On Sun, Oct 3, 2021 at 1:15 PM Arnout Vandecappelle wrote: > > > On 01/10/2021 08:20, José Pekkarinen wrote: > > Testing buildroot 2021.05 I observed that after first > > boot I was having the following folders: > > > > /context: > > /system_u:object_r:auditd_log_t > > > > The root of this problem turned to be a difference in the > > output of $(selabel_lookup -b file -k /var/log/audit) called > > by S02auditd that from this verison on looks like: > > > > $ selabel_lookup -b file -k /var/log/audit > > Default context: system_u:object_r:auditd_log_t > > What is the chance that this output format is going to change again? > Does > selabel_lookup has a "scriptable" output format that we can rely on not to > change? > I'm afraid I have tried both all the options around without any clearer output, for instance, -r(of raw) still writes the 'Default context:' piece, as well as the -t(of type). I know it doesn't look elegant, but for now it seems the best we can afford. Best regards. José. > > > > > This patch will cut it to retrieve the type piece only. > > > > Signed-off-by: José Pekkarinen > > --- > > package/audit/S02auditd | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/package/audit/S02auditd b/package/audit/S02auditd > > index 0eef881cee..dd3dc22d6d 100644 > > --- a/package/audit/S02auditd > > +++ b/package/audit/S02auditd > > @@ -20,7 +20,7 @@ start(){ > > # the directory with SELinux permissions if possible > > command -v selabel_lookup >/dev/null 2>&1 > > if [ $? = 0 ]; then > > - mkdir -p /var/log/audit -Z `selabel_lookup -b file -k > /var/log/audit` > > + mkdir -p /var/log/audit -Z `selabel_lookup -b file -k > /var/log/audit | cut -d ' ' -f 3` > > else > > mkdir -p /var/log/audit > > fi > >