Wednesday, February 18, 2009

cp -a command bug or selinux bug??

I'm buidling an NFS installation server and could not get the files from the mounted iso image to copy into the /install directory I created until I spoke to the fine folks in the #rhel channel on freenode. The conclusion was a bug from 2 or 3 years ago that was fixed in Fedora but not RHEL. Why is something so basic and necessary still broken on RHEL? Is it possible this is not a bug and just an outdated man page or incorrect documentation from Redhat?

Let me tell you exactly what I did to cause this problem to happen.

1) [root@habanero /]# mkdir /install
drwxr-xr-x 2 root root 4096 Feb 18 11:06 install

2) mount -ro loop /home/xxxx/isos/rhel-server-5.3-i386-dvd.iso /mnt

3) cp -ar /mnt/. /install
UPDATE: cp -a /mnt/. /install (same errors as below)

4) weeeee, look at the errors - truncated of course :)
cp: cannot create regular file `/install/./EULA': Permission denied
cp: cannot create regular file `/install/./GPL': Permission denied
cp: cannot create regular file `/install/./README-as.html': Permission denied
cp: cannot create regular file `/install/./README-bn.html': Permission denied
cp: cannot create regular file `/install/./README-de.html': Permission denied
cp: cannot create regular file `/install/./README-en': Permission denied
cp: cannot create regular file `/install/./README-en.html': Permission denied
cp: cannot create regular file `/install/./README-es.html': Permission denied

5) now look at the permissions on my /install directory
dr-xr-xr-x 2 root root 4096 Jan 6 17:39 install

6) Now here's the kicker... if I do any of the following, the files copy into the /install directory without issue.

cp -r /mnt/. /install
cp -dpR /mnt/. /install (equivalent of -a)
cp -ar /mnt/. /install (with selinux set to permissive with setenforce 0)
cp -a /mnt/. /install (with selinux set to permissive with setenforce 0)

So I ask you... is this an selinux bug or cp command bug?? Comments more than welcome!

BTW - Redhat documentation states using the command cp -a (just for the record)