Use copy when replacing files to keep SELinux context

When installer replaces any file with newer, it must use 'copy' instead of
'mv' to keep SELinux context valid.

https://fedorahosted.org/freeipa/ticket/6111

Reviewed-By: Petr Spacek <pspacek@redhat.com>
This commit is contained in:
Martin Basti 2016-07-21 18:49:57 +02:00 committed by Martin Babinsky
parent bc7eb99a29
commit f8bf8a6240

View File

@ -528,10 +528,14 @@ def dir_exists(filename):
except Exception: except Exception:
return False return False
def install_file(fname, dest): def install_file(fname, dest):
# SELinux: use copy to keep the right context
if file_exists(dest): if file_exists(dest):
os.rename(dest, dest + ".orig") os.rename(dest, dest + ".orig")
shutil.move(fname, dest) shutil.copy(fname, dest)
os.remove(fname)
def backup_file(fname): def backup_file(fname):
if file_exists(fname): if file_exists(fname):