From 8b73aab8e14ae05ff9f4f94dfd2ba94f6b3f3696 Mon Sep 17 00:00:00 2001 From: Michael Albinus Date: Sat, 15 Aug 2015 13:00:01 +0200 Subject: [PATCH] * lisp/net/tramp-sh.el (tramp-remote-selinux-p): Use "selinuxenabled" rather than "getenforce". (tramp-sh-handle-set-file-selinux-context): Do not cache SELinux context if not all context components are given. --- lisp/net/tramp-sh.el | 48 +++++++++++++++++++------------------------- 1 file changed, 21 insertions(+), 27 deletions(-) diff --git a/lisp/net/tramp-sh.el b/lisp/net/tramp-sh.el index 7f7558e93b5..49d4c4a8c31 100644 --- a/lisp/net/tramp-sh.el +++ b/lisp/net/tramp-sh.el @@ -1492,15 +1492,8 @@ be non-negative integers." (defun tramp-remote-selinux-p (vec) "Check, whether SELINUX is enabled on the remote host." - (with-tramp-connection-property - (tramp-get-connection-process vec) "selinux-p" - (let ((result (tramp-find-executable - vec "getenforce" (tramp-get-remote-path vec) t t))) - (and result - (string-equal - (tramp-send-command-and-read - vec (format "echo \\\"`%S`\\\"" result)) - "Enforcing"))))) + (with-tramp-connection-property (tramp-get-connection-process vec) "selinux-p" + (tramp-send-command-and-check vec "selinuxenabled"))) (defun tramp-sh-handle-file-selinux-context (filename) "Like `file-selinux-context' for Tramp files." @@ -1526,24 +1519,25 @@ be non-negative integers." (defun tramp-sh-handle-set-file-selinux-context (filename context) "Like `set-file-selinux-context' for Tramp files." (with-parsed-tramp-file-name filename nil - (if (and (consp context) - (tramp-remote-selinux-p v) - (tramp-send-command-and-check - v (format "chcon %s %s %s %s %s" - (if (stringp (nth 0 context)) - (format "--user=%s" (nth 0 context)) "") - (if (stringp (nth 1 context)) - (format "--role=%s" (nth 1 context)) "") - (if (stringp (nth 2 context)) - (format "--type=%s" (nth 2 context)) "") - (if (stringp (nth 3 context)) - (format "--range=%s" (nth 3 context)) "") - (tramp-shell-quote-argument localname)))) - (progn - (tramp-set-file-property v localname "file-selinux-context" context) - t) - (tramp-set-file-property v localname "file-selinux-context" 'undef) - nil))) + (when (and (consp context) + (tramp-remote-selinux-p v)) + (let ((user (and (stringp (nth 0 context)) (nth 0 context))) + (role (and (stringp (nth 1 context)) (nth 1 context))) + (type (and (stringp (nth 2 context)) (nth 2 context))) + (range (and (stringp (nth 3 context)) (nth 3 context)))) + (when (tramp-send-command-and-check + v (format "chcon %s %s %s %s %s" + (if user (format "--user=%s" user) "") + (if role (format "--role=%s" role) "") + (if type (format "--type=%s" type) "") + (if range (format "--range=%s" range) "") + (tramp-shell-quote-argument localname))) + (if (and user role type range) + (tramp-set-file-property + v localname "file-selinux-context" context) + (tramp-set-file-property + v localname "file-selinux-context" 'undef)) + t))))) (defun tramp-remote-acl-p (vec) "Check, whether ACL is enabled on the remote host." -- 2.39.2