|
 |
fce3c4 |
From d5b1d349b868e66a4001c23dae7afa05daaca907 Mon Sep 17 00:00:00 2001
|
|
|
fce3c4 |
From: Pavel Moravec <pmoravec@redhat.com>
|
|
|
fce3c4 |
Date: Wed, 22 Aug 2018 10:35:58 +0200
|
|
|
fce3c4 |
Subject: [PATCH] [archive] Dont copystat /sys and /proc paths
|
|
|
fce3c4 |
|
|
|
fce3c4 |
Stop copying extended attributes of files under /sys and /proc
|
|
|
fce3c4 |
that can raise SELinux denials on that attempt.
|
|
|
fce3c4 |
|
|
|
fce3c4 |
Resolves: #1399
|
|
|
fce3c4 |
|
|
|
fce3c4 |
Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
|
|
|
fce3c4 |
---
|
|
|
fce3c4 |
sos/archive.py | 13 +++++++------
|
|
|
fce3c4 |
1 file changed, 7 insertions(+), 6 deletions(-)
|
|
|
fce3c4 |
|
|
|
fce3c4 |
diff --git a/sos/archive.py b/sos/archive.py
|
|
|
fce3c4 |
index fdf6f9a8..5d99170f 100644
|
|
|
fce3c4 |
--- a/sos/archive.py
|
|
|
fce3c4 |
+++ b/sos/archive.py
|
|
|
fce3c4 |
@@ -251,16 +251,17 @@ class FileCacheArchive(Archive):
|
|
|
fce3c4 |
pass
|
|
|
fce3c4 |
else:
|
|
|
fce3c4 |
self.log_info("caught '%s' copying '%s'" % (e, src))
|
|
|
fce3c4 |
- try:
|
|
|
fce3c4 |
- shutil.copystat(src, dest)
|
|
|
fce3c4 |
- except OSError:
|
|
|
fce3c4 |
- # SELinux xattrs in /proc and /sys throw this
|
|
|
fce3c4 |
- pass
|
|
|
fce3c4 |
+ # copy file attributes, skip SELinux xattrs for /sys and /proc
|
|
|
fce3c4 |
try:
|
|
|
fce3c4 |
stat = os.stat(src)
|
|
|
fce3c4 |
+ if src.startswith("/sys/") or src.startswith("/proc/"):
|
|
|
fce3c4 |
+ shutil.copymode(src, dest)
|
|
|
fce3c4 |
+ os.utime(dest, ns=(stat.st_atime_ns, stat.st_mtime_ns))
|
|
|
fce3c4 |
+ else:
|
|
|
fce3c4 |
+ shutil.copystat(src, dest)
|
|
|
fce3c4 |
os.chown(dest, stat.st_uid, stat.st_gid)
|
|
|
fce3c4 |
except Exception as e:
|
|
|
fce3c4 |
- self.log_debug("caught '%s' setting ownership of '%s'"
|
|
|
fce3c4 |
+ self.log_debug("caught '%s' setting attributes of '%s'"
|
|
|
fce3c4 |
% (e, dest))
|
|
|
fce3c4 |
file_name = "'%s'" % src
|
|
|
fce3c4 |
else:
|
|
|
fce3c4 |
--
|
|
|
fce3c4 |
2.17.1
|
|
|
fce3c4 |
|