rpms/libselinux
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import UBI libselinux-2.9-11.el8_10

Browse Source
This commit is contained in:
eabdullin 2026-02-10 13:10:32 +00:00
parent 3158399d50
commit e85cc5a6a5
2 changed files with 70 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
SOURCES/0018-libselinux-Ignore-files-removed-during-relabeling.patch Normal file
View File

@ -0,0 +1,65 @@
From 813ddcabf4c996817be02424767007ca18d064d4 Mon Sep 17 00:00:00 2001
From: Vit Mojzis <vmojzis@redhat.com>
Date: Fri, 17 Oct 2025 17:08:34 +0200
Subject: [PATCH] libselinux: Ignore files removed during relabeling
In case ignore_noent is specified, ignore files removed during
relabeling (race condition between folder read, file read and label
set).
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
---
libselinux/src/selinux_restorecon.c | 22 ++++++++++++++++------
1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c
index db56cc7e..d718a803 100644
--- a/libselinux/src/selinux_restorecon.c
+++ b/libselinux/src/selinux_restorecon.c
@@ -668,6 +668,9 @@ static int restorecon_sb(const char *pathname, const struct stat *sb,
pathname, newcon);
if (lgetfilecon_raw(pathname, &curcon) < 0) {
+ /* Ignore files removed during relabeling if ignore_noent is set */
+ if (flags->ignore_noent && errno == ENOENT)
+ goto out;
if (errno != ENODATA)
goto err;
@@ -700,8 +703,14 @@ static int restorecon_sb(const char *pathname, const struct stat *sb,
}
if (!flags->nochange) {
- if (lsetfilecon(pathname, newcon) < 0)
- goto err;
+ if (lsetfilecon(pathname, newcon) < 0) {
+ /* Ignore files removed during relabeling if ignore_noent is set */
+ if (flags->ignore_noent && errno == ENOENT)
+ goto out;
+ else
+ goto err;
+ }
+
updated = true;
}
@@ -968,10 +977,11 @@ int selinux_restorecon(const char *pathname_orig,
fts_set(fts, ftsent, FTS_SKIP);
continue;
case FTS_NS:
- selinux_log(SELINUX_ERROR,
- "Could not stat %s: %s.\n",
- ftsent->fts_path,
- strerror(ftsent->fts_errno));
+ if (!flags.ignore_noent || errno != ENOENT)
+ selinux_log(SELINUX_ERROR,
+ "Could not stat %s: %s.\n",
+ ftsent->fts_path,
+ strerror(ftsent->fts_errno));
fts_set(fts, ftsent, FTS_SKIP);
continue;
case FTS_ERR:
--
2.52.0

6
SPECS/libselinux.spec
View File

@ -6,7 +6,7 @@
%endif
%define libsepolver 2.9-1
%define libselinuxrelease 10
%define libselinuxrelease 11
Summary: SELinux library and simple utilities
Name: libselinux
@ -36,6 +36,7 @@ Patch0014: 0014-libselinux-restorecon-Fix-memory-leak-xattr_value.patch
Patch0015: 0015-libselinux-restorecon-Include-selinux-label.h.patch
Patch0016: 0016-libselinux-Fix-NULL-pointer-use-in-selinux_restoreco.patch
Patch0017: 0017-libselinux-Close-old-selabel-handle-when-setting-a-n.patch
Patch0018: 0018-libselinux-Ignore-files-removed-during-relabeling.patch
BuildRequires: gcc
%if 0%{?with_ruby}
@ -283,6 +284,9 @@ rm -f %{buildroot}%{_mandir}/man8/togglesebool*
%endif
%changelog
* Tue Jan 20 2026 Vit Mojzis <vmojzis@redhat.com> - 2.9-11
- Ignore files removed during relabeling (RHEL-123885)
* Fri Jan 24 2025 Petr Lautrbach <lautrbach@redhat.com> - 2.9-10
- Close old selabel handle when setting a new one (RHEL-73348)
- Fix NULL pointer use in selinux_restorecon_set_sehandle (RHEL-74252)