diff options
author | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2014-02-10 09:02:16 -0500 |
---|---|---|
committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2014-02-21 08:35:07 -0500 |
commit | cae2fcc0135c26811b1ce353ea28e4a93900c138 (patch) | |
tree | 36e286145646d0bb0e0af31efe75d542108d045b /src | |
parent | 58cee8566fba7b48d127227d96c98549b7db3028 (diff) | |
download | bcfg2-cae2fcc0135c26811b1ce353ea28e4a93900c138.tar.gz bcfg2-cae2fcc0135c26811b1ce353ea28e4a93900c138.tar.bz2 bcfg2-cae2fcc0135c26811b1ce353ea28e4a93900c138.zip |
POSIX: Fix verification of symlinks
* Stat the link itself, not its target
* Get SELinux context from the link, not the target
* Don't get ACLs at all; symlinks don't have their own ACLs
The first issue listed wasn't actually a bug, because none of the
information queried from the target by the stat call was actually used
in verification, but it's been fixed for completeness.
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/Bcfg2/Client/Tools/POSIX/base.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/Bcfg2/Client/Tools/POSIX/base.py b/src/lib/Bcfg2/Client/Tools/POSIX/base.py index e593e0a0a..12f7f8a56 100644 --- a/src/lib/Bcfg2/Client/Tools/POSIX/base.py +++ b/src/lib/Bcfg2/Client/Tools/POSIX/base.py @@ -419,7 +419,7 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): """ Get data on the existing state of <path> -- e.g., whether or not it exists, owner, group, permissions, etc. """ try: - ondisk = os.stat(path) + ondisk = os.lstat(path) except OSError: self.logger.debug("POSIX: %s does not exist" % path) return (False, None, None, None, None, None) @@ -456,7 +456,7 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): if HAS_SELINUX: try: - secontext = selinux.getfilecon(path)[1].split(":")[2] + secontext = selinux.lgetfilecon(path)[1].split(":")[2] except (OSError, KeyError): err = sys.exc_info()[1] self.logger.debug("POSIX: Could not get current SELinux " @@ -465,7 +465,7 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): else: secontext = None - if HAS_ACLS: + if HAS_ACLS and not stat.S_ISLNK(ondisk): acls = self._list_file_acls(path) else: acls = None |