FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 11-29-2011, 11:14 AM
Paul Howarth
 
Default libselinux python binding of restorecon different from restorecon command

I maintain a local RPM package repository and have a "newrepo" script that assembles the repository, calls createrepo and repoview etc.

During the script it runs "restorecon" on all of the files in the repo to make sure that they have the correct contexts to be accessible via http etc.

A few weeks ago I rewrote the script in python and decided to use the libselinux-python binding (this is on F16) for the "restorecon" call. Around the same time I noticed that my backups were getting a lot bigger but I've only just discovered why. If I use the shell command "restorecon -rvF /path/to/dir", and it doesn't need to change anything, the ctime of the dirs/files concerned remain unchanged. However, if I use the python binding, the ctime is updated. So I've backing up the entire repository on each incremental backup :-(

[paul@zion ~]$ ls -l --time=ctime /home/paul/cfo-repo/drivers/advansys/
total 11896
-rw-rw-r--. 1 paul paul 649700 Nov 29 11:54 advansys-driverdisk.zip
-rw-rw-r--. 1 paul paul 4175872 Nov 29 11:54 advansys-fc2-boot.iso
-rw-rw-r--. 2 paul paul 108723 Nov 29 11:54 dkms-2.2.0.2-1.noarch.rpm
-rw-rw-r--. 2 paul paul 132593 Nov 29 11:54 dkms-2.2.0.2-1.src.rpm
-rw-rw-r--. 1 paul paul 10400 Nov 29 11:54 HEADER.html
-rw-rw-r--. 1 paul paul 287602 Nov 29 11:54 kernel-advansys-0.9.1-1dkms.noarch.rpm
-rw-rw-r--. 1 paul paul 228573 Nov 29 11:54 kernel-advansys-0.9.1-1dkms.src.rpm
-rw-rw-r--. 1 paul paul 620915 Nov 29 11:54 kernel-advansys-0.9.2-1dkms.noarch.rpm
-rw-rw-r--. 1 paul paul 457045 Nov 29 11:54 kernel-advansys-0.9.2-1dkms.src.rpm
-rw-rw-r--. 1 paul paul 607931 Nov 29 11:54 kernel-advansys-0.9.3-2dkms.noarch.rpm
-rw-rw-r--. 1 paul paul 461727 Nov 29 11:54 kernel-advansys-0.9.3-2dkms.src.rpm
-rw-r--r--. 1 paul paul 1234354 Nov 29 11:54 kernel-advansys-0.9.4-1dkms.noarch.rpm
-rw-r--r--. 1 paul paul 907444 Nov 29 11:54 kernel-advansys-0.9.4-1dkms.src.rpm
-rw-rw-r--. 2 paul paul 1286253 Nov 29 11:54 kernel-advansys-0.9.5-1dkms.noarch.rpm
-rw-rw-r--. 2 paul paul 981819 Nov 29 11:54 kernel-advansys-0.9.5-1dkms.src.rpm
[paul@zion ~]$ date; restorecon -rvF /home/paul/cfo-repo/drivers/advansys/; date
Tue Nov 29 12:02:54 GMT 2011
Tue Nov 29 12:02:54 GMT 2011
[paul@zion ~]$ ls -l --time=ctime /home/paul/cfo-repo/drivers/advansys/
total 11896
-rw-rw-r--. 1 paul paul 649700 Nov 29 11:54 advansys-driverdisk.zip
-rw-rw-r--. 1 paul paul 4175872 Nov 29 11:54 advansys-fc2-boot.iso
