25 -0500
Received: from cnshjsmin03.alcatel-sbell.com.cn ([116.246.26.71]:58386)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <Henry.He@alcatel-lucent.com>)
 id 1cPPk9-0007up-Ml
 for bug-coreutils@gnu.org; Fri, 06 Jan 2017 03:19:21 -0500
X-AuditID: ac189297-f79fa6d0000038b2-80-586f5301aa1d
Received: from CNSHJCASHUB01.ad4.ad.alcatel.com (Unknown_Domain
 [135.251.50.71])
 by cnshjsmin03.alcatel-sbell.com.cn (Symantec Messaging Gateway) with SMTP id
 B7.30.14514.1035F685; Fri,  6 Jan 2017 16:19:13 +0800 (HKT)
Received: from CNSHJMBX04.ad4.ad.alcatel.com ([135.251.50.104]) by
 CNSHJCASHUB01.ad4.ad.alcatel.com ([135.251.50.71]) with mapi id
 14.03.0319.002; Fri, 6 Jan 2017 16:19:12 +0800
From: HE Henry <Henry.He@alcatel-lucent.com>
To: "bug-coreutils@gnu.org" <bug-coreutils@gnu.org>
Subject: cp does not preserve SElinx context of sub folder
Thread-Topic: cp does not preserve SElinx context of sub folder
Thread-Index: AdJn8jxu0mHNyxltSHS19kDLkjr7ag==
Date: Fri, 6 Jan 2017 08:19:11 +0000
Message-ID: <7942F6CE80E75046AF1E7073DAD1B74448820178@cnshjmbx04>
Accept-Language: zh-CN, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [135.251.88.136]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrCLMWRmVeSWpSXmKPExsXS/tvIXZcxOD/C4OBWQYvG1jXsDowebdPM
 AhijuGxSUnMyy1KL9O0SuDL2ftrDWrCAq2Lme40GxoccXYycHBICJhL7z6xmgrDFJC7cW8/W
 xcjFISRwh1Fi05FnUM5WRol5rQfYQarYBHQkTq7/D9YhImAsseRHMyuILSxgJbFqbTsjRNxe
 YsfEXjYIW0/ixPF/YL0sAioSsw78B4vzCjhKXOv4C9bLKCArMe3RfbCZzALiEreezIe6SEBi
 yZ7zzBC2qMTLx/9YIWwlif8LjrJA1OtILNj9iQ3C1pZYtvA1M8R8QYmTM5+wTGAUnoVk7Cwk
 LbOQtMxC0rKAkWUVo0JyXnFGVnFuZp6BsV5iTnJiSWqObnFSak6OXnJ+rl5y3iZGYNivkZg0
 fQfjsQPehxgFOBiVeHgjvPIihFgTy4orcw8xSnAwK4nwdgXmRwjxpiRWVqUW5ccXleakFh9i
 lOZgURLnvXFFPkJIIB1odnZqakFqEUyWiYNTqoFx+qZ9uZbBni5PC2Rs2RTqxVR22Nqauu/e
 l3y9RHndi0b582IvXaaLHFB0bFnPcnzxu6M99w/N2d7LdCPNqDptMpOly9KFUz3mLLv9wllT
 QZXB7Xzr/3/X9J/dFV/c4KB8PPWCaeJypmxjedOvglpfdSQ5Va0bLQuX8ZpKK//44BR3mJfn
 oZASS3FGoqEWc1FxIgB9l7MRdwIAAA==
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x [fuzzy]
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -4.0 (----)
X-Debbugs-Envelope-To: submit
X-Mailman-Approved-At: Fri, 06 Jan 2017 11:18:52 -0500
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -4.0 (----)

Hi coreutils team,

When using cp with --parents options, the SELinux context of sub folders ar=
e not preserved.

