From b4ef9040c72235d2e863dcd6b699c08f9b1a0cce Mon Sep 17 00:00:00 2001 From: Dave Reisner Date: Sat, 24 Dec 2011 23:51:15 -0500 Subject: arch-tmpfiles: add handling for _z and _Z This doesn't actually relabel security contexts, since arch's coreutils isn't built with selinux support, but it handles maintenance of mode and ownership if you're into that sort of thing. Signed-off-by: Dave Reisner --- arch-tmpfiles | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) (limited to 'arch-tmpfiles') diff --git a/arch-tmpfiles b/arch-tmpfiles index 723b6b7..3b94885 100755 --- a/arch-tmpfiles +++ b/arch-tmpfiles @@ -37,6 +37,24 @@ checkparams() { return 0 } +relabel() { + local -a paths=($1) + local mode=$2 uid=$3 gid=$4 + + if ! checkparams 4 "$@"; then + warninvalid + return + fi + + for path in "${paths[@]}"; do + if [[ -e $path ]]; then + [[ $uid != '-' ]] && chown $CHOPTS "$uid" "$path" + [[ $gid != '-' ]] && chgrp $CHOPTS "$gid" "$path" + [[ $mode != '-' ]] && chmod $CHOPTS "$mode" "$path" + fi + done +} + _f() { # Create a file if it doesn't exist yet local path=$1 mode=$2 uid=$3 gid=$4 @@ -168,6 +186,28 @@ _R() { done } +_z() { + # Set ownership, access mode and relabel security context of a file or + # directory if it exists. Lines of this type accept shell-style globs in + # place of normal path names. + local -a paths=($1) + local mode=$2 uid=$3 gid=$4 + + (( CREATE )) || return 0 + + relabel "$@" +} + +_Z() { + # Recursively set ownership, access mode and relabel security context of a + # path and all its subdirectories (if it is a directory). Lines of this type + # accept shell-style globs in place of normal path names. + + (( CREATE )) || return 0 + + CHOPTS=-R relabel "$@" +} + shopt -s nullglob declare -i CREATE=0 REMOVE=0 CLEAN=0 error=0 LINENO=0 -- cgit v1.2.3