libselinux-2.6-5

- Fix setfiles progress indicator
This commit is contained in:
Petr Lautrbach 2017-04-06 16:37:12 +02:00
parent 7f0ad327e8
commit 5239c15656
2 changed files with 148 additions and 4 deletions

View File

@ -469,6 +469,58 @@ index 0000000..fed6de8
+func main() { +func main() {
+ selinux.Test() + selinux.Test()
+} +}
diff --git libselinux-2.6/include/selinux/restorecon.h libselinux-2.6/include/selinux/restorecon.h
index 7cfdee1..de694cd 100644
--- libselinux-2.6/include/selinux/restorecon.h
+++ libselinux-2.6/include/selinux/restorecon.h
@@ -50,9 +50,9 @@ extern int selinux_restorecon(const char *pathname,
*/
#define SELINUX_RESTORECON_VERBOSE 0x0010
/*
- * Show progress by printing * to stdout every 1000 files, unless
- * relabeling the entire OS, that will then show the approximate
- * percentage complete.
+ * If SELINUX_RESTORECON_PROGRESS is true and
+ * SELINUX_RESTORECON_MASS_RELABEL is true, then output approx % complete,
+ * else output the number of files in 1k blocks processed to stdout.
*/
#define SELINUX_RESTORECON_PROGRESS 0x0020
/*
@@ -91,6 +91,11 @@ extern int selinux_restorecon(const char *pathname,
* mounts to be excluded from relabeling checks.
*/
#define SELINUX_RESTORECON_IGNORE_MOUNTS 0x2000
+/*
+ * Set if there is a mass relabel required.
+ * See SELINUX_RESTORECON_PROGRESS flag for details.
+ */
+#define SELINUX_RESTORECON_MASS_RELABEL 0x4000
/**
* selinux_restorecon_set_sehandle - Set the global fc handle.
diff --git libselinux-2.6/man/man3/selinux_restorecon.3 libselinux-2.6/man/man3/selinux_restorecon.3
index 2d8274b..3350f9c 100644
--- libselinux-2.6/man/man3/selinux_restorecon.3
+++ libselinux-2.6/man/man3/selinux_restorecon.3
@@ -88,8 +88,16 @@ will take precedence.
.RE
.sp
.B SELINUX_RESTORECON_PROGRESS
-show progress by printing * to stdout every 1000 files unless relabeling the
-entire OS, that will then show the approximate percentage complete.
+show progress by outputting the number of files in 1k blocks processed
+to stdout. If the
+.B SELINUX_RESTORECON_MASS_RELABEL
+flag is also set then the approximate percentage complete will be shown.
+.sp
+.B SELINUX_RESTORECON_MASS_RELABEL
+generally set when relabeling the entire OS, that will then show the
+approximate percentage complete. The
+.B SELINUX_RESTORECON_PROGRESS
+flag must also be set.
.sp
.B SELINUX_RESTORECON_REALPATH
convert passed-in
diff --git libselinux-2.6/man/man8/selinux.8 libselinux-2.6/man/man8/selinux.8 diff --git libselinux-2.6/man/man8/selinux.8 libselinux-2.6/man/man8/selinux.8
index 6f1034b..c9f188c 100644 index 6f1034b..c9f188c 100644
--- libselinux-2.6/man/man8/selinux.8 --- libselinux-2.6/man/man8/selinux.8
@ -699,10 +751,57 @@ index 724eb65..58b4144 100644
if (last_component == tmp_path) { if (last_component == tmp_path) {
diff --git libselinux-2.6/src/selinux_restorecon.c libselinux-2.6/src/selinux_restorecon.c diff --git libselinux-2.6/src/selinux_restorecon.c libselinux-2.6/src/selinux_restorecon.c
index e38d1d0..a67876f 100644 index e38d1d0..690dcd8 100644
--- libselinux-2.6/src/selinux_restorecon.c --- libselinux-2.6/src/selinux_restorecon.c
+++ libselinux-2.6/src/selinux_restorecon.c +++ libselinux-2.6/src/selinux_restorecon.c
@@ -663,7 +663,7 @@ static int restorecon_sb(const char *pathname, const struct stat *sb, @@ -41,7 +41,7 @@
#define SYS_PATH "/sys"
#define SYS_PREFIX SYS_PATH "/"
-#define STAR_COUNT 1000
+#define STAR_COUNT 1024
static struct selabel_handle *fc_sehandle = NULL;
static unsigned char *fc_digest = NULL;
@@ -68,18 +68,12 @@ static uint64_t efile_count; /* Estimated total number of files */
struct dir_xattr *dir_xattr_list;
static struct dir_xattr *dir_xattr_last;
-/*
- * If SELINUX_RESTORECON_PROGRESS is set and mass_relabel = true, then
- * output approx % complete, else output * for every STAR_COUNT files
- * processed to stdout.
- */
-static bool mass_relabel;
-
/* restorecon_flags for passing to restorecon_sb() */
struct rest_flags {
bool nochange;
bool verbose;
bool progress;
+ bool mass_relabel;
bool set_specctx;
bool add_assoc;
bool ignore_digest;
@@ -624,14 +618,14 @@ static int restorecon_sb(const char *pathname, const struct stat *sb,
if (flags->progress) {
fc_count++;
if (fc_count % STAR_COUNT == 0) {
- if (mass_relabel && efile_count > 0) {
+ if (flags->mass_relabel && efile_count > 0) {
pc = (fc_count < efile_count) ? (100.0 *
fc_count / efile_count) : 100;
fprintf(stdout, "\r%-.1f%%", (double)pc);
} else {
- fprintf(stdout, "*");
+ fprintf(stdout, "\r%luk", fc_count / STAR_COUNT);
}
- fflush(stdout);
+ fflush(stdout);
}
}
@@ -663,7 +657,7 @@ static int restorecon_sb(const char *pathname, const struct stat *sb,
curcon = NULL; curcon = NULL;
} }
@ -711,6 +810,48 @@ index e38d1d0..a67876f 100644
if (!flags->set_specctx && curcon && if (!flags->set_specctx && curcon &&
(is_context_customizable(curcon) > 0)) { (is_context_customizable(curcon) > 0)) {
if (flags->verbose) { if (flags->verbose) {
@@ -743,6 +737,8 @@ int selinux_restorecon(const char *pathname_orig,
SELINUX_RESTORECON_VERBOSE) ? true : false;
flags.progress = (restorecon_flags &
SELINUX_RESTORECON_PROGRESS) ? true : false;
+ flags.mass_relabel = (restorecon_flags &
+ SELINUX_RESTORECON_MASS_RELABEL) ? true : false;
flags.recurse = (restorecon_flags &
SELINUX_RESTORECON_RECURSE) ? true : false;
flags.set_specctx = (restorecon_flags &
@@ -896,17 +892,6 @@ int selinux_restorecon(const char *pathname_orig,
}
}
- mass_relabel = false;
- if (!strcmp(pathname, "/")) {
- mass_relabel = true;
- if (flags.set_xdev && flags.progress)
- /*
- * Need to recalculate to get accurate % complete
- * as only root device id will be processed.
- */
- efile_count = file_system_count(pathname);
- }
-
if (flags.set_xdev)
fts_flags = FTS_PHYSICAL | FTS_NOCHDIR | FTS_XDEV;
else
@@ -1000,12 +985,8 @@ int selinux_restorecon(const char *pathname_orig,
}
out:
- if (flags.progress) {
- if (mass_relabel)
- fprintf(stdout, "\r100.0%%\n");
- else
- fprintf(stdout, "\n");
- }
+ if (flags.progress && flags.mass_relabel)
+ fprintf(stdout, "\r%s 100.0%%\n", pathname);
sverrno = errno;
(void) fts_close(fts);
diff --git libselinux-2.6/src/selinuxswig_python.i libselinux-2.6/src/selinuxswig_python.i diff --git libselinux-2.6/src/selinuxswig_python.i libselinux-2.6/src/selinuxswig_python.i
index 8cea18d..43df291 100644 index 8cea18d..43df291 100644
--- libselinux-2.6/src/selinuxswig_python.i --- libselinux-2.6/src/selinuxswig_python.i