Example as below:

1. Before using cp:
[root@oame0 etc]# pwd
/etc
[root@oame0 etc]# ls -Z selinux/
-rw-r--r--. root root system_u:object_r:selinux_config_t:s0 config
-rw-r--r--. root root system_u:object_r:selinux_config_t:s0 semanage.conf
drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 targeted
[root@oame0 etc]#  ls -Z -d selinux/
drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 selinux/


2. Using cp to copy /etc/selinux/targeted/seusers with full path to /tmp
[root@oame0 etc]# cp -r --preserve=3Dcontext --parents selinux/targeted/seu=
sers  /tmp

3. After using cp, the SELinux context of sub folder are changed, like seli=
nux, targeted=20

[root@oame0 etc]# ls -Z /tmp/selinux/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 targeted
[root@oame0 etc]# ls -Z -d /tmp/selinux/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/
[root@oame0 etc]# ls -Z -d /tmp/selinux/targeted/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/targ=
eted/
[root@oame0 etc]# ls -Z /tmp/selinux/targeted/  =20
-rw-------. root root system_u:object_r:selinux_config_t:s0 seusers

Thanks,
Henry



------------=_1487646722-17895-1--


From unknown Tue Aug 19 02:51:34 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#25378: cp does not preserve SElinx context of sub folder
Resent-From: Paul Eggert <eggert@cs.ucla.edu>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-coreutils@gnu.org
Resent-Date: Tue, 21 Feb 2017 04:47:01 +0000
Resent-Message-ID: <handler.25378.B25378.148765238314288@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 25378
X-GNU-PR-Package: coreutils
X-GNU-PR-Keywords: 
To: 25378@debbugs.gnu.org, P@draigBrady.com, Henry.He@alcatel-lucent.com
Received: via spool by 25378-submit@debbugs.gnu.org id=B25378.148765238314288
          (code B ref 25378); Tue, 21 Feb 2017 04:47:01 +0000
Received: (at 25378) by debbugs.gnu.org; 21 Feb 2017 04:46:23 +0000
Received: from localhost ([127.0.0.1]:48085 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cg2LH-0003iO-5Y
	for submit@debbugs.gnu.org; Mon, 20 Feb 2017 23:46:23 -0500
Received: from zimbra.cs.ucla.edu ([131.179.128.68]:52208)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eggert@cs.ucla.edu>) id 1cg2LE-0003i9-ME
 for 25378@debbugs.gnu.org; Mon, 20 Feb 2017 23:46:21 -0500
Received: from localhost (localhost [127.0.0.1])
 by zimbra.cs.ucla.edu (Postfix) with ESMTP id 810D71600EC;
 Mon, 20 Feb 2017 20:46:13 -0800 (PST)
Received: from zimbra.cs.ucla.edu ([127.0.0.1])
 by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10032)
 with ESMTP id pIK-eQge7ZPU; Mon, 20 Feb 2017 20:46:12 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
 by zimbra.cs.ucla.edu (Postfix) with ESMTP id CDFEB1600FA;
 Mon, 20 Feb 2017 20:46:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at zimbra.cs.ucla.edu
Received: from zimbra.cs.ucla.edu ([127.0.0.1])
 by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id i0t8ldUzUdco; Mon, 20 Feb 2017 20:46:12 -0800 (PST)
Received: from [192.168.1.9] (unknown [47.153.188.248])
 by zimbra.cs.ucla.edu (Postfix) with ESMTPSA id B11F51600EC;
 Mon, 20 Feb 2017 20:46:12 -0800 (PST)
References: <7942F6CE80E75046AF1E7073DAD1B74448820178@cnshjmbx04>
 <eeec537d-3985-f7a9-bbc2-2314e0557899@draigBrady.com>
From: Paul Eggert <eggert@cs.ucla.edu>
Organization: UCLA Computer Science Department
Message-ID: <92d2d277-e3ef-de39-4f93-b67cd6ca9a52@cs.ucla.edu>
Date: Mon, 20 Feb 2017 20:46:12 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <eeec537d-3985-f7a9-bbc2-2314e0557899@draigBrady.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.0 (/)

Does 'mkdir -Z --parents' need a similar patch?

Minor points:

Please don't use 'extern' in front of function definitions. Just decls.

