[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#17220: SELinux options in --help / manpage may be confusing
From: |
Pádraig Brady |
Subject: |
bug#17220: SELinux options in --help / manpage may be confusing |
Date: |
Tue, 08 Apr 2014 16:27:44 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130110 Thunderbird/17.0.2 |
On 04/08/2014 02:47 PM, Ondrej Vasik wrote:
> Hi,
> recently I got one bug report, asking about mknod not running correctly
> with old syntax
> mknod -m 666 -Z system_u:object_r:random_device_t:s0 /dev/random2 c 1 9
> This is not a bug, as since 8.22, short version of -Z doesn't accept
> optional arguments.
>
> However, --help and manpage is a bit misleading. I think we should split
> the lines for -Z and --context , as both are doing a bit different
> thing.
> -Z restores the default SELinux context
> --context=[CTX] restores the default SELinux context if no CTX is
> specified, otherwise sets the SELinux/SMACK context to CTX.
>
> Now, with having them both on one lines, it gives user the feeling that
> -Z accepts argument, which may lead to scripts errors. This is not only
> about mknod, but about all utilities with -Z option (and recent change
> in behaviour)
>
> Thanks in advance for consideration!
Note the -o, --option[=optional long arg] is a very common
idiom in the coreutils' --help and thus man pages.
In the unusual case where a short option takes an optional arg we use:
-w[BYTES], --width[=BYTES] output BYTES bytes per output line;
32 is implied when BYTES is not specified
Though -Z, --context[=CTX] are slightly different concepts as you say
so we should split out the descriptions.
So currently we have this:
-Z, --context[=CTX] set the SELinux security context of NAME to
default type, or set the SELinux or SMACK
security context to CTX if specified
I'll push a patch that changes all utils along the lines of:
-Z set the SELinux security context of NAME to default type
--context[=CTX] likewise, or if CTX is specified then set the SELinux
or SMACK security context to CTX
cheers,
Pádraig.
p.s. for completeness, for mandatory args we use:
-t, --format=TYPE select output format or formats