From 082020ce8947ee89f7a9ec6abdd879c595364cb7 Mon Sep 17 00:00:00 2001 From: Paul-Emile Element Date: Mon, 3 Dec 2018 16:09:08 -0500 Subject: [PATCH] preserve file signature when copying lighttpd config / init files The lighttpd-config rpm was created to overwrite some configration files from the stock lighttpd rpm. However, the default behavior of the cp command does not preserve extended attibutes. The result is that the IMA file signatures were lost and the system generated IMA appraisal failures when configured using the extended security profile. This modification simply adds the required option to the cp command to copy the extended attributes with the source files. Closes-Bug: #1806433 Change-Id: I6811000b9bbd87004b371e8475359601f332a61a Signed-off-by: Paul-Emile Element --- base/lighttpd-config/centos/lighttpd-config.spec | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/base/lighttpd-config/centos/lighttpd-config.spec b/base/lighttpd-config/centos/lighttpd-config.spec index ab701a6d9..7ee6a998f 100644 --- a/base/lighttpd-config/centos/lighttpd-config.spec +++ b/base/lighttpd-config/centos/lighttpd-config.spec @@ -43,11 +43,11 @@ chmod 02770 %{buildroot}%{_sysconfdir}/lighttpd %post if [ $1 -eq 1 ] ; then - cp -f %{_datadir}/starlingx/lighttpd.conf %{_sysconfdir}/lighttpd/lighttpd.conf + cp --preserve=xattr -f %{_datadir}/starlingx/lighttpd.conf %{_sysconfdir}/lighttpd/lighttpd.conf chmod 640 %{_sysconfdir}/lighttpd/lighttpd.conf - cp -f %{_datadir}/starlingx/lighttpd.init %{_sysconfdir}/rc.d/init.d/lighttpd + cp --preserve=xattr -f %{_datadir}/starlingx/lighttpd.init %{_sysconfdir}/rc.d/init.d/lighttpd chmod 755 %{_sysconfdir}/rc.d/init.d/lighttpd - cp -f %{_datadir}/starlingx/lighttpd.logrotate %{_sysconfdir}/logrotate.d/lighttpd + cp --preserve=xattr -f %{_datadir}/starlingx/lighttpd.logrotate %{_sysconfdir}/logrotate.d/lighttpd chmod 644 %{_sysconfdir}/logrotate.d/lighttpd fi