The usual style in .h files is to say "extern type function (args);" rather than 
to have a newline after the type.




From unknown Tue Aug 19 02:51:34 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#25378: cp does not preserve SElinx context of sub folder
Resent-From: =?UTF-8?Q?P=C3=A1draig?= Brady <P@draigBrady.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-coreutils@gnu.org
Resent-Date: Tue, 21 Feb 2017 05:09:01 +0000
Resent-Message-ID: <handler.25378.B25378.148765370016225@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 25378
X-GNU-PR-Package: coreutils
X-GNU-PR-Keywords: 
To: Paul Eggert <eggert@cs.ucla.edu>, 25378@debbugs.gnu.org, Henry.He@alcatel-lucent.com
Received: via spool by 25378-submit@debbugs.gnu.org id=B25378.148765370016225
          (code B ref 25378); Tue, 21 Feb 2017 05:09:01 +0000
Received: (at 25378) by debbugs.gnu.org; 21 Feb 2017 05:08:20 +0000
Received: from localhost ([127.0.0.1]:48091 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cg2gV-0004Dd-Vp
	for submit@debbugs.gnu.org; Tue, 21 Feb 2017 00:08:20 -0500
Received: from midir.magicbluesmoke.com ([82.195.144.46]:49152
 helo=mail.magicbluesmoke.com)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <P@draigBrady.com>) id 1cg2gT-0004DU-Ld
 for 25378@debbugs.gnu.org; Tue, 21 Feb 2017 00:08:18 -0500
Received: from [10.0.0.126] (c-73-170-254-78.hsd1.ca.comcast.net
 [73.170.254.78])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by mail.magicbluesmoke.com (Postfix) with ESMTPSA id 8FD16A7;
 Tue, 21 Feb 2017 05:08:15 +0000 (GMT)
References: <7942F6CE80E75046AF1E7073DAD1B74448820178@cnshjmbx04>
 <eeec537d-3985-f7a9-bbc2-2314e0557899@draigBrady.com>
 <92d2d277-e3ef-de39-4f93-b67cd6ca9a52@cs.ucla.edu>
From: =?UTF-8?Q?P=C3=A1draig?= Brady <P@draigBrady.com>
Message-ID: <cc6b0035-b05f-064b-616b-ba528e98fa46@draigBrady.com>
Date: Mon, 20 Feb 2017 21:08:13 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <92d2d277-e3ef-de39-4f93-b67cd6ca9a52@cs.ucla.edu>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.0 (/)

On 20/02/17 20:46, Paul Eggert wrote:
> Does 'mkdir -Z --parents' need a similar patch?

Already handled.

> 
> Minor points:
> 
> Please don't use 'extern' in front of function definitions. Just decls.
> 
> The usual style in .h files is to say "extern type function (args);" rather than 
> to have a newline after the type.
> 

Fixed (and still passing syntax checks)

