Bug#982392: ssh-copy-id: create ~/.ssh with default SELinux context
Package: openssh-client
Version: 1:8.4p1-3
File: /usr/bin/ssh-copy-id
User: selinux-devel@lists.alioth.debian.org
Usertags: selinux
Dear Maintainer,
ssh-copy-id(1) does create the directory ~/.ssh if it not already
exists. It also runs later, if available, restorecon(8) on the
directory, to correct the SELinux context of it.
It would however be idiomatic to create the directory already with the
default SELinux context, to prepare for restorecon failures and avoid
potential races.
Best regards,
Christian Göttsche
--- /usr/bin/ssh-copy-id 2021-02-09 17:19:48.653799557 +0100
+++ ssh-copy-id 2021-02-09 17:45:38.360891272 +0100
@@ -250,7 +250,7 @@
INSTALLKEYS_SH=$(tr '\t\n' ' ' <<-EOF
cd;
umask 077;
- mkdir -p $(dirname "${AUTH_KEY_FILE}") &&
+ mkdir -pZ $(dirname "${AUTH_KEY_FILE}") &&
{ [ -z \`tail -1c ${AUTH_KEY_FILE} 2>/dev/null\` ] || echo >>
${AUTH_KEY_FILE}; } &&
cat >> ${AUTH_KEY_FILE} ||
exit 1;
Reply to: