bug-coreutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#17220: SELinux options in --help / manpage may be confusing

From: Pádraig Brady
Subject: bug#17220: SELinux options in --help / manpage may be confusing
Date: Tue, 08 Apr 2014 16:27:44 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130110 Thunderbird/17.0.2 
On 04/08/2014 02:47 PM, Ondrej Vasik wrote:
> Hi,
> recently I got one bug report, asking about mknod not running correctly
> with old syntax
> mknod -m 666 -Z system_u:object_r:random_device_t:s0 /dev/random2 c 1 9
> This is not a bug, as since 8.22, short version of -Z doesn't accept
> optional arguments.
> 
> However, --help and manpage is a bit misleading. I think we should split
> the lines for -Z and --context , as both are doing a bit different
> thing.
> -Z restores the default SELinux context
> --context=[CTX] restores the default SELinux context if no CTX is
> specified, otherwise sets the SELinux/SMACK context to CTX.
> 
> Now, with having them both on one lines, it gives user the feeling that
> -Z accepts argument, which may lead to scripts errors. This is not only
> about mknod, but about all utilities with -Z option (and recent change
> in behaviour)
> 
> Thanks in advance for consideration!

Note the -o, --option[=optional long arg] is a very common
idiom in the coreutils' --help and thus man pages.
In the unusual case where a short option takes an optional arg we use:

  -w[BYTES], --width[=BYTES]  output BYTES bytes per output line;
                                32 is implied when BYTES is not specified


Though -Z, --context[=CTX] are slightly different concepts as you say
so we should split out the descriptions.

So currently we have this:

  -Z, --context[=CTX]  set the SELinux security context of NAME to
                         default type, or set the SELinux or SMACK
                         security context to CTX if specified


I'll push a patch that changes all utils along the lines of:


  -Z               set the SELinux security context of NAME to default type
  --context[=CTX]  likewise, or if CTX is specified then set the SELinux
                     or SMACK security context to CTX


cheers,
Pádraig.

p.s. for completeness, for mandatory args we use:

  -t, --format=TYPE           select output format or formats
reply via email to
[Prev in Thread] Current Thread [Next in Thread]