View File

@ -9,7 +9,7 @@
Summary: SELinux library and simple utilities Summary: SELinux library and simple utilities
Name: libselinux Name: libselinux
Version: 2.6 Version: 2.6
Release: 4%{?dist} Release: 5%{?dist}
License: Public Domain License: Public Domain
Group: System Environment/Libraries Group: System Environment/Libraries
# https://github.com/SELinuxProject/selinux/wiki/Releases # https://github.com/SELinuxProject/selinux/wiki/Releases
@ -20,7 +20,7 @@ Url: https://github.com/SELinuxProject/selinux/wiki
# download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh # download https://raw.githubusercontent.com/fedora-selinux/scripts/master/selinux/make-fedora-selinux-patch.sh
# run: # run:
# $ VERSION=2.6 ./make-fedora-selinux-patch.sh libselinux # $ VERSION=2.6 ./make-fedora-selinux-patch.sh libselinux
# FIXME: HEAD https://github.com/fedora-selinux/selinux/commit/3dcc89405fc1efdcd41b96c50b030174fcaf4514 # HEAD https://github.com/fedora-selinux/selinux/commit/8a1941594a7221ec948b82b26636ad5a0d2dc724
Patch1: libselinux-fedora.patch Patch1: libselinux-fedora.patch
%if 0%{?fedora} > 25 %if 0%{?fedora} > 25
BuildRequires: pkgconf-pkg-config BuildRequires: pkgconf-pkg-config
@ -262,6 +262,9 @@ rm -rf %{buildroot}
%{ruby_vendorarchdir}/selinux.so %{ruby_vendorarchdir}/selinux.so
%changelog %changelog
* Thu Apr 06 2017 Petr Lautrbach <plautrba@redhat.com> - 2.6-5
- Fix setfiles progress indicator
* Wed Mar 22 2017 Petr Lautrbach <plautrba@redhat.com> - 2.6-4 * Wed Mar 22 2017 Petr Lautrbach <plautrba@redhat.com> - 2.6-4
- Fix segfault in selinux_restorecon_sb() (#1433577) - Fix segfault in selinux_restorecon_sb() (#1433577)
- Change matchpathcon usage to match with matchpathcon manpage - Change matchpathcon usage to match with matchpathcon manpage