Hello, as documented in NEWS and as written in test cp-a-selinux, cp -a should try to preserve selinux context, if possible. The activation boolean preserve_security_context was missing in this branch. Also cp -a is not really equivalent to -dpR, but to -dR --preserve-all , as it tries(or at least it should try) SELinux context. Following changes were done to make documentation more precise and preserve=context and preserve=all behaviour after failure SELinux context preserving is documented by that patch as well.
Greetings,
Ondřej Vašík
From bc163403999c973be4050fa29000122c3706ce0f Mon Sep 17 00:00:00 2001
From: =?utf-8?q?Ond=C5=99ej=20Va=C5=A1=C3=ADk?= <[EMAIL PROTECTED]>
Date: Tue, 7 Oct 2008 16:43:49 +0200
Subject: [PATCH] cp: document selinux options, preserving SELinux context for '-a' option
* coreutils.texi(cp invocation): Document SELinux related things
* cp.c (main): adjust '-a' option to preserve SELinux context if possible
---
doc/coreutils.texi | 11 ++++++++---
src/cp.c | 6 ++++--
2 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/doc/coreutils.texi b/doc/coreutils.texi
index 67da740..a7c0da3 100644
--- a/doc/coreutils.texi
+++ b/doc/coreutils.texi
@@ -7227,8 +7227,9 @@ The program accepts the following options. Also see @ref{Common options}.
Preserve as much as possible of the structure and attributes of the
original files in the copy (but do not attempt to preserve internal
directory structure; i.e., @samp{ls -U} may list the entries in a copied
-directory in a different order).
-Equivalent to @option{-dpR}.
+directory in a different order). Try to preserve SELinux security context
+as well, but do not fail when this is not succesful.
+Equivalent to @option{-dR --preserve=all}.
@item -b
@itemx @[EMAIL PROTECTED]@var{method}]}
@@ -7358,9 +7359,13 @@ Preserve in the destination files
any links between corresponding source files.
@c Give examples illustrating how hard links are preserved.
@c Also, show how soft links map to hard links with -L and -H.
[EMAIL PROTECTED] context
+Preserve SELinux security context of the file. @command{cp} will fail
+if the preserving of SELinux security context is not succesful.
@itemx all
Preserve all file attributes.
-Equivalent to specifying all of the above.
+Equivalent to specifying all of the above. Ignores failure of
+preserving SELinux security context.
@end table
Using @option{--preserve} with no @var{attribute_list} is equivalent
diff --git a/src/cp.c b/src/cp.c
index 77d4702..f09f96f 100644
--- a/src/cp.c
+++ b/src/cp.c
@@ -174,7 +174,7 @@ Copy SOURCE to DEST, or multiple SOURCE(s) to DIRECTORY.\n\
Mandatory arguments to long options are mandatory for short options too.\n\
"), stdout);
fputs (_("\
- -a, --archive same as -dpR\n\
+ -a, --archive same as -dR --preserve=all\n\
--backup[=CONTROL] make a backup of each existing destination file\n\
-b like --backup but does not accept an argument\n\
--copy-contents copy contents of special files when recursive\n\
@@ -920,13 +920,15 @@ main (int argc, char **argv)
sparse_type_string, sparse_type);
break;
- case 'a': /* Like -dpR. */
+ case 'a': /* Like -dR --preserve=all. */
x.dereference = DEREF_NEVER;
x.preserve_links = true;
x.preserve_ownership = true;
x.preserve_mode = true;
x.preserve_timestamps = true;
x.require_preserve = true;
+ if (selinux_enabled)
+ x.preserve_security_context = true;
x.recursive = true;
break;
--
1.5.6.1.156.ge903b
signature.asc
Description: Toto je digitálně podepsaná část zprávy
_______________________________________________ Bug-coreutils mailing list Bug-coreutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-coreutils
