|
|
b921e1 |
From 11e381e5aa3468aa5c2634f14706336c7824f226 Mon Sep 17 00:00:00 2001
|
|
|
b921e1 |
From: Petr Lautrbach <plautrba@redhat.com>
|
|
|
b921e1 |
Date: Wed, 27 Jan 2021 12:00:55 +0100
|
|
|
b921e1 |
Subject: [PATCH] libsemanage: sync filesystem with sandbox
|
|
|
b921e1 |
|
|
|
b921e1 |
Commit 331a109f91ea ("libsemanage: fsync final files before rename")
|
|
|
b921e1 |
added fsync() for policy files and improved situation when something
|
|
|
b921e1 |
unexpected happens right after rename(). However the module store could
|
|
|
b921e1 |
be affected as well. After the following steps module files could be 0
|
|
|
b921e1 |
size:
|
|
|
b921e1 |
|
|
|
b921e1 |
1. Run `semanage fcontext -a -t var_t "/tmp/abc"`
|
|
|
b921e1 |
2. Force shutdown the server during the command is run, or right after
|
|
|
b921e1 |
it's finished
|
|
|
b921e1 |
3. Boot the system and look for empty files:
|
|
|
b921e1 |
# find /var/lib/selinux/targeted/ -type f -size 0 | wc -l
|
|
|
b921e1 |
1266
|
|
|
b921e1 |
|
|
|
b921e1 |
It looks like this situation can be avoided if the filesystem with the
|
|
|
b921e1 |
sandbox is sync()ed before we start to rename() directories in the
|
|
|
b921e1 |
store.
|
|
|
b921e1 |
|
|
|
b921e1 |
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
|
|
|
b921e1 |
Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>
|
|
|
b921e1 |
---
|
|
|
b921e1 |
libsemanage/src/semanage_store.c | 13 +++++++++++++
|
|
|
b921e1 |
1 file changed, 13 insertions(+)
|
|
|
b921e1 |
|
|
|
b921e1 |
diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
|
|
|
b921e1 |
index 733df8da37c2..ae023582e907 100644
|
|
|
b921e1 |
--- a/libsemanage/src/semanage_store.c
|
|
|
b921e1 |
+++ b/libsemanage/src/semanage_store.c
|
|
|
b921e1 |
@@ -1737,6 +1737,19 @@ static int semanage_commit_sandbox(semanage_handle_t * sh)
|
|
|
b921e1 |
}
|
|
|
b921e1 |
close(fd);
|
|
|
b921e1 |
|
|
|
b921e1 |
+ /* sync changes in sandbox to filesystem */
|
|
|
b921e1 |
+ fd = open(sandbox, O_DIRECTORY);
|
|
|
b921e1 |
+ if (fd == -1) {
|
|
|
b921e1 |
+ ERR(sh, "Error while opening %s for syncfs(): %d", sandbox, errno);
|
|
|
b921e1 |
+ return -1;
|
|
|
b921e1 |
+ }
|
|
|
b921e1 |
+ if (syncfs(fd) == -1) {
|
|
|
b921e1 |
+ ERR(sh, "Error while syncing %s to filesystem: %d", sandbox, errno);
|
|
|
b921e1 |
+ close(fd);
|
|
|
b921e1 |
+ return -1;
|
|
|
b921e1 |
+ }
|
|
|
b921e1 |
+ close(fd);
|
|
|
b921e1 |
+
|
|
|
b921e1 |
retval = commit_number;
|
|
|
b921e1 |
|
|
|
b921e1 |
if (semanage_get_active_lock(sh) < 0) {
|
|
|
b921e1 |
--
|
|
|
b921e1 |
2.30.0
|
|
|
b921e1 |
|