Use copy when replacing files to keep SELinux context

When installer replaces any file with newer, it must use 'copy' instead of 'mv' to keep SELinux context valid. https://fedorahosted.org/freeipa/ticket/6111 Reviewed-By: Petr Spacek <pspacek@redhat.com>
author: Martin Basti <mbasti@redhat.com> 2016-07-21 18:49:57 +0200
committer: Martin Babinsky <mbabinsk@redhat.com> 2016-07-22 16:46:55 +0200
commit: f8bf8a62402a4385a7cc2f73b37b654b47713d60 (patch)
tree: 10c059f85735030341ba8b1fcb418c2c30b09cbc
parent: bc7eb99a2959980c1abf31f77610cec2f098744b (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py
index 763a99c11..9964fba4f 100644
--- a/ipapython/ipautil.py
+++ b/ipapython/ipautil.py
@@ -528,10 +528,14 @@ def dir_exists(filename):
     except Exception:
         return False
 
+
 def install_file(fname, dest):
+    # SELinux: use copy to keep the right context
     if file_exists(dest):
         os.rename(dest, dest + ".orig")
-    shutil.move(fname, dest)
+    shutil.copy(fname, dest)
+    os.remove(fname)
+
 
 def backup_file(fname):
     if file_exists(fname):
author	Martin Basti <mbasti@redhat.com>	2016-07-21 18:49:57 +0200
committer	Martin Babinsky <mbabinsk@redhat.com>	2016-07-22 16:46:55 +0200
commit	f8bf8a62402a4385a7cc2f73b37b654b47713d60 (patch)
tree	10c059f85735030341ba8b1fcb418c2c30b09cbc
parent	bc7eb99a2959980c1abf31f77610cec2f098744b (diff)