-rw-rw-r--. 2 paul paul 108723 Nov 29 11:54 dkms-2.2.0.2-1.noarch.rpm
-rw-rw-r--. 2 paul paul 132593 Nov 29 11:54 dkms-2.2.0.2-1.src.rpm
-rw-rw-r--. 1 paul paul 10400 Nov 29 11:54 HEADER.html
-rw-rw-r--. 1 paul paul 287602 Nov 29 11:54 kernel-advansys-0.9.1-1dkms.noarch.rpm
-rw-rw-r--. 1 paul paul 228573 Nov 29 11:54 kernel-advansys-0.9.1-1dkms.src.rpm
-rw-rw-r--. 1 paul paul 620915 Nov 29 11:54 kernel-advansys-0.9.2-1dkms.noarch.rpm
-rw-rw-r--. 1 paul paul 457045 Nov 29 11:54 kernel-advansys-0.9.2-1dkms.src.rpm
-rw-rw-r--. 1 paul paul 607931 Nov 29 11:54 kernel-advansys-0.9.3-2dkms.noarch.rpm
-rw-rw-r--. 1 paul paul 461727 Nov 29 11:54 kernel-advansys-0.9.3-2dkms.src.rpm
-rw-r--r--. 1 paul paul 1234354 Nov 29 11:54 kernel-advansys-0.9.4-1dkms.noarch.rpm
-rw-r--r--. 1 paul paul 907444 Nov 29 11:54 kernel-advansys-0.9.4-1dkms.src.rpm
-rw-rw-r--. 2 paul paul 1286253 Nov 29 11:54 kernel-advansys-0.9.5-1dkms.noarch.rpm
-rw-rw-r--. 2 paul paul 981819 Nov 29 11:54 kernel-advansys-0.9.5-1dkms.src.rpm
[paul@zion ~]$ date; python -c "from selinux import restorecon; restorecon('/home/paul/cfo-repo/drivers/advansys', recursive = True)"; date
Tue Nov 29 12:03:51 GMT 2011
Tue Nov 29 12:03:52 GMT 2011
[paul@zion ~]$ ls -l --time=ctime /home/paul/cfo-repo/drivers/advansys/total 11896
-rw-rw-r--. 1 paul paul 649700 Nov 29 12:03 advansys-driverdisk.zip
-rw-rw-r--. 1 paul paul 4175872 Nov 29 12:03 advansys-fc2-boot.iso
-rw-rw-r--. 2 paul paul 108723 Nov 29 12:03 dkms-2.2.0.2-1.noarch.rpm
-rw-rw-r--. 2 paul paul 132593 Nov 29 12:03 dkms-2.2.0.2-1.src.rpm
-rw-rw-r--. 1 paul paul 10400 Nov 29 12:03 HEADER.html
-rw-rw-r--. 1 paul paul 287602 Nov 29 12:03 kernel-advansys-0.9.1-1dkms.noarch.rpm
-rw-rw-r--. 1 paul paul 228573 Nov 29 12:03 kernel-advansys-0.9.1-1dkms.src.rpm
-rw-rw-r--. 1 paul paul 620915 Nov 29 12:03 kernel-advansys-0.9.2-1dkms.noarch.rpm
-rw-rw-r--. 1 paul paul 457045 Nov 29 12:03 kernel-advansys-0.9.2-1dkms.src.rpm
-rw-rw-r--. 1 paul paul 607931 Nov 29 12:03 kernel-advansys-0.9.3-2dkms.noarch.rpm
-rw-rw-r--. 1 paul paul 461727 Nov 29 12:03 kernel-advansys-0.9.3-2dkms.src.rpm
-rw-r--r--. 1 paul paul 1234354 Nov 29 12:03 kernel-advansys-0.9.4-1dkms.noarch.rpm
-rw-r--r--. 1 paul paul 907444 Nov 29 12:03 kernel-advansys-0.9.4-1dkms.src.rpm
-rw-rw-r--. 2 paul paul 1286253 Nov 29 12:03 kernel-advansys-0.9.5-1dkms.noarch.rpm
-rw-rw-r--. 2 paul paul 981819 Nov 29 12:03 kernel-advansys-0.9.5-1dkms.src.rpm
[paul@zion ~]$

Is this expected behaviour? Is there a way I can use the python binding but get the same behaviour as the shell command?

