Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | POSIX: fixed test to only apply ACLs to non-symlinksv1.3.4 | Chris St. Pierre | 2014-02-25 | 1 | -1/+1 |
| | |||||
* | Revert "POSIX: fixed test to only apply ACLs to non-symlinks" | Chris St. Pierre | 2014-02-25 | 1 | -2/+2 |
| | | | | | | Massive typo. This reverts commit c51850b13f54d6f46e6c671e5ee1d3f0cacef727. | ||||
* | POSIX: fixed test to only apply ACLs to non-symlinks | Chris St. Pierre | 2014-02-25 | 1 | -2/+2 |
| | |||||
* | POSIX: Fix verification of symlinks | Chris St. Pierre | 2014-02-21 | 1 | -3/+3 |
| | | | | | | | | | | * Stat the link itself, not its target * Get SELinux context from the link, not the target * Don't get ACLs at all; symlinks don't have their own ACLs The first issue listed wasn't actually a bug, because none of the information queried from the target by the stat call was actually used in verification, but it's been fixed for completeness. | ||||
* | Don't strip other entries from default ACL, these are defined by mode number. | Richard Connon | 2014-02-10 | 1 | -3/+1 |
| | |||||
* | docstring for new sub-method | Richard Connon | 2014-02-04 | 1 | -0/+2 |
| | |||||
* | Except _verify_acls from pylint branches check | Richard Connon | 2014-02-04 | 1 | -1/+1 |
| | |||||
* | Removed redundant condition for empty default ACL | Richard Connon | 2014-02-04 | 1 | -8/+7 |
| | |||||
* | Fixed continue not in a loop error in previous | Richard Connon | 2014-02-04 | 1 | -1/+1 |
| | |||||
* | fix for "Too many branches" in _verify_acls | Richard Connon | 2014-02-04 | 1 | -20/+23 |
| | |||||
* | Minor changes to default ACL code | Richard Connon | 2014-02-04 | 1 | -5/+4 |
| | |||||
* | Support ACLs without a specific user/group for default owner/owning-group ↵ | Richard Connon | 2014-02-04 | 1 | -28/+52 |
| | | | | ACLs on directories | ||||
* | POSIX: Properly stringify ACLs with no user/group specified | Chris St. Pierre | 2014-01-16 | 1 | -1/+4 |
| | | | | | | | This is just a workaround to avoid a traceback; the real fix will involve making the POSIX tool properly handle ACLs with no user/group given, which refer to the current user/group of the file they apply to. | ||||
* | Remove all ACLs (including mask) from entries with no ACLs listed | Chris St. Pierre | 2013-09-12 | 1 | -0/+5 |
| | | | | | | When installing an entry with no ACLs specified, but with ACLs on the file as it exists on the filesystem, the ACL mask was preserved, even as the ACLs are deleted. | ||||
* | SELinux: Update the matchpathcon function to use the file's mode | Jonathan Billings | 2013-08-22 | 1 | -1/+2 |
| | | | | | | | | If you don't supply a mode to the selinux.matchpathcon() function, it fails to properly look up the context in some circumstances related to context patterns in the SELinux policy. This change looks up the mode and supplies it to the function. (cherry picked from commit 20a2c9a8fb6c6ecbed259b5deccb01c01bf3304f) | ||||
* | POSIX: Ignore permissions error on auto-created dirs | Michael Fenn | 2013-07-24 | 1 | -4/+5 |
| | | | | | | | | | | | | | | If the POSIX client tool is run as a non-root user, it is very likely that the _set_perms() call in _makedirs() will fail because it cannot set the owner of the newly-created directories. This causes _makedirs() to return False, which in turn causes POSIXFile.install() to bail out early. Applying the reasoning in <https://github.com/Bcfg2/bcfg2/pull/108> the freebie directories created by _makedirs should have mode and ownership done on a best-effort basis. If a user needs parent directories to have a specific ownership and mode, then they should specify that directory in their configuration. | ||||
* | New approach, just create nwe directories with mode 0755 regardless | Michael Fenn | 2013-07-01 | 1 | -9/+3 |
| | |||||
* | POSIX: SELinux context fixes for Path entries | Chris St. Pierre | 2013-04-11 | 1 | -5/+11 |
| | | | | | | | * Fixed Path entries with secontext='__default__' where no fcontext rule applied to the path. * Permitted setting secontext='' when no SELinux context should be applied to a Path entry | ||||
* | testsuite: fixed issues found by latest version of pep8 | Chris St. Pierre | 2013-03-26 | 1 | -2/+2 |
| | |||||
* | POSIX: fixed infinite stat() loop with misnamed Path entry | Chris St. Pierre | 2013-03-18 | 1 | -1/+1 |
| | |||||
* | fixed conversion to octal in py3k | Chris St. Pierre | 2012-12-04 | 1 | -5/+7 |
| | |||||
* | POSIX: fixed removal of symlinked directories | Chris St. Pierre | 2012-11-16 | 1 | -5/+13 |
| | |||||
* | POSIX: fix detection of ACLs on entry without pylibacl installed | Chris St. Pierre | 2012-11-07 | 1 | -3/+2 |
| | |||||
* | POSIX: ensure that automatically-created parent dirs have appropriate +x perms | Chris St. Pierre | 2012-11-07 | 1 | -2/+18 |
| | |||||
* | handle malformed ACL tags more elegantly | Chris St. Pierre | 2012-10-19 | 1 | -1/+7 |
| | |||||
* | POSIX: only enable selinux if its enabled on the host | Tim Laszlo | 2012-10-17 | 1 | -1/+1 |
| | |||||
* | POSIX: Switch from perms to mode | Sol Jerome | 2012-10-15 | 1 | -20/+20 |
| | | | | | | | | Bcfg2 has traditionally used the 'perms' attribute to specify the file mode for POSIX entries. Switching to a 'mode' attribute will allow us to be more consistent with other tools as well as POSIX itself. Signed-off-by: Sol Jerome <sol.jerome@gmail.com> | ||||
* | consistently list ACLs on Path entries | Chris St. Pierre | 2012-10-02 | 1 | -3/+5 |
| | |||||
* | if an entry has no acls and its filesystem is mounted noacl, that's not an error | Chris St. Pierre | 2012-09-28 | 1 | -2/+7 |
| | |||||
* | misc. minor bug fixes | Chris St. Pierre | 2012-09-25 | 1 | -3/+8 |
| | |||||
* | fixed tests for pylint changes | Chris St. Pierre | 2012-09-25 | 1 | -0/+2 |
| | |||||
* | expanded pylint tests | Chris St. Pierre | 2012-09-25 | 1 | -96/+176 |
| | |||||
* | run pylint for errors on almost everything, full runs on some selected stuff | Chris St. Pierre | 2012-09-25 | 1 | -1/+1 |
| | |||||
* | ensure that ACL entries can be parsed without error even without pylibacl | Chris St. Pierre | 2012-08-20 | 1 | -1/+1 |
| | |||||
* | fix for missing ACL libs | Chris St. Pierre | 2012-08-16 | 1 | -4/+6 |
| | |||||
* | fix _verify_metadata() when selinux libs not installed | Chris St. Pierre | 2012-08-16 | 1 | -1/+2 |
| | |||||
* | POSIX: | Chris St. Pierre | 2012-08-15 | 1 | -0/+639 |
refactored POSIX tool into multiple files to make it more manageable Added unit tests for POSIX tool and sub-tools fixed ACL handling for filesystems mounted noacl |