* bug#11245: 24.0.95; set-file-selinux-context fails when the filesystem doesn't support contexts
@ 2012-04-15 11:27 goeran
2012-04-16 17:51 ` Glenn Morris
2012-04-19 17:36 ` Glenn Morris
0 siblings, 2 replies; 5+ messages in thread
From: goeran @ 2012-04-15 11:27 UTC (permalink / raw)
To: 11245
After upgrading to emacs to the one in Fedora 17 test release, numbered
24.0.95, I started to get messages about emacs failing to write backup
files, and it writing a %backup%~ file instead. Checking in the file
system, emacs had successfully made a backup file. After a bit of
investigation, I believe it has to do with emacs trying to set SELinux
context on a file system which doesn't support it. In my case, my home
directory is mounted via NFS.
So to reproduce, I do the following, starting in a directory in an NFS
file system:
On the command line:
freddi$ touch apa
freddi$ ll -Z apa
-rw-rw-r--. göran göran system_u:object_r:nfs_t:SystemLow apa
freddi$ emacs -Q
Then, in emacs:
M-x s e t - v a r <tab> <return> b a c k u <tab> b
y <tab> <return> t <return> C-x C-f a p a <return>
a p a C-x C-s
Now I get an error message:
Cannot write backup file; backing up in ~/.emacs.d/%backup%~
But there is an (empty) file "apa~", so the backup DID succeed.
My understanding is that the root cause is the function
set-file-selinux-context in fileio.c failing with a file error when the
lsetfilecon() call fails. But it is not really an error if it fails
with errno set to ENOTSUP. A system which does support SELinux may very
well have some parts of the file tree where you can't modify the
context. Such as an NFS home directory.
It seems to me that the case where lsetfilecon() fails with ENOTSUP
should be handled in the same way as if is_selinux_enabled() returned
false in the first place, i.e. just return without any error. Do I miss
something?
In GNU Emacs 24.0.95.1 (x86_64-redhat-linux-gnu, GTK+ Version 2.24.10)
of 2012-04-06 on x86-13.phx2.fedoraproject.org
Windowing system distributor `Fedora Project', version 11.0.11002000
Configured using:
`configure '--build=x86_64-redhat-linux-gnu'
'--host=x86_64-redhat-linux-gnu' '--program-prefix='
'--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr'
'--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc'
'--datadir=/usr/share' '--includedir=/usr/include'
'--libdir=/usr/lib64' '--libexecdir=/usr/libexec'
'--localstatedir=/var' '--sharedstatedir=/var/lib'
'--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-dbus'
'--with-gif' '--with-jpeg' '--with-png' '--with-rsvg' '--with-tiff'
'--with-xft' '--with-xpm' '--with-x-toolkit=gtk' '--with-gpm=no'
'--with-wide-int' 'build_alias=x86_64-redhat-linux-gnu'
'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS=-DMAIL_USE_LOCKF -O2 -g
-pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
--param=ssp-buffer-size=4 -m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro ''
Important settings:
value of $LC_ALL: nil
value of $LC_COLLATE: nil
value of $LC_CTYPE: nil
value of $LC_MESSAGES: nil
value of $LC_MONETARY: nil
value of $LC_NUMERIC: nil
value of $LC_TIME: nil
value of $LANG: sv_SE.utf8
value of $XMODIFIERS: nil
locale-coding-system: utf-8-unix
default enable-multibyte-characters: t
Major mode: Fundamental
Minor modes in effect:
tooltip-mode: t
mouse-wheel-mode: t
tool-bar-mode: t
menu-bar-mode: t
file-name-shadow-mode: t
global-font-lock-mode: t
font-lock-mode: t
blink-cursor-mode: t
auto-composition-mode: t
auto-encryption-mode: t
auto-compression-mode: t
line-number-mode: t
transient-mark-mode: (only . t)
Recent input:
M-x s e t - v a r <tab> <return> b a c k u <tab> b
<tab> <return> t <return> C-x C-f a p a <return> a
p a C-x C-s M-x r e p o r t - e m a <tab> <return>
Recent messages:
For information about GNU Emacs and the GNU system, type C-h C-a.
Saving file /home/göran/apa...
Cannot write backup file; backing up in ~/.emacs.d/%backup%~
Wrote /home/göran/apa
Load-path shadows:
None found.