Paul.
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 
Old 11-29-2011, 01:31 PM
Daniel J Walsh
 
Default libselinux python binding of restorecon different from restorecon command

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/29/2011 07:14 AM, Paul Howarth wrote:
> I maintain a local RPM package repository and have a "newrepo"
> script that assembles the repository, calls createrepo and repoview
> etc.
>
> During the script it runs "restorecon" on all of the files in the
> repo to make sure that they have the correct contexts to be
> accessible via http etc.
>
> A few weeks ago I rewrote the script in python and decided to use
> the libselinux-python binding (this is on F16) for the "restorecon"
> call. Around the same time I noticed that my backups were getting a
> lot bigger but I've only just discovered why. If I use the shell
> command "restorecon -rvF /path/to/dir", and it doesn't need to
> change anything, the ctime of the dirs/files concerned remain
> unchanged. However, if I use the python binding, the ctime is
> updated. So I've backing up the entire repository on each
> incremental backup :-(
>
> [paul@zion ~]$ ls -l --time=ctime
> /home/paul/cfo-repo/drivers/advansys/ total 11896 -rw-rw-r--. 1
> paul paul 649700 Nov 29 11:54 advansys-driverdisk.zip -rw-rw-r--.
> 1 paul paul 4175872 Nov 29 11:54 advansys-fc2-boot.iso -rw-rw-r--.
> 2 paul paul 108723 Nov 29 11:54 dkms-2.2.0.2-1.noarch.rpm
> -rw-rw-r--. 2 paul paul 132593 Nov 29 11:54
> dkms-2.2.0.2-1.src.rpm -rw-rw-r--. 1 paul paul 10400 Nov 29 11:54
> HEADER.html -rw-rw-r--. 1 paul paul 287602 Nov 29 11:54
> kernel-advansys-0.9.1-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 228573 Nov 29 11:54 kernel-advansys-0.9.1-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 620915 Nov 29 11:54
> kernel-advansys-0.9.2-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 457045 Nov 29 11:54 kernel-advansys-0.9.2-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 607931 Nov 29 11:54
> kernel-advansys-0.9.3-2dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 461727 Nov 29 11:54 kernel-advansys-0.9.3-2dkms.src.rpm -rw-r--r--.
> 1 paul paul 1234354 Nov 29 11:54
> kernel-advansys-0.9.4-1dkms.noarch.rpm -rw-r--r--. 1 paul paul
> 907444 Nov 29 11:54 kernel-advansys-0.9.4-1dkms.src.rpm -rw-rw-r--.
> 2 paul paul 1286253 Nov 29 11:54
> kernel-advansys-0.9.5-1dkms.noarch.rpm -rw-rw-r--. 2 paul paul
> 981819 Nov 29 11:54 kernel-advansys-0.9.5-1dkms.src.rpm [paul@zion
> ~]$ date; restorecon -rvF /home/paul/cfo-repo/drivers/advansys/;
> date Tue Nov 29 12:02:54 GMT 2011 Tue Nov 29 12:02:54 GMT 2011
> [paul@zion ~]$ ls -l --time=ctime
> /home/paul/cfo-repo/drivers/advansys/ total 11896 -rw-rw-r--. 1
> paul paul 649700 Nov 29 11:54 advansys-driverdisk.zip -rw-rw-r--.
> 1 paul paul 4175872 Nov 29 11:54 advansys-fc2-boot.iso -rw-rw-r--.
