GNU bug report logs - #25378
cp does not preserve SElinx context of sub folder

Previous Next

Full log

View this message in rfc822 format

From: HE Henry <Henry.He <at> alcatel-lucent.com>
To: 25378 <at> debbugs.gnu.org
Subject: bug#25378: cp does not preserve SElinx context of sub folder
Date: Fri, 6 Jan 2017 08:19:11 +0000

Hi coreutils team,

When using cp with --parents options, the SELinux context of sub folders are not preserved.

Example as below:

1. Before using cp:
[root <at> oame0 etc]# pwd
/etc
[root <at> oame0 etc]# ls -Z selinux/
-rw-r--r--. root root system_u:object_r:selinux_config_t:s0 config
-rw-r--r--. root root system_u:object_r:selinux_config_t:s0 semanage.conf
drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 targeted
[root <at> oame0 etc]#  ls -Z -d selinux/
drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 selinux/


2. Using cp to copy /etc/selinux/targeted/seusers with full path to /tmp
[root <at> oame0 etc]# cp -r --preserve=context --parents selinux/targeted/seusers  /tmp

3. After using cp, the SELinux context of sub folder are changed, like selinux, targeted 

[root <at> oame0 etc]# ls -Z /tmp/selinux/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 targeted
[root <at> oame0 etc]# ls -Z -d /tmp/selinux/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/
[root <at> oame0 etc]# ls -Z -d /tmp/selinux/targeted/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/targeted/
[root <at> oame0 etc]# ls -Z /tmp/selinux/targeted/   
-rw-------. root root system_u:object_r:selinux_config_t:s0 seusers

Thanks,
Henry

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.