thanks for the review,

Pádraig




From unknown Tue Aug 19 02:51:34 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#25378: cp does not preserve SElinx context of sub folder
Resent-From: Bernhard Voelker <mail@bernhard-voelker.de>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-coreutils@gnu.org
Resent-Date: Tue, 21 Feb 2017 07:19:02 +0000
Resent-Message-ID: <handler.25378.B25378.148766151328127@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 25378
X-GNU-PR-Package: coreutils
X-GNU-PR-Keywords: 
To: 25378@debbugs.gnu.org, P@draigBrady.com, Henry.He@alcatel-lucent.com
Received: via spool by 25378-submit@debbugs.gnu.org id=B25378.148766151328127
          (code B ref 25378); Tue, 21 Feb 2017 07:19:02 +0000
Received: (at 25378) by debbugs.gnu.org; 21 Feb 2017 07:18:33 +0000
Received: from localhost ([127.0.0.1]:48124 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cg4iW-0007Jb-V9
	for submit@debbugs.gnu.org; Tue, 21 Feb 2017 02:18:33 -0500
Received: from mout.kundenserver.de ([212.227.126.131]:61164)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mail@bernhard-voelker.de>) id 1cg4iV-0007JN-2n
 for 25378@debbugs.gnu.org; Tue, 21 Feb 2017 02:18:31 -0500
Received: from [192.168.101.10] ([217.86.88.173]) by mrelayeu.kundenserver.de
 (mreue005 [212.227.15.167]) with ESMTPSA (Nemesis) id
 0MIRr9-1ce9AY0X6N-0049nd; Tue, 21 Feb 2017 08:18:21 +0100
References: <7942F6CE80E75046AF1E7073DAD1B74448820178@cnshjmbx04>
 <eeec537d-3985-f7a9-bbc2-2314e0557899@draigBrady.com>
From: Bernhard Voelker <mail@bernhard-voelker.de>
Message-ID: <b384c556-3092-4217-136a-a335003e24b8@bernhard-voelker.de>
Date: Tue, 21 Feb 2017 08:18:19 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.6.0
MIME-Version: 1.0
In-Reply-To: <eeec537d-3985-f7a9-bbc2-2314e0557899@draigBrady.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
X-Provags-ID: V03:K0:dRASGlasnfIQp3e1OkSb6rkZ0y4+pB31Lq/3jL8VF/OzXBLJnNY
 g78jUR86jOXXuP/HkivaG96So3Z5NeD753Z2vWssKSgL26nF7zIxTD6i4KNWyJrFPqBTPk4
 2GgvqjOGgSA7YN4S5x+BB2gBQ9XUyN/2IdMd5F0JgcMhZgGHbI5aEohOk1q8Vf2sMbQYbcd
 Q1wFR//NFO5MvSwU/fLJw==
X-UI-Out-Filterresults: notjunk:1;V01:K0:L+13JiwmTKQ=:B3cJhycwGN/uQZYZe/f7No
 RfUWsQ8MuEsB0YZIUqXRu/Kb0qSfr2KCwq1xraL0ThY5jyXjaezolQ7N3Zl6Tj2SB0IaVL+eO
 dxhl1WKfhhNgIZZhWHrP0fd3Vv+pIQfL3sYsr9LTtLE8MsYk50Dl3+ww3aKHdFU3OjlJAnvg8
 RXWOss1moSjGFHKo6owpMoK7IqqYZ0KAKKaQTMxg59aSeU5iyq/kSkmBbUXwqhg0u0WIl9rPA
 YansiPQu7CzN9LvSY4DrM1jwA4Q5wD+34bEZjh1N3a1azsfZO/9T47CHSW1zHUad/ApJ06iVO
 3XB4RCxi/gUpxpIcViVbIlbXutADcBPQsURk20BwKLNVgNM/E24VMPRsTcxaEvB+2yIL0av9u
 PvHGx0jlZOBuucc7ftB4DxCry0PoBCysVOu43Ty9LdBeRYC0RN0zt3tu4CqxZB4kt0tCNt5rn
 ajd9IZRQ8UIX6dUZEhc8bkmDn7aZbx3rhbb12764P75WjAiAtKOE1ANr2V/Kq87/hAFQVG/YO
 M/+QNb+iMudftRXXYr9L9wC0/9vdOfTHwMVFHskdVhgud4X5laz6dMuqjfRBRcRZ2WE866/yG
 mioB7UoUL894aA8AC7pWxpK6swEyT4KlHtgGVfNrfmMPUmBikMUPDYnpFdCZkibcSJospRa5z
 iB7fx7+lyW2rPUzmHiw/d4mVkMteh0ZrWrmZCde5v/nBgmtq02pOFO1P0saccS5EoAYTr3h/c
 WcyRbmBQ0TIsLC4v
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.0 (/)

Hi Padraig,

only some minor remarks from my side.