> 2 paul paul 108723 Nov 29 11:54 dkms-2.2.0.2-1.noarch.rpm
> -rw-rw-r--. 2 paul paul 132593 Nov 29 11:54
> dkms-2.2.0.2-1.src.rpm -rw-rw-r--. 1 paul paul 10400 Nov 29 11:54
> HEADER.html -rw-rw-r--. 1 paul paul 287602 Nov 29 11:54
> kernel-advansys-0.9.1-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 228573 Nov 29 11:54 kernel-advansys-0.9.1-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 620915 Nov 29 11:54
> kernel-advansys-0.9.2-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 457045 Nov 29 11:54 kernel-advansys-0.9.2-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 607931 Nov 29 11:54
> kernel-advansys-0.9.3-2dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 461727 Nov 29 11:54 kernel-advansys-0.9.3-2dkms.src.rpm -rw-r--r--.
> 1 paul paul 1234354 Nov 29 11:54
> kernel-advansys-0.9.4-1dkms.noarch.rpm -rw-r--r--. 1 paul paul
> 907444 Nov 29 11:54 kernel-advansys-0.9.4-1dkms.src.rpm -rw-rw-r--.
> 2 paul paul 1286253 Nov 29 11:54
> kernel-advansys-0.9.5-1dkms.noarch.rpm -rw-rw-r--. 2 paul paul
> 981819 Nov 29 11:54 kernel-advansys-0.9.5-1dkms.src.rpm [paul@zion
> ~]$ date; python -c "from selinux import restorecon;
> restorecon('/home/paul/cfo-repo/drivers/advansys', recursive =
> True)"; date Tue Nov 29 12:03:51 GMT 2011 Tue Nov 29 12:03:52 GMT
> 2011 [paul@zion ~]$ ls -l --time=ctime
> /home/paul/cfo-repo/drivers/advansys/total 11896 -rw-rw-r--. 1 paul
> paul 649700 Nov 29 12:03 advansys-driverdisk.zip -rw-rw-r--. 1
> paul paul 4175872 Nov 29 12:03 advansys-fc2-boot.iso -rw-rw-r--. 2
> paul paul 108723 Nov 29 12:03 dkms-2.2.0.2-1.noarch.rpm
> -rw-rw-r--. 2 paul paul 132593 Nov 29 12:03
> dkms-2.2.0.2-1.src.rpm -rw-rw-r--. 1 paul paul 10400 Nov 29 12:03
> HEADER.html -rw-rw-r--. 1 paul paul 287602 Nov 29 12:03
> kernel-advansys-0.9.1-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 228573 Nov 29 12:03 kernel-advansys-0.9.1-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 620915 Nov 29 12:03
> kernel-advansys-0.9.2-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 457045 Nov 29 12:03 kernel-advansys-0.9.2-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 607931 Nov 29 12:03
> kernel-advansys-0.9.3-2dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 461727 Nov 29 12:03 kernel-advansys-0.9.3-2dkms.src.rpm -rw-r--r--.
> 1 paul paul 1234354 Nov 29 12:03
> kernel-advansys-0.9.4-1dkms.noarch.rpm -rw-r--r--. 1 paul paul
> 907444 Nov 29 12:03 kernel-advansys-0.9.4-1dkms.src.rpm -rw-rw-r--.
> 2 paul paul 1286253 Nov 29 12:03
> kernel-advansys-0.9.5-1dkms.noarch.rpm -rw-rw-r--. 2 paul paul
> 981819 Nov 29 12:03 kernel-advansys-0.9.5-1dkms.src.rpm [paul@zion
> ~]$
>
> Is this expected behaviour? Is there a way I can use the python
> binding but get the same behaviour as the shell command?
>
> Paul. -- selinux mailing list selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>

