def setFileCons(anaconda): def lst(root): rc = [root] for (root, dirs, files) in os.walk(root): rc.extend(map(lambda d: root + "/" + d, dirs)) rc.extend(map(lambda d: root + "/" + d, files)) return rc if flags.selinux: log.info("setting SELinux contexts for anaconda created files") files = [ "/etc/rpm/macros", "/etc/dasd.conf", "/etc/zfcp.conf", "/etc/lilo.conf.anaconda", "/lib64", "/usr/lib64", "/etc/blkid.tab", "/etc/blkid.tab.old", "/etc/mtab", "/etc/fstab", "/etc/resolv.conf", "/etc/modprobe.conf", "/etc/modprobe.conf~", "/var/log/wtmp", "/var/run/utmp", "/etc/crypttab", "/dev/log", "/var/lib/rpm", "/", "/etc/raidtab", "/etc/mdadm.conf", "/etc/sysconfig/network", "/etc/udev/rules.d/70-persistent-net.rules", "/root/install.log", "/root/install.log.syslog", "/etc/shadow", "/etc/shadow-", "/etc/gshadow", "/etc/zipl.conf" ] + glob.glob('/etc/dhcp/dhclient-*.conf') vgs = ["/dev/%s" % vg.name for vg in anaconda.id.storage.vgs] for f in files + vgs: isys.resetFileContext(os.path.normpath(f), anaconda.rootPath) # ugh, this is ugly for d in [ "/etc/sysconfig/network-scripts", "/var/cache/yum", "/var/lib/rpm", "/var/lib/yum", "/etc/lvm", "/dev/mapper", "/etc/iscsi", "/var/lib/iscsi", "/root", "/var/log", "/etc/modprobe.d", "/etc/sysconfig", "/etc/multipath" ]: if not os.path.isdir(anaconda.rootPath + d): continue # This is stupid, but resetFileContext expects to get the path # without "/mnt/sysimage" in front, whereas everything else needs # it there. So we add it to get the list of files, then # immediately remove it, then pass it back to resetFileContext # anyway. for f in map( lambda f: f.replace(anaconda.rootPath, ""), filter(lambda f: os.access(f, os.R_OK), lst(anaconda.rootPath + d))): ret = isys.resetFileContext(os.path.normpath(f), anaconda.rootPath) return
def setFileCons(anaconda): def lst(root): rc = [root] for (root, dirs, files) in os.walk(root): rc.extend(map(lambda d: root+"/"+d, dirs)) rc.extend(map(lambda d: root+"/"+d, files)) return rc if flags.selinux: log.info("setting SELinux contexts for anaconda created files") files = ["/etc/rpm/macros", "/etc/dasd.conf", "/etc/zfcp.conf", "/etc/lilo.conf.anaconda", "/lib64", "/usr/lib64", "/etc/blkid.tab", "/etc/blkid.tab.old", "/etc/mtab", "/etc/fstab", "/etc/resolv.conf", "/etc/modprobe.conf", "/etc/modprobe.conf~", "/var/log/wtmp", "/var/run/utmp", "/etc/crypttab", "/dev/log", "/var/lib/rpm", "/", "/etc/raidtab", "/etc/mdadm.conf", "/etc/sysconfig/network", "/etc/udev/rules.d/70-persistent-net.rules", "/root/install.log", "/root/install.log.syslog", "/etc/shadow", "/etc/shadow-", "/etc/gshadow", "/etc/zipl.conf"] + glob.glob('/etc/dhcp/dhclient-*.conf') vgs = ["/dev/%s" % vg.name for vg in anaconda.id.storage.vgs] for f in files + vgs: isys.resetFileContext(os.path.normpath(f), anaconda.rootPath) # ugh, this is ugly for d in ["/etc/sysconfig/network-scripts", "/var/cache/yum", "/var/lib/rpm", "/var/lib/yum", "/etc/lvm", "/dev/mapper", "/etc/iscsi", "/var/lib/iscsi", "/root", "/var/log", "/etc/modprobe.d", "/etc/sysconfig" ]: if not os.path.isdir(anaconda.rootPath + d): continue # This is stupid, but resetFileContext expects to get the path # without "/mnt/sysimage" in front, whereas everything else needs # it there. So we add it to get the list of files, then # immediately remove it, then pass it back to resetFileContext # anyway. for f in map(lambda f: f.replace(anaconda.rootPath, ""), filter(lambda f: os.access(f, os.R_OK), lst(anaconda.rootPath+d))): ret = isys.resetFileContext(os.path.normpath(f), anaconda.rootPath) return
