GNU bug report logs -
#25378
cp does not preserve SElinx context of sub folder
Previous Next
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your message dated Mon, 20 Feb 2017 19:11:15 -0800
with message-id <eeec537d-3985-f7a9-bbc2-2314e0557899 <at> draigBrady.com>
and subject line Re: bug#25378: cp does not preserve SElinx context of sub folder
has caused the debbugs.gnu.org bug report #25378,
regarding cp does not preserve SElinx context of sub folder
to be marked as done.
(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)
--
25378: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=25378
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
Hi coreutils team,
When using cp with --parents options, the SELinux context of sub folders are not preserved.
Example as below:
1. Before using cp:
[root <at> oame0 etc]# pwd
/etc
[root <at> oame0 etc]# ls -Z selinux/
-rw-r--r--. root root system_u:object_r:selinux_config_t:s0 config
-rw-r--r--. root root system_u:object_r:selinux_config_t:s0 semanage.conf
drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 targeted
[root <at> oame0 etc]# ls -Z -d selinux/
drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 selinux/
2. Using cp to copy /etc/selinux/targeted/seusers with full path to /tmp
[root <at> oame0 etc]# cp -r --preserve=context --parents selinux/targeted/seusers /tmp
3. After using cp, the SELinux context of sub folder are changed, like selinux, targeted
[root <at> oame0 etc]# ls -Z /tmp/selinux/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 targeted
[root <at> oame0 etc]# ls -Z -d /tmp/selinux/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/
[root <at> oame0 etc]# ls -Z -d /tmp/selinux/targeted/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/targeted/
[root <at> oame0 etc]# ls -Z /tmp/selinux/targeted/
-rw-------. root root system_u:object_r:selinux_config_t:s0 seusers
Thanks,
Henry
[Message part 3 (message/rfc822, inline)]
[Message part 4 (text/plain, inline)]
On 06/01/17 00:19, HE Henry wrote:
> Hi coreutils team,
>
> When using cp with --parents options, the SELinux context of sub folders are not preserved.
>
> Example as below:
>
> 1. Before using cp:
> [root <at> oame0 etc]# pwd
> /etc
> [root <at> oame0 etc]# ls -Z selinux/
> -rw-r--r--. root root system_u:object_r:selinux_config_t:s0 config
> -rw-r--r--. root root system_u:object_r:selinux_config_t:s0 semanage.conf
> drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 targeted
> [root <at> oame0 etc]# ls -Z -d selinux/
> drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 selinux/
>
>
> 2. Using cp to copy /etc/selinux/targeted/seusers with full path to /tmp
> [root <at> oame0 etc]# cp -r --preserve=context --parents selinux/targeted/seusers /tmp
>
> 3. After using cp, the SELinux context of sub folder are changed, like selinux, targeted
>
> [root <at> oame0 etc]# ls -Z /tmp/selinux/
> drwx------. root root unconfined_u:object_r:user_tmp_t:s0 targeted
> [root <at> oame0 etc]# ls -Z -d /tmp/selinux/
> drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/
> [root <at> oame0 etc]# ls -Z -d /tmp/selinux/targeted/
> drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/targeted/
> [root <at> oame0 etc]# ls -Z /tmp/selinux/targeted/
> -rw-------. root root system_u:object_r:selinux_config_t:s0 seusers
The attached should fix that.
thanks!
Pádraig
[cp-Z-parents.patch (text/x-patch, attachment)]
This bug report was last modified 8 years and 153 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.