GNU bug report logs - #77597
coreutils 9.6: regression in handling security.selinux attribute for ls(1)

Previous Next

Full log

View this message in rfc822 format

From: Pádraig Brady <P <at> draigBrady.com>
To: Rahul Sandhu <nvraxn <at> gmail.com>, 77597 <at> debbugs.gnu.org
Cc: eggert <at> cs.ucla.edu
Subject: bug#77597: coreutils 9.6: regression in handling security.selinux attribute for ls(1)
Date: Mon, 7 Apr 2025 20:04:23 +0100

[Message part 1 (text/plain, inline)]

On 07/04/2025 19:22, Pádraig Brady wrote:
> On 07/04/2025 19:03, Pádraig Brady wrote:
>> On 06/04/2025 02:49, Rahul Sandhu wrote:
>>> Hey,
>>>
>>> coreutils 9.6 appears to have a regression in `ls(1)` for SELinux-aware
>>> builds. `ls -Z` fails to obtain the security context for certain
>>> filesystem objects (e.g. `/sys`). Example to reproduce on Gentoo with
>>> refpolicy:
>>>
>>> rsandhu <at> graphite ~ $ ls -alZ /run/ | grep '?'
>>> drwxr-xr-x   3 root     root     ?                                               60 Apr  5 16:38 credentials
>>> drwxr-xr-x   3 root     root     ?                                               80 Apr  2 16:30 initramfs
>>> drwxr-xr-x   2 root     root     ?                                               40 Apr  2 16:23 modprobe.d
>>
>> This may be fixed with https://github.com/coreutils/coreutils/commit/cb2abbac7
>>
>> Could you try the latest snapshot to see if it fixes this for you?
>>
>>      wget https://pixelbeat.org/cu/coreutils-ss.tar.xz
>>      tar -xf coreutils-ss.tar.xz
>>      cd coreutils-9.6.53-14af8/
>>      ./configure && make -j4
>>      src/ls -alZ /run/
>>
> 
> Actually sorry the above will not address this.
> I'll have a deeper look now.

The attached gnulib patch passes quick tests here.
I'll think some more about it and apply later.

thanks,
Pádraig

[gnulib-selinux-empty-listxattr.patch (text/x-patch, attachment)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.