The Identity, Policy and Audit system
CentOS Sources
2016-11-03 403b09ab980c02ef36095973349a13e0181c794a
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
From 602d1c5190cfb879f81ced19e60d1eb08bd559f0 Mon Sep 17 00:00:00 2001
From: Martin Basti <mbasti@redhat.com>
Date: Thu, 21 Jul 2016 18:49:57 +0200
Subject: [PATCH] Use copy when replacing files to keep SELinux context
 
When installer replaces any file with newer, it must use 'copy' instead of
'mv' to keep SELinux context valid.
 
https://fedorahosted.org/freeipa/ticket/6111
 
Reviewed-By: Petr Spacek <pspacek@redhat.com>
---
 ipapython/ipautil.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)
 
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py
index 763a99c117e22a4ac49d8d34b38230f3da7c8435..9964fba4f694b57242b3bd3065a418917d977533 100644
--- a/ipapython/ipautil.py
+++ b/ipapython/ipautil.py
@@ -528,10 +528,14 @@ def dir_exists(filename):
     except Exception:
         return False
 
+
 def install_file(fname, dest):
+    # SELinux: use copy to keep the right context
     if file_exists(dest):
         os.rename(dest, dest + ".orig")
-    shutil.move(fname, dest)
+    shutil.copy(fname, dest)
+    os.remove(fname)
+
 
 def backup_file(fname):
     if file_exists(fname):
-- 
2.7.4