From 4f0399974eb67bc9420c3bd700465190e38d92d6 Mon Sep 17 00:00:00 2001

From: Michal Schmidt <mschmidt@redhat.com>

Date: Fri, 16 Dec 2011 18:27:35 +0100

Subject: [PATCH] tmpfiles: add 'z', like 'Z' but not recursive (cherry picked

 from commit 777b87e702197ad1f2d0f2a3aea5271d18062c5c)

---

 man/systemd-tmpfiles.xml |    4 ++--

 man/tmpfiles.d.xml       |   14 ++++++++++++--

 src/tmpfiles.c           |   34 ++++++++++++++++++++++++----------

 3 files changed, 38 insertions(+), 14 deletions(-)

diff --git a/man/systemd-tmpfiles.xml b/man/systemd-tmpfiles.xml

index 74dfd5a..bbb80b2 100644

--- a/man/systemd-tmpfiles.xml

+++ b/man/systemd-tmpfiles.xml

@@ -84,8 +84,8 @@

                                 <listitem><para>If this option is passed all

                                 files and directories marked with f,

                                 F, d, D in the configuration files are

-                                created. Files and directories marked with Z

-                                have their ownership, access mode and security

+                                created. Files and directories marked with z,

+                                Z have their ownership, access mode and security

                                 labels set.</para></listitem>

                         </varlistentry>

diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml

index e137967..4a8e831 100644

--- a/man/tmpfiles.d.xml

+++ b/man/tmpfiles.d.xml

@@ -157,6 +157,16 @@ d    /run/user 0755 root root 10d</programlisting>

                                 </varlistentry>

                                 <varlistentry>

+                                        <term><varname>z</varname></term>

+                                        <listitem><para>Set ownership, access

+                                        mode and relabel security context of

+                                        a file or directory if it exists.

+                                        Lines of this type accept shell-style

+                                        globs in place of normal path names.

+                                        </para></listitem>

+                                </varlistentry>

+

+                                <varlistentry>

                                         <term><varname>Z</varname></term>

                                         <listitem><para>Recursively set

                                         ownership, access mode and relabel

@@ -175,7 +185,7 @@ d    /run/user 0755 root root 10d</programlisting>

                         <para>The file access mode to use when

                         creating this file or directory. If omitted or

                         when set to - the default is used: 0755 for

-                        directories, 0644 for files. For Z lines

+                        directories, 0644 for files. For z, Z lines

                         if omitted or when set to - the file access mode will

                         not be modified. This parameter is ignored for x, r, R

                         lines.</para>

@@ -188,7 +198,7 @@ d    /run/user 0755 root root 10d</programlisting>

                         or directory. This may either be a numeric

                         user/group ID or a user or group name. If

                         omitted or when set to - the default 0 (root)

-                        is used. For Z lines when omitted or when set to -

+                        is used. For z, Z lines when omitted or when set to -

                         the file ownership will not be modified.

                         These parameters are ignored for x, r, R lines.</para>

                 </refsect2>

diff --git a/src/tmpfiles.c b/src/tmpfiles.c

index 1395082..19a7c08 100644

--- a/src/tmpfiles.c

+++ b/src/tmpfiles.c

@@ -62,6 +62,7 @@ typedef enum ItemType {

         IGNORE_PATH = 'x',

         REMOVE_PATH = 'r',

         RECURSIVE_REMOVE_PATH = 'R',

+        RELABEL_PATH = 'z',

         RECURSIVE_RELABEL_PATH = 'Z'

 } ItemType;

@@ -92,7 +93,7 @@ static const char *arg_prefix = NULL;

 #define MAX_DEPTH 256

 static bool needs_glob(ItemType t) {

-        return t == IGNORE_PATH || t == REMOVE_PATH || t == RECURSIVE_REMOVE_PATH || t == RECURSIVE_RELABEL_PATH;

+        return t == IGNORE_PATH || t == REMOVE_PATH || t == RECURSIVE_REMOVE_PATH || t == RELABEL_PATH || t == RECURSIVE_RELABEL_PATH;

 }

 static struct Item* find_glob(Hashmap *h, const char *match) {

@@ -646,6 +647,13 @@ static int create_item(Item *i) {

                 break;

+        case RELABEL_PATH:

+

+                r = glob_item(i, item_set_perms);

+                if (r < 0)

+                        return 0;

+                break;

+

         case RECURSIVE_RELABEL_PATH:

                 r = glob_item(i, recursive_relabel);

@@ -670,6 +678,7 @@ static int remove_item_instance(Item *i, const char *instance) {

         case CREATE_DIRECTORY:

         case CREATE_FIFO:

         case IGNORE_PATH:

+        case RELABEL_PATH:

         case RECURSIVE_RELABEL_PATH:

                 break;

@@ -707,6 +716,7 @@ static int remove_item(Item *i) {

         case CREATE_DIRECTORY:

         case CREATE_FIFO:

         case IGNORE_PATH:

+        case RELABEL_PATH:

         case RECURSIVE_RELABEL_PATH:

                 break;

@@ -808,15 +818,19 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) {

                 goto finish;

         }

-        if (type != CREATE_FILE &&

-            type != TRUNCATE_FILE &&

-            type != CREATE_DIRECTORY &&

-            type != TRUNCATE_DIRECTORY &&

-            type != CREATE_FIFO &&

-            type != IGNORE_PATH &&

-            type != REMOVE_PATH &&

-            type != RECURSIVE_REMOVE_PATH &&

-            type != RECURSIVE_RELABEL_PATH) {

+        switch(type) {

+        case CREATE_FILE:

+        case TRUNCATE_FILE:

+        case CREATE_DIRECTORY:

+        case TRUNCATE_DIRECTORY:

+        case CREATE_FIFO:

+        case IGNORE_PATH:

+        case REMOVE_PATH:

+        case RECURSIVE_REMOVE_PATH:

+        case RELABEL_PATH:

+        case RECURSIVE_RELABEL_PATH:

+                break;

+        default:

                 log_error("[%s:%u] Unknown file type '%c'.", fname, line, type);

                 r = -EBADMSG;

                 goto finish;