| Message ID | 20220110173527.582954-1-vmojzis@redhat.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | policycoreutils: Improve error message when selabel_open fails | expand |
On Mon, Jan 10, 2022 at 9:32 PM Vit Mojzis <vmojzis@redhat.com> wrote: > > When selabel_open fails to locate file_context files and > selabel_opt_path is not specified (e.g. when the policy type is > missconfigured in /etc/selinux/config), perror only prints > "No such file or directory". > This can be confusing in case of "restorecon" since it's > not apparent that the issue is in policy store. > > Before: > \# restorecon -v /tmp/foo.txt > No such file or directory > After: > \# restorecon -v /tmp/foo.txt > /etc/selinux/yolo/contexts/files/file_contexts: No such file or directory > > Signed-off-by: Vit Mojzis <vmojzis@redhat.com> > --- > policycoreutils/setfiles/restore.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c > index 74d48bb3..e9ae33ad 100644 > --- a/policycoreutils/setfiles/restore.c > +++ b/policycoreutils/setfiles/restore.c > @@ -29,7 +29,7 @@ void restore_init(struct restore_opts *opts) > > opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 3); > if (!opts->hnd) { > - perror(opts->selabel_opt_path); > + perror(opts->selabel_opt_path ? opts->selabel_opt_path : selinux_file_context_path()); > exit(1); > } > > -- > 2.34.1 > Acked-by: William Roberts <bill.c.roberts@gmail.com>
Merged https://github.com/SELinuxProject/selinux/pull/338 Thanks, Bill On Tue, Jan 11, 2022 at 8:18 AM William Roberts <bill.c.roberts@gmail.com> wrote: > > On Mon, Jan 10, 2022 at 9:32 PM Vit Mojzis <vmojzis@redhat.com> wrote: > > > > When selabel_open fails to locate file_context files and > > selabel_opt_path is not specified (e.g. when the policy type is > > missconfigured in /etc/selinux/config), perror only prints > > "No such file or directory". > > This can be confusing in case of "restorecon" since it's > > not apparent that the issue is in policy store. > > > > Before: > > \# restorecon -v /tmp/foo.txt > > No such file or directory > > After: > > \# restorecon -v /tmp/foo.txt > > /etc/selinux/yolo/contexts/files/file_contexts: No such file or directory > > > > Signed-off-by: Vit Mojzis <vmojzis@redhat.com> > > --- > > policycoreutils/setfiles/restore.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c > > index 74d48bb3..e9ae33ad 100644 > > --- a/policycoreutils/setfiles/restore.c > > +++ b/policycoreutils/setfiles/restore.c > > @@ -29,7 +29,7 @@ void restore_init(struct restore_opts *opts) > > > > opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 3); > > if (!opts->hnd) { > > - perror(opts->selabel_opt_path); > > + perror(opts->selabel_opt_path ? opts->selabel_opt_path : selinux_file_context_path()); > > exit(1); > > } > > > > -- > > 2.34.1 > > > > Acked-by: William Roberts <bill.c.roberts@gmail.com>
diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c index 74d48bb3..e9ae33ad 100644 --- a/policycoreutils/setfiles/restore.c +++ b/policycoreutils/setfiles/restore.c @@ -29,7 +29,7 @@ void restore_init(struct restore_opts *opts) opts->hnd = selabel_open(SELABEL_CTX_FILE, selinux_opts, 3); if (!opts->hnd) { - perror(opts->selabel_opt_path); + perror(opts->selabel_opt_path ? opts->selabel_opt_path : selinux_file_context_path()); exit(1); }
When selabel_open fails to locate file_context files and selabel_opt_path is not specified (e.g. when the policy type is missconfigured in /etc/selinux/config), perror only prints "No such file or directory". This can be confusing in case of "restorecon" since it's not apparent that the issue is in policy store. Before: \# restorecon -v /tmp/foo.txt No such file or directory After: \# restorecon -v /tmp/foo.txt /etc/selinux/yolo/contexts/files/file_contexts: No such file or directory Signed-off-by: Vit Mojzis <vmojzis@redhat.com> --- policycoreutils/setfiles/restore.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)