def setFileCons(anaconda): import partRequests if flags.selinux: log.info("setting SELinux contexts for anaconda created files") files = [ "/etc/rpm/platform", "/etc/rpm/macros", "/etc/lilo.conf.anaconda", "/lib64", "/usr/lib64", "/etc/blkid.tab", "/etc/blkid.tab.old", "/etc/mtab", "/etc/fstab", "/etc/resolv.conf", "/etc/modprobe.conf", "/etc/modprobe.conf~", "/var/log/wtmp", "/var/run/utmp", "/dev/log", "/var/lib/rpm", "/", "/etc/raidtab", "/etc/mdadm.conf", "/etc/hosts", "/etc/sysconfig/network", "/root/install.log", "/root/install.log.syslog", "/etc/shadow", "/etc/shadow-", "/etc/gshadow", "/var/log/lastlog", "/var/log/btmp", "/var/lib/multipath", "/var/lib/multipath/bindings", "/etc/multipath.conf", "/etc/sysconfig/keyboard", "/etc/sysconfig/iptables", "/etc/sysconfig/ip6tables", "/etc/sysconfig/iptables-config" ] vgs = [] for entry in anaconda.id.partitions.requests: if isinstance(entry, partRequests.VolumeGroupRequestSpec): vgs.append("/dev/%s" % (entry.volumeGroupName, )) # ugh, this is ugly for dir in [ "/etc/sysconfig/network-scripts", "/var/lib/rpm", "/etc/lvm", "/dev/mapper", "/etc/iscsi", "/var/lib/iscsi" ] + vgs: def findfiles(path): if not os.path.isdir(anaconda.rootPath + path): files.append(path) return dirfiles = os.listdir(anaconda.rootPath + path) for file in dirfiles: findfiles(path + '/' + file) files.append(path) findfiles(dir) for f in files: if not os.access("%s/%s" % (anaconda.rootPath, f), os.R_OK): log.warning("%s doesn't exist" % (f, )) continue ret = isys.resetFileContext(os.path.normpath(f), anaconda.rootPath) log.info("set fc of %s to %s" % (f, ret)) return
def contextCB(arg, directory, files): for file in files: path = os.path.join(directory, file) if not os.access(path, os.R_OK): log.warning("%s doesn't exist" % path) continue # If the path begins with rootPath, matchPathCon will never match # anything because policy doesn't contain that path. if path.startswith(ROOT_PATH): path = path.replace(ROOT_PATH, "") ret = isys.resetFileContext(path, ROOT_PATH)
def setFileCons(anaconda): import partRequests if flags.selinux: log.info("setting SELinux contexts for anaconda created files") files = ["/etc/rpm/platform", "/etc/rpm/macros", "/etc/lilo.conf.anaconda", "/lib64", "/usr/lib64", "/etc/blkid.tab", "/etc/blkid.tab.old", "/etc/mtab", "/etc/fstab", "/etc/resolv.conf", "/etc/modprobe.conf", "/etc/modprobe.conf~", "/var/log/wtmp", "/var/run/utmp", "/dev/log", "/var/lib/rpm", "/", "/etc/raidtab", "/etc/mdadm.conf", "/etc/hosts", "/etc/sysconfig/network", "/root/install.log", "/root/install.log.syslog", "/etc/shadow", "/etc/shadow-", "/etc/gshadow", "/var/log/lastlog", "/var/log/btmp", "/var/lib/multipath", "/var/lib/multipath/bindings", "/etc/multipath.conf", "/etc/sysconfig/keyboard", "/etc/sysconfig/iptables", "/etc/sysconfig/ip6tables", "/etc/sysconfig/iptables-config"] vgs = [] for entry in anaconda.id.partitions.requests: if isinstance(entry, partRequests.VolumeGroupRequestSpec): vgs.append("/dev/%s" %(entry.volumeGroupName,)) # ugh, this is ugly for dir in ["/etc/sysconfig/network-scripts", "/var/lib/rpm", "/etc/lvm", "/dev/mapper", "/etc/iscsi", "/var/lib/iscsi"] + vgs: def findfiles(path): if not os.path.isdir(anaconda.rootPath + path): files.append(path) return dirfiles = os.listdir(anaconda.rootPath + path) for file in dirfiles: findfiles(path + '/' + file) files.append(path) findfiles(dir) for f in files: if not os.access("%s/%s" %(anaconda.rootPath, f), os.R_OK): log.warning("%s doesn't exist" %(f,)) continue ret = isys.resetFileContext(os.path.normpath(f), anaconda.rootPath) log.info("set fc of %s to %s" %(f, ret)) return
def contextCB(arg, directory, files): for file in files: path = os.path.join(directory, file) if not os.access(path, os.R_OK): log.warning("%s doesn't exist" % path) continue # If the path begins with rootPath, matchPathCon will never match # anything because policy doesn't contain that path. if path.startswith(anaconda.rootPath): path = path.replace(anaconda.rootPath, "") ret = isys.resetFileContext(path, anaconda.rootPath) log.info("set fc of %s to %s" % (path, ret))
