Bug 524202

Summary: "ls -lZ" is not the same as "ls -Zl"
Product: [Fedora] Fedora Reporter: Stephen Pritchard <bugzilla.redhat.com>
Component: coreutilsAssignee: Ondrej Vasik <ovasik>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: rawhideCC: kdudka, ovasik, twaugh
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-09-18 07:51:14 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:

Description Stephen Pritchard 2009-09-18 07:08:16 EDT
---- ---- ---- ---- ----
System Info

[root@foo selinux]# uname -a
Linux foo.localdomain 2.6.18-128.7.1.el5 #1 SMP Mon Aug 24 08:20:55 EDT
2009 i686 i686 i386 GNU/Linux

[root@foo selinux]# cat /etc/*release
CentOS release 5.3 (Final)

---- ---- ---- ---- ----

I'm not sure whether this is by design or not, but I'd like to point out
for some reason "ls" doesn't see "ls -lZ" as the same as "ls -Zl"


[root@foo selinux]# ls -lZ ./custom-policy/modules/active/base.pp
-rw-------  root root root:object_r:semanage_store_t
./custom-policy/modules/active/base.pp
 
[root@foo selinux]# ls -Zl ./custom-policy/modules/active/base.pp
-rw------- 1 root:object_r:semanage_store_t   root root 13383956 Sep 14
20:33 ./custom-policy/modules/active/base.pp

With "-Zl" I believe the time stamp is correctly shown for the file,
where as with "-lZ" it is not.
Comment 1 Kamil Dudka 2009-09-18 07:42:36 EDT
I can reproduce the issue even in rawhide, but not with upstream coreutils. It seems to be caused by the downstream SELinux patch.
Comment 2 Ondrej Vasik 2009-09-18 07:51:14 EDT
Thanks for report, but sorry - it's not a bug. In ls is one rule - last format option specified is used. So -Z sets security format (equivalent of --scontext) - without timestamp - and -l sets long format - with timestamp. Output format depends on the order of short options, but this is expected - try e.g. ls -ml vs. ls -lm . Closing NOTABUG.
However - maybe documenting that general behaviour at least in info documentation might be good idea. It seems that this information is missing at first sight.
Comment 3 Ondrej Vasik 2009-09-18 07:55:03 EDT
Kamil: it's because upstream doesn't use SELinux format - they use just boolean whether display SELinux context or not... in Red Hat based distros with that SELinux patch we have --context (equivalent to -Z - like long, but context is shown instead of timestamp) , --lcontext (context and timestamp shown) and --scontext(just name and context).
Comment 4 Kamil Dudka 2009-09-18 10:19:03 EDT
My line of thinking ... we have mutually exclusive options, the last option holds -- we can mention it in the info documentation, but it's sort of  expected behavior in GNU coreutils.

But this is more likely about the side effect of -Z. I figured out that -lZ is equivalent to --context, however -Zl is equivalent --lcontext. This is what we *should* document in case we want to keep it this way.
Comment 5 Stephen Pritchard 2009-09-18 10:32:53 EDT
Thanks for clearing this up. Glad it's not a bug, however, I agree maybe the documentation needs updating.

Possible Suggestion:
"...
      SELinux options:

       -Z, --context
              Display security context so it fits on most displays.   Displays  only  mode,  user,  group,
              security context and file name.

       -Zl --lcontext
              Display security context with long listing.  Lines with long listing and security context will probably be too wide for most displays.

       --scontext
              Display only security context and file name.
 ..."

Maybe the "ls has a rule - last format option specified is used." should be documented too with an example.  Though this will probably be missed by 90% of people skimming the man page.

You know best. Thanks for the response.
Comment 6 Ondrej Vasik 2009-09-18 14:05:43 EDT
Ok, as we already have the burden of SELinux distro-specific modifications, more specific info about those --<X>context options should be done. I'm ok with it.

We'll see what's the upstream opinion about the info improvement about "last format option".