Features:
(shadow sort gnus-util mail-extr emacsbug message format-spec rfc822 mml
mml-sec mm-decode mm-bodies mm-encode mail-parse rfc2231 mailabbrev
gmm-utils mailheader sendmail regexp-opt rfc2047 rfc2045 ietf-drums
mm-util mail-prsvr mail-utils cus-edit easymenu cus-start cus-load
wid-edit help-fns time-date tooltip ediff-hook vc-hooks lisp-float-type
mwheel x-win x-dnd tool-bar dnd fontset image fringe lisp-mode register
page menu-bar rfn-eshadow timer select scroll-bar mouse jit-lock
font-lock syntax facemenu font-core frame cham georgian utf-8-lang
misc-lang vietnamese tibetan thai tai-viet lao korean japanese hebrew
greek romanian slovak czech european ethiopic indian cyrillic chinese
case-table epa-hook jka-cmpr-hook help simple abbrev minibuffer loaddefs
button faces cus-face files text-properties overlay sha1 md5 base64
format env code-pages mule custom widget hashtable-print-readable
backquote make-network-process dbusbind dynamic-setting
system-font-setting font-render-setting move-toolbar gtk x-toolkit x
multi-tty emacs)
^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#11245: 24.0.95; set-file-selinux-context fails when the filesystem doesn't support contexts
2012-04-15 11:27 bug#11245: 24.0.95; set-file-selinux-context fails when the filesystem doesn't support contexts goeran
@ 2012-04-16 17:51 ` Glenn Morris
2012-04-19 17:36 ` Glenn Morris
1 sibling, 0 replies; 5+ messages in thread
From: Glenn Morris @ 2012-04-16 17:51 UTC (permalink / raw)
To: Karel Klic; +Cc: 11245, goeran
Hi Karel,
We received this bug report about the SELinux support that you wrote for
Emacs. Could you take a look? Just hit reply-all to respond to the
report. Thanks.
http://debbugs.gnu.org/11245
goeran@uddeborg.se wrote:
> After upgrading to emacs to the one in Fedora 17 test release, numbered
> 24.0.95, I started to get messages about emacs failing to write backup
> files, and it writing a %backup%~ file instead. Checking in the file
> system, emacs had successfully made a backup file. After a bit of
> investigation, I believe it has to do with emacs trying to set SELinux
> context on a file system which doesn't support it. In my case, my home
> directory is mounted via NFS.
>
> So to reproduce, I do the following, starting in a directory in an NFS
> file system:
>
> On the command line:
> freddi$ touch apa
> freddi$ ll -Z apa
> -rw-rw-r--. göran göran system_u:object_r:nfs_t:SystemLow apa
> freddi$ emacs -Q
>
> Then, in emacs:
> M-x s e t - v a r <tab> <return> b a c k u <tab> b
> y <tab> <return> t <return> C-x C-f a p a <return>
> a p a C-x C-s
>
> Now I get an error message:
> Cannot write backup file; backing up in ~/.emacs.d/%backup%~
>
> But there is an (empty) file "apa~", so the backup DID succeed.
>
> My understanding is that the root cause is the function
> set-file-selinux-context in fileio.c failing with a file error when the
> lsetfilecon() call fails. But it is not really an error if it fails
> with errno set to ENOTSUP. A system which does support SELinux may very
> well have some parts of the file tree where you can't modify the
> context. Such as an NFS home directory.
>
> It seems to me that the case where lsetfilecon() fails with ENOTSUP
> should be handled in the same way as if is_selinux_enabled() returned
> false in the first place, i.e. just return without any error. Do I miss
> something?
>
>
>
> In GNU Emacs 24.0.95.1 (x86_64-redhat-linux-gnu, GTK+ Version 2.24.10)
> of 2012-04-06 on x86-13.phx2.fedoraproject.org
> Windowing system distributor `Fedora Project', version 11.0.11002000
> Configured using:
> `configure '--build=x86_64-redhat-linux-gnu'
> '--host=x86_64-redhat-linux-gnu' '--program-prefix='
> '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr'
> '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc'
> '--datadir=/usr/share' '--includedir=/usr/include'
> '--libdir=/usr/lib64' '--libexecdir=/usr/libexec'
> '--localstatedir=/var' '--sharedstatedir=/var/lib'
> '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-dbus'
> '--with-gif' '--with-jpeg' '--with-png' '--with-rsvg' '--with-tiff'
> '--with-xft' '--with-xpm' '--with-x-toolkit=gtk' '--with-gpm=no'
> '--with-wide-int' 'build_alias=x86_64-redhat-linux-gnu'
> 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS=-DMAIL_USE_LOCKF -O2 -g
> -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
> --param=ssp-buffer-size=4 -m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro ''
>
> Important settings:
> value of $LC_ALL: nil
> value of $LC_COLLATE: nil
> value of $LC_CTYPE: nil
> value of $LC_MESSAGES: nil
> value of $LC_MONETARY: nil
> value of $LC_NUMERIC: nil
> value of $LC_TIME: nil
> value of $LANG: sv_SE.utf8
> value of $XMODIFIERS: nil
> locale-coding-system: utf-8-unix
> default enable-multibyte-characters: t
>
> Major mode: Fundamental
>
> Minor modes in effect:
> tooltip-mode: t
> mouse-wheel-mode: t
> tool-bar-mode: t
> menu-bar-mode: t
> file-name-shadow-mode: t
> global-font-lock-mode: t
> font-lock-mode: t
> blink-cursor-mode: t
> auto-composition-mode: t
> auto-encryption-mode: t
> auto-compression-mode: t
> line-number-mode: t
> transient-mark-mode: (only . t)
>
> Recent input:
> M-x s e t - v a r <tab> <return> b a c k u <tab> b
> <tab> <return> t <return> C-x C-f a p a <return> a
> p a C-x C-s M-x r e p o r t - e m a <tab> <return>
>
> Recent messages:
> For information about GNU Emacs and the GNU system, type C-h C-a.
