mirror of
https://github.com/topjohnwu/selinux.git
synced 2024-11-28 05:50:30 +00:00
ac7899fc3a
fixfiles was redirecting log output to `tty`. This overrides user intent e.g. when shell redirection is used. Redirect it to stdout, using /proc. `tty` equally depended on /proc. We do not depend on /dev/stdout: it might not be present, if a rescue system is booted with devtmpfs (no udev daemon). By default, log messages were redirected into the void when not run from a tty. We consider this a bug, which is now fixed. 1. If calling scripts happen to require the old behaviour, they can easily write the same code themselves. 2. When fixfiles is run from Fedora's selinux-autorelabel.service, the calling script is specifically run from a tty. Also Fedora's calling script chooses to redirect stdout and stderr to /dev/null. This redirection will now suceed, improving the transparency of the code. The previous behaviour may be obtained by choosing not to redirect the progress messages of this long-running process to /dev/null. A patch has been submitted to Fedora to suggest this novel approach: https://bugzilla.redhat.com/show_bug.cgi?id=1415674 Complete disclosure: * Remove unused variable LOGGER. * Fix logfiles containing spaces. Disclaimer: 1. "Log" output may contain escape sequences (backspace?) e.g. in `fixfiles -l log.txt restore`. This is not the usual understanding of a log file. 2. For some reason, not all informative messages are sent to `-l` e.g. the list of filesystems, and "cleaning up labels on /tmp". 3. `function logit` is retained, but the logfile is also written to outside this function. Implementing support for the system log would require another function which accepts piped input. Also see point 1. Signed-off-by: Alan Jenkins <alan.christopher.jenkins@gmail.com> |
||
---|---|---|
.. | ||
.tx | ||
hll | ||
load_policy | ||
man | ||
newrole | ||
po | ||
run_init | ||
scripts | ||
secon | ||
semodule | ||
sestatus | ||
setfiles | ||
setsebool | ||
.gitignore | ||
COPYING | ||
Makefile | ||
VERSION |