Re: Make mv work better with SELinux.

[Pádraig Brady]

On 11/08/2012 10:20 PM, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Another pass at the patch.
>
> This time -Z is not optional, only --context is.
>
> - -Z or --context indicates use default label.
>
> - --context=CTX uses previous behavior.
>
> You can now do
>
> cp -aZ and cp -Za and the right thing will happen.

Excellent.

> I have turned off the warning SELinux is disabled if you specify -Z or
> - --context.  Now it will quietly ignore.  I can add a comment to the usage if
> you think it is worth while.   The reason I want to do this, is to allow
> people to do "mkdir -Z /var/run/XYZ" in a script and not worry about whether
> or not SELinux is enabled.  Currently we have lots of init script that do
> things like
>
> mkdir -Z /var/run/XYZ
> restorecon /var/run/XYZ
>
> Where restorecon quietly exits if SELinux is disabled.

Yes that makes sense.
--context without args just means set the system default
for the path, which can be nothing if SELinux is disabled.

I've no time to review now,
but hope to review fully and merge over the weekend.
I might get time to do some docs and tests too.

thanks!
Pádraig.