fix argument to restorecon not being shell-escaped

Signed-off-by: David Ashby <delta.mu.alpha@gmail.com>
author: David Ashby <delta.mu.alpha@gmail.com> 2017-11-22 15:56:56 -0500
committer: David Ashby <delta.mu.alpha@gmail.com> 2017-11-22 15:56:56 -0500
commit: 3d871edbffc973c7b481656bb694d837492a74b7 (patch)
tree: cdf13f6258143559273708b142b260b04013587d /lib/chef/util
parent: 89bbdc8b5416e6e5c00b80edd74749a379f97a92 (diff)
download: chef-3d871edbffc973c7b481656bb694d837492a74b7.tar.gz
1 files changed, 5 insertions, 4 deletions
diff --git a/lib/chef/util/selinux.rb b/lib/chef/util/selinux.rb
index 0ff76c6407..8b4c38754c 100644
--- a/lib/chef/util/selinux.rb
+++ b/lib/chef/util/selinux.rb
@@ -48,10 +48,11 @@ class Chef
 
       def restore_security_context(file_path, recursive = false)
         if restorecon_path
-          restorecon_command = recursive ? "#{restorecon_path} -R -r" : "#{restorecon_path} -R"
-          restorecon_command += " \"#{file_path}\""
-          Chef::Log.debug("Restoring selinux security content with #{restorecon_command}")
-          shell_out!(restorecon_command)
+          restorecon_flags = [ "-R" ]
+          restorecon_flags << "-r" if recursive
+          restorecon_flags << file_path
+          Chef::Log.debug("Restoring selinux security content with #{restorecon_path}")
+          shell_out_compact!(restorecon_path, restorecon_flags)
         else
           Chef::Log.warn "Can not find 'restorecon' on the system. Skipping selinux security context restore."
         end
author	David Ashby <delta.mu.alpha@gmail.com>	2017-11-22 15:56:56 -0500
committer	David Ashby <delta.mu.alpha@gmail.com>	2017-11-22 15:56:56 -0500
commit	3d871edbffc973c7b481656bb694d837492a74b7 (patch)
tree	cdf13f6258143559273708b142b260b04013587d /lib/chef/util
parent	89bbdc8b5416e6e5c00b80edd74749a379f97a92 (diff)
download	chef-3d871edbffc973c7b481656bb694d837492a74b7.tar.gz