GNU bug report logs -
#25378
cp does not preserve SElinx context of sub folder
Previous Next
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your bug report
#25378: cp does not preserve SElinx context of sub folder
which was filed against the coreutils package, has been closed.
The explanation is attached below, along with your original report.
If you require more details, please reply to 25378 <at> debbugs.gnu.org.
--
25378: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=25378
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
[Message part 3 (text/plain, inline)]
On 06/01/17 00:19, HE Henry wrote:
> Hi coreutils team,
>
> When using cp with --parents options, the SELinux context of sub folders are not preserved.
>
> Example as below:
>
> 1. Before using cp:
> [root <at> oame0 etc]# pwd
> /etc
> [root <at> oame0 etc]# ls -Z selinux/
> -rw-r--r--. root root system_u:object_r:selinux_config_t:s0 config
> -rw-r--r--. root root system_u:object_r:selinux_config_t:s0 semanage.conf
> drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 targeted
> [root <at> oame0 etc]# ls -Z -d selinux/
> drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 selinux/
>
>
> 2. Using cp to copy /etc/selinux/targeted/seusers with full path to /tmp
> [root <at> oame0 etc]# cp -r --preserve=context --parents selinux/targeted/seusers /tmp
>
> 3. After using cp, the SELinux context of sub folder are changed, like selinux, targeted
>
> [root <at> oame0 etc]# ls -Z /tmp/selinux/
> drwx------. root root unconfined_u:object_r:user_tmp_t:s0 targeted
> [root <at> oame0 etc]# ls -Z -d /tmp/selinux/
> drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/
> [root <at> oame0 etc]# ls -Z -d /tmp/selinux/targeted/
> drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/targeted/
> [root <at> oame0 etc]# ls -Z /tmp/selinux/targeted/
> -rw-------. root root system_u:object_r:selinux_config_t:s0 seusers
The attached should fix that.
thanks!
Pádraig
[cp-Z-parents.patch (text/x-patch, attachment)]
[Message part 5 (message/rfc822, inline)]
Hi coreutils team,
When using cp with --parents options, the SELinux context of sub folders are not preserved.
Example as below:
1. Before using cp:
[root <at> oame0 etc]# pwd
/etc
[root <at> oame0 etc]# ls -Z selinux/
-rw-r--r--. root root system_u:object_r:selinux_config_t:s0 config
-rw-r--r--. root root system_u:object_r:selinux_config_t:s0 semanage.conf
drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 targeted
[root <at> oame0 etc]# ls -Z -d selinux/
drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 selinux/
2. Using cp to copy /etc/selinux/targeted/seusers with full path to /tmp
[root <at> oame0 etc]# cp -r --preserve=context --parents selinux/targeted/seusers /tmp
3. After using cp, the SELinux context of sub folder are changed, like selinux, targeted
[root <at> oame0 etc]# ls -Z /tmp/selinux/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 targeted
[root <at> oame0 etc]# ls -Z -d /tmp/selinux/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/
[root <at> oame0 etc]# ls -Z -d /tmp/selinux/targeted/
drwx------. root root unconfined_u:object_r:user_tmp_t:s0 /tmp/selinux/targeted/
[root <at> oame0 etc]# ls -Z /tmp/selinux/targeted/
-rw-------. root root system_u:object_r:selinux_config_t:s0 seusers
Thanks,
Henry
This bug report was last modified 8 years and 94 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.