Paul open a bug, The current restorecon bindings is real simple.

def restorecon(path, recursive=False):
""" Restore SELinux context on a given path """

try:
mode = os.lstat(path)[stat.ST_MODE]
status, context = matchpathcon(path, mode)
except OSError:
path = os.path.realpath(os.path.expanduser(path))
mode = os.lstat(path)[stat.ST_MODE]
status, context = matchpathcon(path, mode)

if status == 0:
lsetfilecon(path, context)
if recursive:
os.path.walk(path, lambda arg, dirname, fnames:
map(restorecon, [os.path.join(dirname, fname)
for fname in fnames]), None)


But it would be fairly simple to add a lgetfilecon(path) and check to
see if they match, if they do, do nothing. Some of the more advanced
features of restorecon might take a while.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk7U7KcACgkQrlYvE4MpobPTIACcD52LGCbmcm AaxA2NygARK3sS
nUMAnjoZUmggkXrv7qsWnFOnD3Q43LGL
=d7pM
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 
Old 11-29-2011, 03:10 PM
Daniel J Walsh
 
Default libselinux python binding of restorecon different from restorecon command

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/29/2011 07:14 AM, Paul Howarth wrote:
> I maintain a local RPM package repository and have a "newrepo"
> script that assembles the repository, calls createrepo and repoview
> etc.
>
> During the script it runs "restorecon" on all of the files in the
> repo to make sure that they have the correct contexts to be
> accessible via http etc.
>
> A few weeks ago I rewrote the script in python and decided to use
> the libselinux-python binding (this is on F16) for the "restorecon"
> call. Around the same time I noticed that my backups were getting a
> lot bigger but I've only just discovered why. If I use the shell
> command "restorecon -rvF /path/to/dir", and it doesn't need to
> change anything, the ctime of the dirs/files concerned remain
> unchanged. However, if I use the python binding, the ctime is
> updated. So I've backing up the entire repository on each
> incremental backup :-(
>
> [paul@zion ~]$ ls -l --time=ctime
> /home/paul/cfo-repo/drivers/advansys/ total 11896 -rw-rw-r--. 1
> paul paul 649700 Nov 29 11:54 advansys-driverdisk.zip -rw-rw-r--.
> 1 paul paul 4175872 Nov 29 11:54 advansys-fc2-boot.iso -rw-rw-r--.
> 2 paul paul 108723 Nov 29 11:54 dkms-2.2.0.2-1.noarch.rpm
> -rw-rw-r--. 2 paul paul 132593 Nov 29 11:54
> dkms-2.2.0.2-1.src.rpm -rw-rw-r--. 1 paul paul 10400 Nov 29 11:54
> HEADER.html -rw-rw-r--. 1 paul paul 287602 Nov 29 11:54
> kernel-advansys-0.9.1-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 228573 Nov 29 11:54 kernel-advansys-0.9.1-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 620915 Nov 29 11:54
> kernel-advansys-0.9.2-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 457045 Nov 29 11:54 kernel-advansys-0.9.2-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 607931 Nov 29 11:54
> kernel-advansys-0.9.3-2dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 461727 Nov 29 11:54 kernel-advansys-0.9.3-2dkms.src.rpm -rw-r--r--.
> 1 paul paul 1234354 Nov 29 11:54
> kernel-advansys-0.9.4-1dkms.noarch.rpm -rw-r--r--. 1 paul paul
> 907444 Nov 29 11:54 kernel-advansys-0.9.4-1dkms.src.rpm -rw-rw-r--.
> 2 paul paul 1286253 Nov 29 11:54
> kernel-advansys-0.9.5-1dkms.noarch.rpm -rw-rw-r--. 2 paul paul
> 981819 Nov 29 11:54 kernel-advansys-0.9.5-1dkms.src.rpm [paul@zion
> ~]$ date; restorecon -rvF /home/paul/cfo-repo/drivers/advansys/;
> date Tue Nov 29 12:02:54 GMT 2011 Tue Nov 29 12:02:54 GMT 2011