On 02/21/2017 04:11 AM, Pádraig Brady wrote:
> From d17ca013f3aadcf697663830fa9ec34cba551f66 Mon Sep 17 00:00:00 2001
> From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
> Date: Mon, 20 Feb 2017 18:46:49 -0800
> Subject: [PATCH] cp: set SElinux context for --parents directories
> 
> * src/copy.h (set_process_security_ctx, set_file_security_ctx):
_____________^

minor typo: s/c/h/

> diff --git a/src/cp.c b/src/cp.c
> index 88db3a3..6e18263 100644
> --- a/src/cp.c
> +++ b/src/cp.c
> @@ -394,6 +394,8 @@ make_dir_parents_private (char const *const_dir, size_t src_offset,
>  
>    *attr_list = NULL;
>  
> +  /* XXX: If all dirs present at the destination,
________^^^_____________^

why "XXX"?  Missing verb "are".


> diff --git a/tests/cp/cp-a-selinux.sh b/tests/cp/cp-a-selinux.sh
> index 19a9e64..de07406 100755
> --- a/tests/cp/cp-a-selinux.sh
> +++ b/tests/cp/cp-a-selinux.sh
> @@ -48,7 +48,6 @@ rm -f f
>  # due to recursion, and was handled incorrectly in coreutils-8.22
>  # Note standard permissions are updated for existing directories
>  # in the destination, so SELinux contexts should be updated too.
> -chmod o+rw restore/existing_dir

What was that change for?
(I don't have a SELinux system here, so the test is skipped here.)

>  mkdir -p backup/existing_dir/ || framework_failure_
>  ls -Zd backup/existing_dir > ed_ctx || fail=1
>  grep $ctx ed_ctx && framework_failure_
> @@ -57,11 +56,31 @@ chcon $ctx backup/existing_dir/file || framework_failure_
>  # Set the dir context to ensure it is reset
>  mkdir -p --context="$ctx" restore/existing_dir || framework_failure_
>  # Copy and ensure existing directories updated
> -cp -a backup/. restore/
> +cp -a backup/. restore/ || fail=1

nice catch, thanks!

>  ls -Zd restore/existing_dir > ed_ctx || fail=1
>  grep $ctx ed_ctx &&
>    { ls -lZd restore/existing_dir; fail=1; }
>  
> +# Check context preserved with directories created with --parents,
> +# which was not handled before coreutils-8.27

Do we already know the next release will be "8.27"?
Maybe it's better to change to "<= coreutils-8.26".

Thanks & have a nice day,
Berny




From unknown Tue Aug 19 02:51:34 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#25378: cp does not preserve SElinx context of sub folder
Resent-From: =?UTF-8?Q?P=C3=A1draig?= Brady <P@draigBrady.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-coreutils@gnu.org
Resent-Date: Tue, 21 Feb 2017 08:01:01 +0000
Resent-Message-ID: <handler.25378.B25378.148766400331754@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 25378
X-GNU-PR-Package: coreutils
X-GNU-PR-Keywords: 
To: Bernhard Voelker <mail@bernhard-voelker.de>, 25378@debbugs.gnu.org, Henry.He@alcatel-lucent.com
Received: via spool by 25378-submit@debbugs.gnu.org id=B25378.148766400331754
          (code B ref 25378); Tue, 21 Feb 2017 08:01:01 +0000
Received: (at 25378) by debbugs.gnu.org; 21 Feb 2017 08:00:03 +0000
Received: from localhost ([127.0.0.1]:48142 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cg5Mg-0008G0-Q1
	for submit@debbugs.gnu.org; Tue, 21 Feb 2017 03:00:03 -0500
Received: from midir.magicbluesmoke.com ([82.195.144.46]:49426
 helo=mail.magicbluesmoke.com)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <P@draigBrady.com>) id 1cg5Me-0008F7-3b
 for 25378@debbugs.gnu.org; Tue, 21 Feb 2017 03:00:00 -0500
Received: from [10.0.0.126] (c-73-170-254-78.hsd1.ca.comcast.net
 [73.170.254.78])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by mail.magicbluesmoke.com (Postfix) with ESMTPSA id 2856574;
 Tue, 21 Feb 2017 07:59:55 +0000 (GMT)
References: <7942F6CE80E75046AF1E7073DAD1B74448820178@cnshjmbx04>
 <eeec537d-3985-f7a9-bbc2-2314e0557899@draigBrady.com>
 <b384c556-3092-4217-136a-a335003e24b8@bernhard-voelker.de>
From: =?UTF-8?Q?P=C3=A1draig?= Brady <P@draigBrady.com>
Message-ID: <8c99d301-f625-e4a1-1923-38b1e34db890@draigBrady.com>
Date: Mon, 20 Feb 2017 23:59:53 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <b384c556-3092-4217-136a-a335003e24b8@bernhard-voelker.de>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.0 (/)

