You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
180 lines
6.3 KiB
180 lines
6.3 KiB
From 09f700e9f953769d1697c46179faba32e4b80c0f Mon Sep 17 00:00:00 2001 |
|
From: Petr Lautrbach <plautrba@redhat.com> |
|
Date: Fri, 4 Feb 2022 13:41:12 +0100 |
|
Subject: [PATCH] policycoreutils/fixfiles: Use parallel relabeling |
|
|
|
Commit 93902fc8340f ("setfiles/restorecon: support parallel relabeling") |
|
implemented support for parallel relabeling in setfiles. This is |
|
available for fixfiles now. |
|
|
|
Signed-off-by: Petr Lautrbach <plautrba@redhat.com> |
|
--- |
|
policycoreutils/scripts/fixfiles | 35 +++++++++++++++++------------- |
|
policycoreutils/scripts/fixfiles.8 | 17 ++++++++++----- |
|
2 files changed, 31 insertions(+), 21 deletions(-) |
|
|
|
diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles |
|
index cb20002ab613..a4a419ab62de 100755 |
|
--- a/policycoreutils/scripts/fixfiles |
|
+++ b/policycoreutils/scripts/fixfiles |
|
@@ -110,6 +110,7 @@ BOOTTIME="" |
|
VERBOSE="-p" |
|
[ -t 1 ] || VERBOSE="" |
|
FORCEFLAG="" |
|
+THREADS="" |
|
RPMFILES="" |
|
PREFC="" |
|
RESTORE_MODE="" |
|
@@ -153,7 +154,7 @@ newer() { |
|
shift |
|
LogReadOnly |
|
for m in `echo $FILESYSTEMSRW`; do |
|
- find $m -mount -newermt $DATE -print0 2>/dev/null | ${RESTORECON} ${FORCEFLAG} ${VERBOSE} $* -i -0 -f - |
|
+ find $m -mount -newermt $DATE -print0 2>/dev/null | ${RESTORECON} ${FORCEFLAG} ${VERBOSE} ${THREADS} $* -i -0 -f - |
|
done; |
|
} |
|
|
|
@@ -197,7 +198,7 @@ if [ -f ${PREFC} -a -x /usr/bin/diff ]; then |
|
esac; \ |
|
fi; \ |
|
done | \ |
|
- ${RESTORECON} ${VERBOSE} ${EXCLUDEDIRS} ${FORCEFLAG} $* -i -R -f -; \ |
|
+ ${RESTORECON} ${VERBOSE} ${EXCLUDEDIRS} ${FORCEFLAG} ${THREADS} $* -i -R -f -; \ |
|
rm -f ${TEMPFILE} ${PREFCTEMPFILE} |
|
fi |
|
} |
|
@@ -235,11 +236,11 @@ LogExcluded |
|
case "$RESTORE_MODE" in |
|
RPMFILES) |
|
for i in `echo "$RPMFILES" | sed 's/,/ /g'`; do |
|
- rpmlist $i | ${RESTORECON} ${VERBOSE} ${EXCLUDEDIRS} ${FORCEFLAG} $* -i -R -f - |
|
+ rpmlist $i | ${RESTORECON} ${VERBOSE} ${EXCLUDEDIRS} ${FORCEFLAG} ${THREADS} $* -i -R -f - |
|
done |
|
;; |
|
FILEPATH) |
|
- ${RESTORECON} ${VERBOSE} ${EXCLUDEDIRS} ${FORCEFLAG} $* -R -- "$FILEPATH" |
|
+ ${RESTORECON} ${VERBOSE} ${EXCLUDEDIRS} ${FORCEFLAG} ${THREADS} $* -R -- "$FILEPATH" |
|
;; |
|
*) |
|
if [ -n "${FILESYSTEMSRW}" ]; then |
|
@@ -247,7 +248,7 @@ case "$RESTORE_MODE" in |
|
echo "${OPTION}ing `echo ${FILESYSTEMSRW}`" |
|
|
|
if [ -z "$BIND_MOUNT_FILESYSTEMS" ]; then |
|
- ${SETFILES} ${VERBOSE} ${EXCLUDEDIRS} ${FORCEFLAG} $* -q ${FC} ${FILESYSTEMSRW} |
|
+ ${SETFILES} ${VERBOSE} ${EXCLUDEDIRS} ${FORCEFLAG} $* -q ${THREADS} ${FC} ${FILESYSTEMSRW} |
|
else |
|
# we bind mount so we can fix the labels of files that have already been |
|
# mounted over |
|
@@ -257,7 +258,7 @@ case "$RESTORE_MODE" in |
|
|
|
mkdir -p "${TMP_MOUNT}${m}" || exit 1 |
|
mount --bind "${m}" "${TMP_MOUNT}${m}" || exit 1 |
|
- ${SETFILES} ${VERBOSE} ${EXCLUDEDIRS} ${FORCEFLAG} $* -q ${FC} -r "${TMP_MOUNT}" "${TMP_MOUNT}${m}" |
|
+ ${SETFILES} ${VERBOSE} ${EXCLUDEDIRS} ${FORCEFLAG} ${THREADS} $* -q ${FC} -r "${TMP_MOUNT}" "${TMP_MOUNT}${m}" |
|
umount "${TMP_MOUNT}${m}" || exit 1 |
|
rm -rf "${TMP_MOUNT}" || echo "Error cleaning up." |
|
done; |
|
@@ -330,8 +331,9 @@ case "$1" in |
|
fi |
|
> /.autorelabel || exit $? |
|
[ -z "$FORCEFLAG" ] || echo -n "$FORCEFLAG " >> /.autorelabel |
|