> [paul@zion ~]$ ls -l --time=ctime
> /home/paul/cfo-repo/drivers/advansys/ total 11896 -rw-rw-r--. 1
> paul paul 649700 Nov 29 11:54 advansys-driverdisk.zip -rw-rw-r--.
> 1 paul paul 4175872 Nov 29 11:54 advansys-fc2-boot.iso -rw-rw-r--.
> 2 paul paul 108723 Nov 29 11:54 dkms-2.2.0.2-1.noarch.rpm
> -rw-rw-r--. 2 paul paul 132593 Nov 29 11:54
> dkms-2.2.0.2-1.src.rpm -rw-rw-r--. 1 paul paul 10400 Nov 29 11:54
> HEADER.html -rw-rw-r--. 1 paul paul 287602 Nov 29 11:54
> kernel-advansys-0.9.1-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 228573 Nov 29 11:54 kernel-advansys-0.9.1-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 620915 Nov 29 11:54
> kernel-advansys-0.9.2-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 457045 Nov 29 11:54 kernel-advansys-0.9.2-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 607931 Nov 29 11:54
> kernel-advansys-0.9.3-2dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 461727 Nov 29 11:54 kernel-advansys-0.9.3-2dkms.src.rpm -rw-r--r--.
> 1 paul paul 1234354 Nov 29 11:54
> kernel-advansys-0.9.4-1dkms.noarch.rpm -rw-r--r--. 1 paul paul
> 907444 Nov 29 11:54 kernel-advansys-0.9.4-1dkms.src.rpm -rw-rw-r--.
> 2 paul paul 1286253 Nov 29 11:54
> kernel-advansys-0.9.5-1dkms.noarch.rpm -rw-rw-r--. 2 paul paul
> 981819 Nov 29 11:54 kernel-advansys-0.9.5-1dkms.src.rpm [paul@zion
> ~]$ date; python -c "from selinux import restorecon;
> restorecon('/home/paul/cfo-repo/drivers/advansys', recursive =
> True)"; date Tue Nov 29 12:03:51 GMT 2011 Tue Nov 29 12:03:52 GMT
> 2011 [paul@zion ~]$ ls -l --time=ctime
> /home/paul/cfo-repo/drivers/advansys/total 11896 -rw-rw-r--. 1 paul
> paul 649700 Nov 29 12:03 advansys-driverdisk.zip -rw-rw-r--. 1
> paul paul 4175872 Nov 29 12:03 advansys-fc2-boot.iso -rw-rw-r--. 2
> paul paul 108723 Nov 29 12:03 dkms-2.2.0.2-1.noarch.rpm
> -rw-rw-r--. 2 paul paul 132593 Nov 29 12:03
> dkms-2.2.0.2-1.src.rpm -rw-rw-r--. 1 paul paul 10400 Nov 29 12:03
> HEADER.html -rw-rw-r--. 1 paul paul 287602 Nov 29 12:03
> kernel-advansys-0.9.1-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 228573 Nov 29 12:03 kernel-advansys-0.9.1-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 620915 Nov 29 12:03
> kernel-advansys-0.9.2-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 457045 Nov 29 12:03 kernel-advansys-0.9.2-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 607931 Nov 29 12:03
> kernel-advansys-0.9.3-2dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 461727 Nov 29 12:03 kernel-advansys-0.9.3-2dkms.src.rpm -rw-r--r--.
> 1 paul paul 1234354 Nov 29 12:03
> kernel-advansys-0.9.4-1dkms.noarch.rpm -rw-r--r--. 1 paul paul
> 907444 Nov 29 12:03 kernel-advansys-0.9.4-1dkms.src.rpm -rw-rw-r--.
> 2 paul paul 1286253 Nov 29 12:03
> kernel-advansys-0.9.5-1dkms.noarch.rpm -rw-rw-r--. 2 paul paul
> 981819 Nov 29 12:03 kernel-advansys-0.9.5-1dkms.src.rpm [paul@zion
> ~]$
>
> Is this expected behaviour? Is there a way I can use the python
> binding but get the same behaviour as the shell command?
>
> Paul. -- selinux mailing list selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
Try out libselinux-2.1.6-5.fc16 Currently in koji.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk7VA+sACgkQrlYvE4MpobPULwCgs7DI3dTaib Y1TfY9yxo7mbHF
/CYAn3mMB6ogT987JxCaVeG+uT872rog
=35DS
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 
Old 11-29-2011, 03:35 PM
Paul Howarth
 
Default libselinux python binding of restorecon different from restorecon command

