]> git.apps.os.sepia.ceph.com Git - ceph.git/commit
projects / ceph.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d0d9a26) | patch
mgr/cephadm: Restore client file(s) default SELinux context type 61208/head
authorzaken <yonatan.zaken.ext@nokia.com>
Wed, 1 Jan 2025 18:14:45 +0000 (20:14 +0200)
committerzaken <yonatan.zaken.ext@nokia.com>
Sun, 5 Jan 2025 09:24:12 +0000 (11:24 +0200)
commitaa9fc3570220079bf9ab21b743193f0ba369d4ca
treeb523db5b632534778e28fd212aa86a21368d8fa5tree | snapshot
parentd0d9a26d8b2220e168abc25effa760ae71d824e0commit | diff
mgr/cephadm: Restore client file(s) default SELinux context type

When cephadm writes client files to hosts, the new files are created in
/tmp/cephadm-<fsid> and then moved to their target directory. This makes
the client files receive the usr_tmp_t context, which is different then
their original context.
mv -Z will set the SELinux security context type of the target file
based on the SELinux policy rules for the target directory.

Fixes: https://tracker.ceph.com/issues/69395
Signed-off-by: zaken <yonatan.zaken.ext@nokia.com>
src/pybind/mgr/cephadm/ssh.py diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.