Red Hat Bugzilla – Bug 208835
EA set failure when restoring immutable file
Last modified: 2017-10-12 10:09:58 EDT
Description of problem:
When restoring a file that has the immutable flag set, restore displays a
warning ("restore: ./root/.bash_history: EA set
security.selinux:root:object_r:user_home_t:s0 failed: Operation not permitted")
and the SELinux file context is not restored.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Create a dump containing a file with the immutable flag set
2. Restore the dump
Warning displayed and SELinux context not restored.
File successfully restored with appropriate SELinux context.
Created attachment 142282 [details]
Please, could you test this package? problem could be fixed here. Thanks much
The SELinux patches in the updated package did not correct the problem. After
further investigation, I found that the restore code was restoring the flags
before trying to set the SELinux context. After the immutable flag set, no file
modifications (EA attributes, update timestamps, etc.) can be made.
I will attach the patch that I came up with that solved my specific problem.
Created attachment 146737 [details]
Patch that solves the problem initially reported
The basic idea of this patch is to make all necessary changes (EA attributes,
timestamps, etc.) before restoring the flags.
I cannot provide any guarantees with this patch, as I did not test anything
beyond the specific error I reported. Although things looked good when I made
a quick review, there may be side-effects or corner cases involving the
relocation of the timestamp updates that I did not see.
Yes, your patch looks fine. I've added it to rawhide. Thanks for it