Skip to content

Commit

Permalink
selinux: fix xattr and remove anyhow (#2936)
Browse files Browse the repository at this point in the history
* fix_xattr

Signed-off-by: Hiroyuki Moriya <41197469+Gekko0114@users.noreply.github.com>

* fix

Signed-off-by: Hiroyuki Moriya <41197469+Gekko0114@users.noreply.github.com>

---------

Signed-off-by: Hiroyuki Moriya <41197469+Gekko0114@users.noreply.github.com>
  • Loading branch information
Gekko0114 authored Sep 29, 2024
1 parent e0d53a8 commit ab6c074
Show file tree
Hide file tree
Showing 5 changed files with 23 additions and 15 deletions.
7 changes: 0 additions & 7 deletions experiment/selinux/Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 0 additions & 1 deletion experiment/selinux/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ autoexamples = true
keywords = ["youki", "container", "selinux"]

[dependencies]
anyhow = "1.0.86"
nix = { version = "0.29.0", features = ["process", "fs", "socket"] }
rustix = { version = "0.38.34", features = ["fs"] }
tempfile = "3.10.1"
Expand Down
5 changes: 2 additions & 3 deletions experiment/selinux/src/main.rs
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
use anyhow::Result;
use selinux::selinux::*;
use selinux::selinux_label::*;
use std::fs::File;
use std::path::Path;

fn main() -> Result<()> {
fn main() -> Result<(), SELinuxError> {
let mut selinux_instance: SELinux = SELinux::new();

if selinux_instance.get_enabled() {
Expand Down Expand Up @@ -32,7 +31,7 @@ fn main() -> Result<()> {
}

let file_path = Path::new("./test_file.txt");
let _file = File::create(file_path)?;
let _file = File::create(file_path).unwrap();
let selinux_label =
SELinuxLabel::try_from("system_u:object_r:public_content_t:s0".to_string())?;
SELinux::set_file_label(file_path, selinux_label)?;
Expand Down
4 changes: 2 additions & 2 deletions experiment/selinux/src/selinux.rs
Original file line number Diff line number Diff line change
Expand Up @@ -489,7 +489,7 @@ mod tests {

fn create_temp_file(content: &[u8], file_name: &str) {
let path = Path::new(file_name);
let mut file = File::create(&path).expect("Failed to create file");
let mut file = File::create(path).expect("Failed to create file");
file.write_all(content).expect("Failed to write to file");
file.sync_all().expect("Failed to sync file");
}
Expand Down Expand Up @@ -570,7 +570,7 @@ mod tests {
let expected = PathBuf::from(expected_array[i]);
match SELinux::check_line_include_selinux_fs_mount_point(input) {
Some(output) => assert_eq!(expected, output),
None => assert_eq!(succeeded_array[i], false),
None => assert!(!succeeded_array[i]),
}
}
}
Expand Down
21 changes: 19 additions & 2 deletions experiment/selinux/src/tools/xattr.rs
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,11 @@ where
// set_xattr sets extended attributes on a file specified by its path.
fn set_xattr(&self, attr: &str, data: &[u8]) -> Result<(), XattrError> {
let path = self.as_ref();
match rfs::setxattr(path, attr, data, rfs::XattrFlags::REPLACE) {
let op = match path.get_xattr(attr) {
Ok(_) => rfs::XattrFlags::REPLACE,
Err(_) => rfs::XattrFlags::CREATE,
};
match rfs::setxattr(path, attr, data, op) {
Ok(_) => Ok(()),
Err(e) => {
let errno = e.raw_os_error();
Expand All @@ -50,7 +54,11 @@ where
// lset_xattr sets extended attributes on a symbolic link.
fn lset_xattr(&self, attr: &str, data: &[u8]) -> Result<(), XattrError> {
let path = self.as_ref();
match rfs::lsetxattr(path, attr, data, rfs::XattrFlags::REPLACE) {
let op = match path.lget_xattr(attr) {
Ok(_) => rfs::XattrFlags::REPLACE,
Err(_) => rfs::XattrFlags::CREATE,
};
match rfs::lsetxattr(path, attr, data, op) {
Ok(_) => Ok(()),
Err(e) => {
let errno = e.raw_os_error();
Expand Down Expand Up @@ -128,6 +136,15 @@ mod tests {
let temp_file = NamedTempFile::new().expect("Failed to create temp file");
let file_path = temp_file.path();

// Verify that the first "set_xattr" operation succeeds, which means it doesn't have xattr yet.
file_path
.set_xattr(attr_name, attr_value.as_bytes())
.expect("Failed to set xattr");
let actual = file_path.get_xattr(attr_name).expect("Failed to get xattr");
assert_eq!(actual, attr_value);

// Verify that the second "set_xattr" operation succeeds, which means it already has xattr.
let attr_value = "system_u:object_r:another_label_t";
file_path
.set_xattr(attr_name, attr_value.as_bytes())
.expect("Failed to set xattr");
Expand Down

0 comments on commit ab6c074

Please sign in to comment.