[Toybox] toybox.cp usage for preserving SMACK attributes
Rob Landley
rob at landley.net
Wed Aug 2 13:15:31 PDT 2023
On 8/1/23 18:11, Lokesh Chandra Kumar wrote:
> Hello all,
>
> I am currently using toybox (version 0.8.6) to copy files in an embedded device,
> but the cp seems to be not preserving SMACK attributes for intermediate
> directories while doing the copy.
Alas SMACK support hasn't been properly regression tested since the Tizen guys
wandered off about 5 years ago. I don't have a test environment for it. (Can you
maybe suggest a distro I can run in kvm to test it?)
In theory we're preserving the xattrs so the security context should marshall
along. I admit some of the newer code (ala tar) has specifically thought about
selinux rather than using the generic lib/lsm.h wrapper functions just because
nobody'd asked about smack in so long.
> This is the command I run,
>
> cp -a --preserve=all --parents <abs path to source file or folder> <destination
> directory>
>
> What I see is that the final file has the correct SMACK attributes, but the
> intermediate folders have their SMACK labels reset to "System". Is this a known
> issue and is there a suitable patch that I could use to prevent this issue ?
Ah, that's a known issue:
https://github.com/landley/toybox/blob/0.8.10/toys/posix/cp.c#L273
Hmmm, I'll take another stab at it...
Rob
More information about the Toybox
mailing list