> Saving file /home/göran/apa...
> Cannot write backup file; backing up in ~/.emacs.d/%backup%~
> Wrote /home/göran/apa
>
> Load-path shadows:
> None found.
>
> Features:
> (shadow sort gnus-util mail-extr emacsbug message format-spec rfc822 mml
> mml-sec mm-decode mm-bodies mm-encode mail-parse rfc2231 mailabbrev
> gmm-utils mailheader sendmail regexp-opt rfc2047 rfc2045 ietf-drums
> mm-util mail-prsvr mail-utils cus-edit easymenu cus-start cus-load
> wid-edit help-fns time-date tooltip ediff-hook vc-hooks lisp-float-type
> mwheel x-win x-dnd tool-bar dnd fontset image fringe lisp-mode register
> page menu-bar rfn-eshadow timer select scroll-bar mouse jit-lock
> font-lock syntax facemenu font-core frame cham georgian utf-8-lang
> misc-lang vietnamese tibetan thai tai-viet lao korean japanese hebrew
> greek romanian slovak czech european ethiopic indian cyrillic chinese
> case-table epa-hook jka-cmpr-hook help simple abbrev minibuffer loaddefs
> button faces cus-face files text-properties overlay sha1 md5 base64
> format env code-pages mule custom widget hashtable-print-readable
> backquote make-network-process dbusbind dynamic-setting
> system-font-setting font-render-setting move-toolbar gtk x-toolkit x
> multi-tty emacs)
^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#11245: 24.0.95; set-file-selinux-context fails when the filesystem doesn't support contexts
2012-04-15 11:27 bug#11245: 24.0.95; set-file-selinux-context fails when the filesystem doesn't support contexts goeran
2012-04-16 17:51 ` Glenn Morris
@ 2012-04-19 17:36 ` Glenn Morris
2012-04-19 17:39 ` Glenn Morris
2012-04-20 17:29 ` Glenn Morris
1 sibling, 2 replies; 5+ messages in thread
From: Glenn Morris @ 2012-04-19 17:36 UTC (permalink / raw)
To: 11245; +Cc: goeran
By the way, I think this is something that should be fixed for 24.1.
Maybe the actual fix is simple, thanks to the very clear report.
Just change to using something like (totally untested)
if (fail && errno != ENOTSUP)
report_file_error ("Doing lsetfilecon", Fcons (absname, Qnil));
?
^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#11245: 24.0.95; set-file-selinux-context fails when the filesystem doesn't support contexts
2012-04-19 17:36 ` Glenn Morris
@ 2012-04-19 17:39 ` Glenn Morris
2012-04-20 17:29 ` Glenn Morris
1 sibling, 0 replies; 5+ messages in thread
From: Glenn Morris @ 2012-04-19 17:39 UTC (permalink / raw)
To: 11245; +Cc: goeran
PS as a general comment, should a failure to preserve file attributes /
selinux context really be treated as an error when backing up a file?
^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#11245: 24.0.95; set-file-selinux-context fails when the filesystem doesn't support contexts
2012-04-19 17:36 ` Glenn Morris
2012-04-19 17:39 ` Glenn Morris
@ 2012-04-20 17:29 ` Glenn Morris
1 sibling, 0 replies; 5+ messages in thread
From: Glenn Morris @ 2012-04-20 17:29 UTC (permalink / raw)
To: goeran; +Cc: 11245
I tested this patch with the scenario you describe (using
backup-by-copying = t) and it works for me. I will commit it soon.
*** src/fileio.c 2012-02-25 09:07:23 +0000
--- src/fileio.c 2012-04-20 17:26:15 +0000
***************
*** 2046,2052 ****
{
/* Set the modified context back to the file. */
fail = fsetfilecon (ofd, con);
! if (fail)
report_file_error ("Doing fsetfilecon", Fcons (newname, Qnil));
freecon (con);
--- 2046,2052 ----
{
/* Set the modified context back to the file. */
fail = fsetfilecon (ofd, con);
! if (fail && errno != ENOTSUP)
report_file_error ("Doing fsetfilecon", Fcons (newname, Qnil));
freecon (con);
***************
*** 2920,2926 ****
/* Set the modified context back to the file. */
fail = lsetfilecon (SSDATA (encoded_absname),
context_str (parsed_con));
! if (fail)
report_file_error ("Doing lsetfilecon", Fcons (absname, Qnil));
context_free (parsed_con);
--- 2920,2926 ----
/* Set the modified context back to the file. */
fail = lsetfilecon (SSDATA (encoded_absname),
context_str (parsed_con));
! if (fail && errno != ENOTSUP)
report_file_error ("Doing lsetfilecon", Fcons (absname, Qnil));
context_free (parsed_con);
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2012-04-20 17:29 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-04-15 11:27 bug#11245: 24.0.95; set-file-selinux-context fails when the filesystem doesn't support contexts goeran
2012-04-16 17:51 ` Glenn Morris
2012-04-19 17:36 ` Glenn Morris
2012-04-19 17:39 ` Glenn Morris
2012-04-20 17:29 ` Glenn Morris
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).