diff options
author | David Ashby <delta.mu.alpha@gmail.com> | 2017-11-22 15:56:56 -0500 |
---|---|---|
committer | David Ashby <delta.mu.alpha@gmail.com> | 2017-11-22 15:56:56 -0500 |
commit | 3d871edbffc973c7b481656bb694d837492a74b7 (patch) | |
tree | cdf13f6258143559273708b142b260b04013587d /lib/chef/util | |
parent | 89bbdc8b5416e6e5c00b80edd74749a379f97a92 (diff) | |
download | chef-3d871edbffc973c7b481656bb694d837492a74b7.tar.gz |
fix argument to restorecon not being shell-escaped
Signed-off-by: David Ashby <delta.mu.alpha@gmail.com>
Diffstat (limited to 'lib/chef/util')
-rw-r--r-- | lib/chef/util/selinux.rb | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/lib/chef/util/selinux.rb b/lib/chef/util/selinux.rb index 0ff76c6407..8b4c38754c 100644 --- a/lib/chef/util/selinux.rb +++ b/lib/chef/util/selinux.rb @@ -48,10 +48,11 @@ class Chef def restore_security_context(file_path, recursive = false) if restorecon_path - restorecon_command = recursive ? "#{restorecon_path} -R -r" : "#{restorecon_path} -R" - restorecon_command += " \"#{file_path}\"" - Chef::Log.debug("Restoring selinux security content with #{restorecon_command}") - shell_out!(restorecon_command) + restorecon_flags = [ "-R" ] + restorecon_flags << "-r" if recursive + restorecon_flags << file_path + Chef::Log.debug("Restoring selinux security content with #{restorecon_path}") + shell_out_compact!(restorecon_path, restorecon_flags) else Chef::Log.warn "Can not find 'restorecon' on the system. Skipping selinux security context restore." end |