innernet

mirror of https://github.com/tonarino/innernet.git synced 2024-09-20 06:46:02 +08:00

History

refi64 dbac0dc530 hostsfile: Copy the SELinux context to the temp file before overwrite (#273 ) * hostsfile: Copy the SELinux context to the temp file before overwrite On SELinux-enabled systems, /etc/hosts has a different type `net_conf_t` than the other files in /etc, so the temporary file that overwrites it ends up with the wrong context, resulting in many system services becoming unable to access the file. To fix this, manually look up the context /etc/hosts has and copy it to the temporary file before the rename. In order to avoid depending on libselinux on systems that don't use it, this support is gated behind the new "selinux" feature. It is installed and enabled in the Dockerfile, however, in order to ensure that it still builds. * Appease clippy * Add info about selinux feature to README.md * Remove unused ClientError struct * Reformatted & repositioned and improved doc about selinux --------- Co-authored-by: Brian Schwind <brianmschwind@gmail.com> Co-authored-by: Jürgen Botz <jurgen@botz.org>	2024-07-01 10:16:43 +09:00
..
src	hostsfile: Copy the SELinux context to the temp file before overwrite (#273 )	2024-07-01 10:16:43 +09:00
Cargo.toml	fix nightly build (#304 )	2024-04-19 00:09:23 +09:00

hostsfile: Copy the SELinux context to the temp file before overwrite (#273 )

* hostsfile: Copy the SELinux context to the temp file before overwrite

On SELinux-enabled systems, /etc/hosts has a different type `net_conf_t`
than the other files in /etc, so the temporary file that overwrites it
ends up with the wrong context, resulting in many system services
becoming unable to access the file. To fix this, manually look up the
context /etc/hosts has and copy it to the temporary file before
the rename.

In order to avoid depending on libselinux on systems that don't use it,
this support is gated behind the new "selinux" feature. It *is*
installed and enabled in the Dockerfile, however, in order to ensure
that it still builds.

* Appease clippy

* Add info about selinux feature to README.md

* Remove unused ClientError struct

* Reformatted & repositioned and improved doc about selinux

---------

Co-authored-by: Brian Schwind <brianmschwind@gmail.com>
Co-authored-by: Jürgen Botz <jurgen@botz.org>

2024-07-01 10:16:43 +09:00

src

hostsfile: Copy the SELinux context to the temp file before overwrite (#273 )

2024-07-01 10:16:43 +09:00

Cargo.toml

fix nightly build (#304 )

2024-04-19 00:09:23 +09:00