From d12756eb12696962458d9c4dc727da248664286f Mon Sep 17 00:00:00 2001 From: Vit Mojzis Date: Fri, 17 Oct 2025 17:08:34 +0200 Subject: [PATCH] libselinux: Ignore files removed during relabeling In case ignore_noent is specified, ignore files removed during relabeling (race condition between folder read, file read and label set). Signed-off-by: Vit Mojzis Acked-by: Stephen Smalley --- libselinux/src/selinux_restorecon.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c index 702ad8d9..23546cb0 100644 --- a/libselinux/src/selinux_restorecon.c +++ b/libselinux/src/selinux_restorecon.c @@ -726,6 +726,9 @@ static int restorecon_sb(const char *pathname, const struct stat *sb, pathname, newcon); if (lgetfilecon_raw(pathname, &curcon) < 0) { + /* Ignore files removed during relabeling if ignore_noent is set */ + if (flags->ignore_noent && errno == ENOENT) + goto out; if (errno != ENODATA) goto err; @@ -765,8 +768,14 @@ static int restorecon_sb(const char *pathname, const struct stat *sb, } if (!flags->nochange) { - if (lsetfilecon(pathname, newcon) < 0) - goto err; + if (lsetfilecon(pathname, newcon) < 0) { + /* Ignore files removed during relabeling if ignore_noent is set */ + if (flags->ignore_noent && errno == ENOENT) + goto out; + else + goto err; + } + updated = true; } @@ -932,9 +941,10 @@ loop_body: case FTS_NS: error = errno; errno = ftsent->fts_errno; - selinux_log(SELINUX_ERROR, - "Could not stat %s: %m.\n", - ftsent->fts_path); + if (!state->flags.ignore_noent || errno != ENOENT) + selinux_log(SELINUX_ERROR, + "Could not stat %s: %m.\n", + ftsent->fts_path); errno = error; fts_set(fts, ftsent, FTS_SKIP); continue; -- 2.51.0