On 20/02/17 23:18, Bernhard Voelker wrote:
> Hi Padraig,
> 
> only some minor remarks from my side.
> 
> On 02/21/2017 04:11 AM, Pádraig Brady wrote:
>> From d17ca013f3aadcf697663830fa9ec34cba551f66 Mon Sep 17 00:00:00 2001
>> From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
>> Date: Mon, 20 Feb 2017 18:46:49 -0800
>> Subject: [PATCH] cp: set SElinux context for --parents directories
>>
>> * src/copy.h (set_process_security_ctx, set_file_security_ctx):
> _____________^
> 
> minor typo: s/c/h/
> 
>> diff --git a/src/cp.c b/src/cp.c
>> index 88db3a3..6e18263 100644
>> --- a/src/cp.c
>> +++ b/src/cp.c
>> @@ -394,6 +394,8 @@ make_dir_parents_private (char const *const_dir, size_t src_offset,
>>  
>>    *attr_list = NULL;
>>  
>> +  /* XXX: If all dirs present at the destination,
> ________^^^_____________^
> 
> why "XXX"?  Missing verb "are".

Well I was going to follow up, but might as well here.
It was a bit surprising to me that the presence of all destination
directories would cause no attributes to be copied from the source.
Now it's not particular to SELinux, and also some attributes aren't
copied from the source at all in this code path, so if we were to
address it, it would be a separate patch. I.E. comment added for now.

>> diff --git a/tests/cp/cp-a-selinux.sh b/tests/cp/cp-a-selinux.sh
>> index 19a9e64..de07406 100755
>> --- a/tests/cp/cp-a-selinux.sh
>> +++ b/tests/cp/cp-a-selinux.sh
>> @@ -48,7 +48,6 @@ rm -f f
>>  # due to recursion, and was handled incorrectly in coreutils-8.22
>>  # Note standard permissions are updated for existing directories
>>  # in the destination, so SELinux contexts should be updated too.
>> -chmod o+rw restore/existing_dir
> 
> What was that change for?
> (I don't have a SELinux system here, so the test is skipped here.)

It looked like an unchecked vestige from a separate test script.
So I just removed it since in the area. I'll double check.

> 
>>  mkdir -p backup/existing_dir/ || framework_failure_
>>  ls -Zd backup/existing_dir > ed_ctx || fail=1
>>  grep $ctx ed_ctx && framework_failure_
>> @@ -57,11 +56,31 @@ chcon $ctx backup/existing_dir/file || framework_failure_
>>  # Set the dir context to ensure it is reset
>>  mkdir -p --context="$ctx" restore/existing_dir || framework_failure_
>>  # Copy and ensure existing directories updated
>> -cp -a backup/. restore/
>> +cp -a backup/. restore/ || fail=1
> 
> nice catch, thanks!
> 
>>  ls -Zd restore/existing_dir > ed_ctx || fail=1
>>  grep $ctx ed_ctx &&
>>    { ls -lZd restore/existing_dir; fail=1; }
>>  
>> +# Check context preserved with directories created with --parents,
>> +# which was not handled before coreutils-8.27
> 
> Do we already know the next release will be "8.27"?
> Maybe it's better to change to "<= coreutils-8.26".

Well I was going to announce that I hope to release 8.27
in a couple of weeks, so consider that announced :)

thanks for the review,
Pádraig.