On 11/29/2011 04:10 PM, Daniel J Walsh wrote:
> On 11/29/2011 07:14 AM, Paul Howarth wrote:
>> I maintain a local RPM package repository and have a "newrepo"
>> script that assembles the repository, calls createrepo and repoview
>> etc.
>>
>> During the script it runs "restorecon" on all of the files in the
>> repo to make sure that they have the correct contexts to be
>> accessible via http etc.
>>
>> A few weeks ago I rewrote the script in python and decided to use
>> the libselinux-python binding (this is on F16) for the "restorecon"
>> call. Around the same time I noticed that my backups were getting a
>> lot bigger but I've only just discovered why. If I use the shell
>> command "restorecon -rvF /path/to/dir", and it doesn't need to
>> change anything, the ctime of the dirs/files concerned remain
>> unchanged. However, if I use the python binding, the ctime is
>> updated. So I've backing up the entire repository on each
>> incremental backup :-(
>>
>> [paul@zion ~]$ ls -l --time=ctime
>> /home/paul/cfo-repo/drivers/advansys/ total 11896 -rw-rw-r--. 1
>> paul paul 649700 Nov 29 11:54 advansys-driverdisk.zip -rw-rw-r--.
>> 1 paul paul 4175872 Nov 29 11:54 advansys-fc2-boot.iso -rw-rw-r--.
>> 2 paul paul 108723 Nov 29 11:54 dkms-2.2.0.2-1.noarch.rpm
>> -rw-rw-r--. 2 paul paul 132593 Nov 29 11:54
>> dkms-2.2.0.2-1.src.rpm -rw-rw-r--. 1 paul paul 10400 Nov 29 11:54
>> HEADER.html -rw-rw-r--. 1 paul paul 287602 Nov 29 11:54
>> kernel-advansys-0.9.1-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
>> 228573 Nov 29 11:54 kernel-advansys-0.9.1-1dkms.src.rpm -rw-rw-r--.
>> 1 paul paul 620915 Nov 29 11:54
>> kernel-advansys-0.9.2-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
>> 457045 Nov 29 11:54 kernel-advansys-0.9.2-1dkms.src.rpm -rw-rw-r--.
>> 1 paul paul 607931 Nov 29 11:54
>> kernel-advansys-0.9.3-2dkms.noarch.rpm -rw-rw-r--. 1 paul paul
>> 461727 Nov 29 11:54 kernel-advansys-0.9.3-2dkms.src.rpm -rw-r--r--.
>> 1 paul paul 1234354 Nov 29 11:54
>> kernel-advansys-0.9.4-1dkms.noarch.rpm -rw-r--r--. 1 paul paul
>> 907444 Nov 29 11:54 kernel-advansys-0.9.4-1dkms.src.rpm -rw-rw-r--.
>> 2 paul paul 1286253 Nov 29 11:54
>> kernel-advansys-0.9.5-1dkms.noarch.rpm -rw-rw-r--. 2 paul paul
>> 981819 Nov 29 11:54 kernel-advansys-0.9.5-1dkms.src.rpm [paul@zion
>> ~]$ date; restorecon -rvF /home/paul/cfo-repo/drivers/advansys/;
>> date Tue Nov 29 12:02:54 GMT 2011 Tue Nov 29 12:02:54 GMT 2011
>> [paul@zion ~]$ ls -l --time=ctime
>> /home/paul/cfo-repo/drivers/advansys/ total 11896 -rw-rw-r--. 1
>> paul paul 649700 Nov 29 11:54 advansys-driverdisk.zip -rw-rw-r--.
>> 1 paul paul 4175872 Nov 29 11:54 advansys-fc2-boot.iso -rw-rw-r--.
>> 2 paul paul 108723 Nov 29 11:54 dkms-2.2.0.2-1.noarch.rpm
>> -rw-rw-r--. 2 paul paul 132593 Nov 29 11:54
>> dkms-2.2.0.2-1.src.rpm -rw-rw-r--. 1 paul paul 10400 Nov 29 11:54
