@@ -38,7 +38,7 @@ int main(int argc, char **argv)
unsigned int xattr_flags = 0, delete_digest = 0, recurse = 0;
unsigned int delete_all_digests = 0, ignore_mounts = 0;
bool display_digest = false;
- char *sha1_buf, **specfiles, *fc_file = NULL;
+ char *sha1_buf, **specfiles, *fc_file = NULL, *pathname = NULL;
unsigned char *fc_digest = NULL;
size_t i, fc_digest_len = 0, num_specfiles;
@@ -163,7 +163,16 @@ int main(int argc, char **argv)
xattr_flags = delete_digest | delete_all_digests |
ignore_mounts | recurse;
- if (selinux_restorecon_xattr(argv[optind], xattr_flags, &xattr_list)) {
+ pathname = realpath(argv[optind], NULL);
+ if (!pathname) {
+ fprintf(stderr,
+ "restorecon_xattr: realpath(%s) failed: %s\n",
+ argv[optind], strerror(errno));
+ rc = -1;
+ goto out;
+ }
+
+ if (selinux_restorecon_xattr(pathname, xattr_flags, &xattr_list)) {
fprintf(stderr,
"Error selinux_restorecon_xattr: %s\n",
strerror(errno));
@@ -215,6 +224,7 @@ int main(int argc, char **argv)
rc = 0;
out:
+ free(pathname);
selabel_close(hnd);
restore_finish();
return rc;
Resolve pathname before selinux_restorecon_xattr() to prevent problems with 'No Match' when relative path is used. Fixes: # restorecon_xattr -v tmp ... tmp Digest: f9cd2da7141068bd2c08bc02fa471db63ac7d44c No Match # restorecon_xattr -v `pwd`/tmp ... /root/tmp Digest: f9cd2da7141068bd2c08bc02fa471db63ac7d44c Match Signed-off-by: Petr Lautrbach <plautrba@redhat.com> --- policycoreutils/setfiles/restorecon_xattr.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-)