Re: [Freeipa-devel] [PATCH 0153] ipatests: Fix incorrect order of operations when restoring

Thu, 20 Feb 2014 03:21:08 -0800 

On 02/19/2014 04:54 PM, Jan Pazdziora wrote:

On Wed, Feb 19, 2014 at 04:37:05PM +0100, Tomas Babej wrote:

Hi,

When restoring files from backup, we do use an incorrect order of
operations - we first restore SELinux context and then copy the
files from backup, when we need to do the exact opposite.

https://fedorahosted.org/freeipa/ticket/4133




>From 3c1da9e7265bfb303cd4b9751c5b32b04d502431 Mon Sep 17 00:00:00 2001
From: Tomas Babej <[email protected]>
Date: Wed, 19 Feb 2014 16:31:12 +0100
Subject: [PATCH] ipatests: Fix incorrect order of operations when restoring
  backup

When restoring files from backup, we do use an incorrect order of
operations - we first restore SELinux context and then copy the
files from backup, when we need to do the exact opposite.

https://fedorahosted.org/freeipa/ticket/4133
---
  ipatests/test_integration/tasks.py | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ipatests/test_integration/tasks.py 
b/ipatests/test_integration/tasks.py
index 
9a6ea3fa548a53d6e5ab6d19783227c2d956a001..b785f28190ed39a0ac45ff5b69e3b474e2634278
 100644
--- a/ipatests/test_integration/tasks.py
+++ b/ipatests/test_integration/tasks.py
@@ -137,7 +137,7 @@ def restore_files(host):

      # Run both commands in one session. For more information, see:
      # https://fedorahosted.org/freeipa/ticket/4133
-    host.run_command('%s ; (%s ||:)' % (restorecon_command, copyfiles_command))
+    host.run_command('%s ; (%s ||:)' % (copyfiles_command, restorecon_command))


ACK -- having the files in place is definitely useful if we then want
to find them there.

However: since this is about restoring a backup, can't the backup
contain the extended attributes, so that the SELinux context gets
restored to the original state (which could be different from what
the restorecon will give you)?
Well, I guess you're the Beaker authority here. Is that necessary when restoring? The tests expect a "sane" state, and they return to that; using a somehow customized machine to test on is a bad idea anyway. 

--
PetrĀ³

_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to