def setFileCons(anaconda): if flags.selinux: log.info("setting SELinux contexts for anaconda created files") files = ["/etc/rpm/macros", "/etc/lilo.conf.anaconda", "/lib64", "/usr/lib64", "/etc/blkid.tab", "/etc/blkid.tab.old", "/etc/mtab", "/etc/fstab", "/etc/resolv.conf", "/etc/modprobe.conf", "/etc/modprobe.conf~", "/var/log/wtmp", "/var/run/utmp", "/etc/crypttab", "/dev/log", "/var/lib/rpm", "/", "/etc/raidtab", "/etc/mdadm.conf", "/etc/sysconfig/network", "/etc/udev/rules.d/70-persistent-net.rules", "/root/install.log", "/root/install.log.syslog", "/etc/shadow", "/etc/shadow-", "/etc/gshadow"] + \ glob.glob('/etc/dhclient-*.conf') vgs = ["/dev/%s" % vg.name for vg in anaconda.storage.vgs] # ugh, this is ugly for dir in [ "/etc/sysconfig/network-scripts", "/var/lib/rpm", "/etc/lvm", "/dev/mapper", "/etc/iscsi", "/var/lib/iscsi", "/root", "/var/log", "/etc/modprobe.d", "/etc/sysconfig" ] + vgs: def addpath(x): return dir + "/" + x if not os.path.isdir(anaconda.rootPath + dir): continue dirfiles = os.listdir(anaconda.rootPath + dir) files.extend(map(addpath, dirfiles)) files.append(dir) for f in files: if not os.access("%s/%s" % (anaconda.rootPath, f), os.R_OK): log.warning("%s doesn't exist" % (f, )) continue ret = isys.resetFileContext(os.path.normpath(f), anaconda.rootPath) log.info("set fc of %s to %s" % (f, ret)) return
def setFileCons(anaconda): if flags.selinux: log.info("setting SELinux contexts for anaconda created files") files = ["/etc/rpm/macros", "/etc/lilo.conf.anaconda", "/lib64", "/usr/lib64", "/etc/blkid.tab", "/etc/blkid.tab.old", "/etc/mtab", "/etc/fstab", "/etc/resolv.conf", "/etc/modprobe.conf", "/etc/modprobe.conf~", "/var/log/wtmp", "/var/run/utmp", "/etc/crypttab", "/dev/log", "/var/lib/rpm", "/", "/etc/raidtab", "/etc/mdadm.conf", "/etc/sysconfig/network", "/etc/udev/rules.d/70-persistent-net.rules", "/root/install.log", "/root/install.log.syslog", "/etc/shadow", "/etc/shadow-", "/etc/gshadow"] + \ glob.glob('/etc/dhclient-*.conf') vgs = ["/dev/%s" % vg.name for vg in anaconda.storage.vgs] # ugh, this is ugly for dir in ["/etc/sysconfig/network-scripts", "/var/lib/rpm", "/etc/lvm", "/dev/mapper", "/etc/iscsi", "/var/lib/iscsi", "/root", "/var/log", "/etc/modprobe.d", "/etc/sysconfig" ] + vgs: def addpath(x): return dir + "/" + x if not os.path.isdir(anaconda.rootPath + dir): continue dirfiles = os.listdir(anaconda.rootPath + dir) files.extend(map(addpath, dirfiles)) files.append(dir) for f in files: if not os.access("%s/%s" %(anaconda.rootPath, f), os.R_OK): log.warning("%s doesn't exist" %(f,)) continue ret = isys.resetFileContext(os.path.normpath(f), anaconda.rootPath) log.info("set fc of %s to %s" %(f, ret)) return
def remount(self, *args, **kwargs): """ Remount the filesystem with new options """ options = kwargs.get("options", "") log.info("remounting %s on %s", self.device, self._mountpoint) if not self.exists: raise FSError("filesystem has not been created") if not self._mountpoint: # not mounted return if not os.path.exists(self._mountpoint): raise FSError("mountpoint does not exist") # passed in options override default options if not options or not isinstance(options, str): options = self.options try: rc = isys.mount(self.device, self._mountpoint, fstype=self.mountType, options=options, remount=True, bindMount=isinstance(self, BindFS)) except Exception as e: raise FSError("mount failed: %s" % e) if rc: raise FSError("mount failed: %s" % rc) if flags.selinux: ret = isys.resetFileContext(self._mountpoint, "") log.info("set SELinux context for newly mounted filesystem " "root at %s to %s" % (self._mountpoint, ret)) isys.setFileContext("%s/lost+found" % self._mountpoint, lost_and_found_context, "")