>> HEADER.html -rw-rw-r--. 1 paul paul 287602 Nov 29 11:54
>> kernel-advansys-0.9.1-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
>> 228573 Nov 29 11:54 kernel-advansys-0.9.1-1dkms.src.rpm -rw-rw-r--.
>> 1 paul paul 620915 Nov 29 11:54
>> kernel-advansys-0.9.2-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
>> 457045 Nov 29 11:54 kernel-advansys-0.9.2-1dkms.src.rpm -rw-rw-r--.
>> 1 paul paul 607931 Nov 29 11:54
>> kernel-advansys-0.9.3-2dkms.noarch.rpm -rw-rw-r--. 1 paul paul
>> 461727 Nov 29 11:54 kernel-advansys-0.9.3-2dkms.src.rpm -rw-r--r--.
>> 1 paul paul 1234354 Nov 29 11:54
>> kernel-advansys-0.9.4-1dkms.noarch.rpm -rw-r--r--. 1 paul paul
>> 907444 Nov 29 11:54 kernel-advansys-0.9.4-1dkms.src.rpm -rw-rw-r--.
>> 2 paul paul 1286253 Nov 29 11:54
>> kernel-advansys-0.9.5-1dkms.noarch.rpm -rw-rw-r--. 2 paul paul
>> 981819 Nov 29 11:54 kernel-advansys-0.9.5-1dkms.src.rpm [paul@zion
>> ~]$ date; python -c "from selinux import restorecon;
>> restorecon('/home/paul/cfo-repo/drivers/advansys', recursive =
>> True)"; date Tue Nov 29 12:03:51 GMT 2011 Tue Nov 29 12:03:52 GMT
>> 2011 [paul@zion ~]$ ls -l --time=ctime
>> /home/paul/cfo-repo/drivers/advansys/total 11896 -rw-rw-r--. 1 paul
>> paul 649700 Nov 29 12:03 advansys-driverdisk.zip -rw-rw-r--. 1
>> paul paul 4175872 Nov 29 12:03 advansys-fc2-boot.iso -rw-rw-r--. 2
>> paul paul 108723 Nov 29 12:03 dkms-2.2.0.2-1.noarch.rpm
>> -rw-rw-r--. 2 paul paul 132593 Nov 29 12:03
>> dkms-2.2.0.2-1.src.rpm -rw-rw-r--. 1 paul paul 10400 Nov 29 12:03
>> HEADER.html -rw-rw-r--. 1 paul paul 287602 Nov 29 12:03
>> kernel-advansys-0.9.1-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
>> 228573 Nov 29 12:03 kernel-advansys-0.9.1-1dkms.src.rpm -rw-rw-r--.
>> 1 paul paul 620915 Nov 29 12:03
>> kernel-advansys-0.9.2-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
>> 457045 Nov 29 12:03 kernel-advansys-0.9.2-1dkms.src.rpm -rw-rw-r--.
>> 1 paul paul 607931 Nov 29 12:03
>> kernel-advansys-0.9.3-2dkms.noarch.rpm -rw-rw-r--. 1 paul paul
>> 461727 Nov 29 12:03 kernel-advansys-0.9.3-2dkms.src.rpm -rw-r--r--.
>> 1 paul paul 1234354 Nov 29 12:03
>> kernel-advansys-0.9.4-1dkms.noarch.rpm -rw-r--r--. 1 paul paul
>> 907444 Nov 29 12:03 kernel-advansys-0.9.4-1dkms.src.rpm -rw-rw-r--.
>> 2 paul paul 1286253 Nov 29 12:03
>> kernel-advansys-0.9.5-1dkms.noarch.rpm -rw-rw-r--. 2 paul paul
>> 981819 Nov 29 12:03 kernel-advansys-0.9.5-1dkms.src.rpm [paul@zion
>> ~]$
>>
>> Is this expected behaviour? Is there a way I can use the python
>> binding but get the same behaviour as the shell command?
>>
> Try out libselinux-2.1.6-5.fc16 Currently in koji.

That's fixed it, thanks.

Paul.
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 

Thread Tools




All times are GMT. The time now is 09:42 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org