- [ -z "$BOOTTIME" ] || echo -N $BOOTTIME >> /.autorelabel |
|
- [ -z "$BIND_MOUNT_FILESYSTEMS" ] || echo "-M" >> /.autorelabel |
|
+ [ -z "$BOOTTIME" ] || echo -n "-N $BOOTTIME " >> /.autorelabel |
|
+ [ -z "$BIND_MOUNT_FILESYSTEMS" ] || echo -n "-M " >> /.autorelabel |
|
+ [ -z "$THREADS" ] || echo -n "$THREADS " >> /.autorelabel |
|
# Force full relabel if SELinux is not enabled |
|
selinuxenabled || echo -F > /.autorelabel |
|
echo "System will relabel on next boot" |
|
@@ -343,17 +345,17 @@ esac |
|
} |
|
usage() { |
|
echo $""" |
|
-Usage: $0 [-v] [-F] [-M] [-f] relabel |
|
+Usage: $0 [-v] [-F] [-M] [-f] [-T nthreads] relabel |
|
or |
|
-Usage: $0 [-v] [-F] [-B | -N time ] { check | restore | verify } |
|
+Usage: $0 [-v] [-F] [-B | -N time ] [-T nthreads] { check | restore | verify } |
|
or |
|
-Usage: $0 [-v] [-F] { check | restore | verify } dir/file ... |
|
+Usage: $0 [-v] [-F] [-T nthreads] { check | restore | verify } dir/file ... |
|
or |
|
-Usage: $0 [-v] [-F] -R rpmpackage[,rpmpackage...] { check | restore | verify } |
|
+Usage: $0 [-v] [-F] [-T nthreads] -R rpmpackage[,rpmpackage...] { check | restore | verify } |
|
or |
|
-Usage: $0 [-v] [-F] -C PREVIOUS_FILECONTEXT { check | restore | verify } |
|
+Usage: $0 [-v] [-F] [-T nthreads] -C PREVIOUS_FILECONTEXT { check | restore | verify } |
|
or |
|
-Usage: $0 [-F] [-M] [-B] onboot |
|
+Usage: $0 [-F] [-M] [-B] [-T nthreads] onboot |
|
""" |
|
} |
|
|
|
@@ -372,7 +374,7 @@ set_restore_mode() { |
|
} |
|
|
|
# See how we were called. |
|
-while getopts "N:BC:FfR:l:vM" i; do |
|
+while getopts "N:BC:FfR:l:vMT:" i; do |
|
case "$i" in |
|
B) |
|
BOOTTIME=`/bin/who -b | awk '{print $3}'` |
|
@@ -407,6 +409,9 @@ while getopts "N:BC:FfR:l:vM" i; do |
|
f) |
|
fullFlag=1 |
|
;; |
|
+ T) |
|
+ THREADS="-T $OPTARG" |
|
+ ;; |
|
*) |
|
usage |
|
exit 1 |
|
diff --git a/policycoreutils/scripts/fixfiles.8 b/policycoreutils/scripts/fixfiles.8 |
|
index c4e894e56e8f..9a317d9181e2 100644 |
|
--- a/policycoreutils/scripts/fixfiles.8 |
|
+++ b/policycoreutils/scripts/fixfiles.8 |
|
@@ -6,22 +6,22 @@ fixfiles \- fix file SELinux security contexts. |
|
.na |
|
|
|
.B fixfiles |
|
-.I [\-v] [\-F] [-M] [\-f] relabel |
|
+.I [\-v] [\-F] [-M] [\-f] [\-T nthreads] relabel |
|
|
|
.B fixfiles |
|
-.I [\-v] [\-F] { check | restore | verify } dir/file ... |
|
+.I [\-v] [\-F] [\-T nthreads] { check | restore | verify } dir/file ... |
|
|
|
.B fixfiles |
|
-.I [\-v] [\-F] [\-B | \-N time ] { check | restore | verify } |
|
+.I [\-v] [\-F] [\-B | \-N time ] [\-T nthreads] { check | restore | verify } |
|
|
|
.B fixfiles |
|
-.I [\-v] [\-F] \-R rpmpackagename[,rpmpackagename...] { check | restore | verify } |
|
+.I [\-v] [\-F] [\-T nthreads] \-R rpmpackagename[,rpmpackagename...] { check | restore | verify } |
|
|
|
.B fixfiles |
|
-.I [\-v] [\-F] \-C PREVIOUS_FILECONTEXT { check | restore | verify } |
|
+.I [\-v] [\-F] [\-T nthreads] \-C PREVIOUS_FILECONTEXT { check | restore | verify } |
|
|
|
.B fixfiles |
|
-.I [-F] [-M] [-B] onboot |
|
+.I [-F] [-M] [-B] [\-T nthreads] onboot |
|
|
|
.ad |
|
|
|
@@ -76,6 +76,11 @@ Bind mount filesystems before relabeling them, this allows fixing the context of |
|
.B -v |
|
Modify verbosity from progress to verbose. (Run restorecon with \-v instead of \-p) |
|
|
|
+.TP |
|
+.B \-T nthreads |
|
+Use parallel relabeling, see |
|
+.B setfiles(8) |
|
+ |
|
.SH "ARGUMENTS" |
|
One of: |
|
.TP |
|
-- |
|
2.34.1 |
|
|
|
|