#285 PR merged: Add the --selinux option to be safe with SELinux context restoration¶

Florent38 opened issue at 2013-07-17 11:54:¶

During a test on Fedora 19 I face some issues with SELinux and especially tar.

Example (take a look at the output of ls -Z) :
With tar 1.23 (on RHEL 6.4) :

touch /tmp/foo && mv /tmp/foo ~/
ls -Z foo
-rw-r--r--. root root unconfined_u:object_r:user_tmp_t:s0 foo 
tar cf foo.tar foo --xattrs
tar xf foo.tar --xattrs
ls -Z foo
-rw-r--r--. root root unconfined_u:object_r:user_tmp_t:s0 foo

With tar 1.26 (on Fedora 19) :

touch /tmp/foo && mv /tmp/foo ~/
ls -Z foo
-rw-r--r--. root root unconfined_u:object_r:user_tmp_t:s0 foo
tar cf foo.tar foo --xattrs
tar xf foo.tar --xattrs
ls -Z foo
-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 foo

This commit add the --selinux option when SELinux is not disabled
What do you think about this weird behaviour ?

gdha commented at 2013-08-02 08:01:¶

Want to test out what your proposed fix does before granting it. Are we sure that every tar executable (on all kind of Linux distro's) has the knowledge on --selinuxoption?

Florent38 commented at 2013-08-02 08:07:¶

About the --selinux option, I already check tar support by checking this option with this line :

if tar --usage | grep -q selinux;  then
        BACKUP_PROG_OPTIONS="$BACKUP_PROG_OPTIONS --selinux"
fi

---

[Export of Github issue for rear/rear.]