do not need to set recursive=True when restoring the selinux mode of the / directory

Open xiaoge1001 opened this issue 4 months ago • 3 comments

Bug report

do not need to set recursive=True when restoring the selinux mode of the / directory. This may modify the SELinux security context of some files that are not displayed in the result of "semanage fcontext -l". This may affect other applications.

Steps to reproduce the problem

The mount point is set to /mnt1 and the /mnt1 directory does not exist.

from cloudinit import util
# the /mnt1 directory does not exist
util.ensure_dir("/mnt1")

Environment details

Cloud-init version: cloud-init-23.4.1-3.oe2403
Operating System Distribution:openEuler-24.03-LTS
Cloud provider, platform or installer type:nocloud

cloud-init logs

2024-10-08 07:31:41,157 - cc_mounts.py[DEBUG]: mounts configuration is [['my_alias.1', '/mnt1'], ['my_alias.2', '/mnt2']]
... ...
... ...
2024-10-08 07:31:41,161 - util.py[DEBUG]: Restoring selinux mode for / (recursive=True)
... ...
... ...

Oct 10 '24 08:10 xiaoge1001

cloud-init cloud-init copied to clipboard

do not need to set recursive=True when restoring the selinux mode of the / directory

Bug report

Steps to reproduce the problem

Environment details

cloud-init logs

cloud-init
cloud-init copied to clipboard