libselinux python binding of restorecon different from restorecon command
Daniel J Walsh
dwalsh at redhat.com
Tue Nov 29 16:10:23 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 11/29/2011 07:14 AM, Paul Howarth wrote:
> I maintain a local RPM package repository and have a "newrepo"
> script that assembles the repository, calls createrepo and repoview
> etc.
>
> During the script it runs "restorecon" on all of the files in the
> repo to make sure that they have the correct contexts to be
> accessible via http etc.
>
> A few weeks ago I rewrote the script in python and decided to use
> the libselinux-python binding (this is on F16) for the "restorecon"
> call. Around the same time I noticed that my backups were getting a
> lot bigger but I've only just discovered why. If I use the shell
> command "restorecon -rvF /path/to/dir", and it doesn't need to
> change anything, the ctime of the dirs/files concerned remain
> unchanged. However, if I use the python binding, the ctime is
> updated. So I've backing up the entire repository on each
> incremental backup :-(
>
> [paul at zion ~]$ ls -l --time=ctime
> /home/paul/cfo-repo/drivers/advansys/ total 11896 -rw-rw-r--. 1
> paul paul 649700 Nov 29 11:54 advansys-driverdisk.zip -rw-rw-r--.
> 1 paul paul 4175872 Nov 29 11:54 advansys-fc2-boot.iso -rw-rw-r--.
> 2 paul paul 108723 Nov 29 11:54 dkms-2.2.0.2-1.noarch.rpm
> -rw-rw-r--. 2 paul paul 132593 Nov 29 11:54
> dkms-2.2.0.2-1.src.rpm -rw-rw-r--. 1 paul paul 10400 Nov 29 11:54
> HEADER.html -rw-rw-r--. 1 paul paul 287602 Nov 29 11:54
> kernel-advansys-0.9.1-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 228573 Nov 29 11:54 kernel-advansys-0.9.1-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 620915 Nov 29 11:54
> kernel-advansys-0.9.2-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 457045 Nov 29 11:54 kernel-advansys-0.9.2-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 607931 Nov 29 11:54
> kernel-advansys-0.9.3-2dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 461727 Nov 29 11:54 kernel-advansys-0.9.3-2dkms.src.rpm -rw-r--r--.
> 1 paul paul 1234354 Nov 29 11:54
> kernel-advansys-0.9.4-1dkms.noarch.rpm -rw-r--r--. 1 paul paul
> 907444 Nov 29 11:54 kernel-advansys-0.9.4-1dkms.src.rpm -rw-rw-r--.
> 2 paul paul 1286253 Nov 29 11:54
> kernel-advansys-0.9.5-1dkms.noarch.rpm -rw-rw-r--. 2 paul paul
> 981819 Nov 29 11:54 kernel-advansys-0.9.5-1dkms.src.rpm [paul at zion
> ~]$ date; restorecon -rvF /home/paul/cfo-repo/drivers/advansys/;
> date Tue Nov 29 12:02:54 GMT 2011 Tue Nov 29 12:02:54 GMT 2011
> [paul at zion ~]$ ls -l --time=ctime
> /home/paul/cfo-repo/drivers/advansys/ total 11896 -rw-rw-r--. 1
> paul paul 649700 Nov 29 11:54 advansys-driverdisk.zip -rw-rw-r--.
> 1 paul paul 4175872 Nov 29 11:54 advansys-fc2-boot.iso -rw-rw-r--.
> 2 paul paul 108723 Nov 29 11:54 dkms-2.2.0.2-1.noarch.rpm
> -rw-rw-r--. 2 paul paul 132593 Nov 29 11:54
> dkms-2.2.0.2-1.src.rpm -rw-rw-r--. 1 paul paul 10400 Nov 29 11:54
> HEADER.html -rw-rw-r--. 1 paul paul 287602 Nov 29 11:54
> kernel-advansys-0.9.1-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 228573 Nov 29 11:54 kernel-advansys-0.9.1-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 620915 Nov 29 11:54
> kernel-advansys-0.9.2-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 457045 Nov 29 11:54 kernel-advansys-0.9.2-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 607931 Nov 29 11:54
> kernel-advansys-0.9.3-2dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 461727 Nov 29 11:54 kernel-advansys-0.9.3-2dkms.src.rpm -rw-r--r--.
> 1 paul paul 1234354 Nov 29 11:54
> kernel-advansys-0.9.4-1dkms.noarch.rpm -rw-r--r--. 1 paul paul
> 907444 Nov 29 11:54 kernel-advansys-0.9.4-1dkms.src.rpm -rw-rw-r--.
> 2 paul paul 1286253 Nov 29 11:54
> kernel-advansys-0.9.5-1dkms.noarch.rpm -rw-rw-r--. 2 paul paul
> 981819 Nov 29 11:54 kernel-advansys-0.9.5-1dkms.src.rpm [paul at zion
> ~]$ date; python -c "from selinux import restorecon;
> restorecon('/home/paul/cfo-repo/drivers/advansys', recursive =
> True)"; date Tue Nov 29 12:03:51 GMT 2011 Tue Nov 29 12:03:52 GMT
> 2011 [paul at zion ~]$ ls -l --time=ctime
> /home/paul/cfo-repo/drivers/advansys/total 11896 -rw-rw-r--. 1 paul
> paul 649700 Nov 29 12:03 advansys-driverdisk.zip -rw-rw-r--. 1
> paul paul 4175872 Nov 29 12:03 advansys-fc2-boot.iso -rw-rw-r--. 2
> paul paul 108723 Nov 29 12:03 dkms-2.2.0.2-1.noarch.rpm
> -rw-rw-r--. 2 paul paul 132593 Nov 29 12:03
> dkms-2.2.0.2-1.src.rpm -rw-rw-r--. 1 paul paul 10400 Nov 29 12:03
> HEADER.html -rw-rw-r--. 1 paul paul 287602 Nov 29 12:03
> kernel-advansys-0.9.1-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 228573 Nov 29 12:03 kernel-advansys-0.9.1-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 620915 Nov 29 12:03
> kernel-advansys-0.9.2-1dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 457045 Nov 29 12:03 kernel-advansys-0.9.2-1dkms.src.rpm -rw-rw-r--.
> 1 paul paul 607931 Nov 29 12:03
> kernel-advansys-0.9.3-2dkms.noarch.rpm -rw-rw-r--. 1 paul paul
> 461727 Nov 29 12:03 kernel-advansys-0.9.3-2dkms.src.rpm -rw-r--r--.
> 1 paul paul 1234354 Nov 29 12:03
> kernel-advansys-0.9.4-1dkms.noarch.rpm -rw-r--r--. 1 paul paul
> 907444 Nov 29 12:03 kernel-advansys-0.9.4-1dkms.src.rpm -rw-rw-r--.
> 2 paul paul 1286253 Nov 29 12:03
> kernel-advansys-0.9.5-1dkms.noarch.rpm -rw-rw-r--. 2 paul paul
> 981819 Nov 29 12:03 kernel-advansys-0.9.5-1dkms.src.rpm [paul at zion
> ~]$
>
> Is this expected behaviour? Is there a way I can use the python
> binding but get the same behaviour as the shell command?
>
> Paul. -- selinux mailing list selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
Try out libselinux-2.1.6-5.fc16 Currently in koji.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk7VA+sACgkQrlYvE4MpobPULwCgs7DI3dTaibY1TfY9yxo7mbHF
/CYAn3mMB6ogT987JxCaVeG+uT872rog
=35DS
-----END PGP SIGNATURE-----
More information about the selinux
mailing list