def remount(self, *args, **kwargs): """ Remount the filesystem with new options """ options = kwargs.get("options", "") log.info("remounting %s on %s", self.device, self._mountpoint) if not self.exists: raise FSError("filesystem has not been created") if not self._mountpoint: # not mounted return if not os.path.exists(self._mountpoint): raise FSError("mountpoint does not exist") # passed in options override default options if not options or not isinstance(options, str): options = self.options try: rc = isys.mount(self.device, self._mountpoint, fstype=self.mountType, options=options, remount=True, bindMount=isinstance(self, BindFS)) except Exception as e: raise FSError("mount failed: %s" % e) if rc: raise FSError("mount failed: %s" % rc) if flags.selinux: ret = isys.resetFileContext(self._mountpoint, "") log.info("set SELinux context for newly mounted filesystem " "root at %s to %s" %(self._mountpoint, ret)) isys.setFileContext("%s/lost+found" % self._mountpoint, lost_and_found_context, "")
def mount(self, *args, **kwargs): """ Mount this filesystem. Arguments: None Keyword Arguments: options -- mount options (overrides all other option strings) chroot -- prefix to apply to mountpoint mountpoint -- mountpoint (overrides self.mountpoint) """ options = kwargs.get("options", "") chroot = kwargs.get("chroot", "/") mountpoint = kwargs.get("mountpoint") if not self.exists: raise FSError("filesystem has not been created") if not mountpoint: mountpoint = self.mountpoint if not mountpoint: raise FSError("no mountpoint given") if self.status: return if not isinstance(self, NoDevFS) and not os.path.exists(self.device): raise FSError("device %s does not exist" % self.device) # XXX os.path.join is FUBAR: # # os.path.join("/mnt/foo", "/") -> "/" # #mountpoint = os.path.join(chroot, mountpoint) chrootedMountpoint = os.path.normpath("%s/%s" % (chroot, mountpoint)) iutil.mkdirChain(chrootedMountpoint) if flags.selinux: ret = isys.resetFileContext(mountpoint, chroot) log.info("set SELinux context for mountpoint %s to %s" \ % (mountpoint, ret)) # passed in options override default options if not options or not isinstance(options, str): options = self.options try: rc = isys.mount(self.device, chrootedMountpoint, fstype=self.mountType, options=options, bindMount=isinstance(self, BindFS)) except Exception as e: raise FSError("mount failed: %s" % e) if rc: raise FSError("mount failed: %s" % rc) if flags.selinux and "ro" not in options.split(","): ret = isys.resetFileContext(mountpoint, chroot) log.info("set SELinux context for newly mounted filesystem " "root at %s to %s" % (mountpoint, ret)) isys.setFileContext("%s/lost+found" % mountpoint, lost_and_found_context, chroot) self._mountpoint = chrootedMountpoint
def mount(self, *args, **kwargs): """ Mount this filesystem. Arguments: None Keyword Arguments: options -- mount options (overrides all other option strings) chroot -- prefix to apply to mountpoint mountpoint -- mountpoint (overrides self.mountpoint) """ options = kwargs.get("options", "") chroot = kwargs.get("chroot", "/") mountpoint = kwargs.get("mountpoint") if not self.exists: raise FSError("filesystem has not been created") if not mountpoint: mountpoint = self.mountpoint if not mountpoint: raise FSError("no mountpoint given") if self.status: return if not isinstance(self, NoDevFS) and not os.path.exists(self.device): raise FSError("device %s does not exist" % self.device) # XXX os.path.join is FUBAR: # # os.path.join("/mnt/foo", "/") -> "/" # #mountpoint = os.path.join(chroot, mountpoint) chrootedMountpoint = os.path.normpath("%s/%s" % (chroot, mountpoint)) iutil.mkdirChain(chrootedMountpoint) if flags.selinux: ret = isys.resetFileContext(mountpoint, chroot) log.info("set SELinux context for mountpoint %s to %s" \ % (mountpoint, ret)) # passed in options override default options if not options or not isinstance(options, str): options = self.options try: rc = isys.mount(self.device, chrootedMountpoint, fstype=self.mountType, options=options, bindMount=isinstance(self, BindFS)) except Exception as e: raise FSError("mount failed: %s" % e) if rc: raise FSError("mount failed: %s" % rc) if flags.selinux: ret = isys.resetFileContext(mountpoint, chroot) log.info("set SELinux context for newly mounted filesystem " "root at %s to %s" %(mountpoint, ret)) isys.setFileContext("%s/lost+found" % mountpoint, lost_and_found_context, chroot) self._mountpoint = chrootedMountpoint