From f9e6be05bc94449b41b04ab8571a8d1cb4858eeb Mon Sep 17 00:00:00 2001
From: Milan Zink <mzink@redhat.com>
Date: Wed, 10 Jan 2018 13:04:42 +0100
Subject: extras/hooks: Fix S10selinux-label-brick.sh hook script

* script was failng due to syntax error
* shellcheck issues fixed
* improved performance: semanage & restorecon is being run on unique path

Change-Id: I58b357d9fd37586004a2a518f7a5d1c5c9ddd7e3
BUG: 1533342
Signed-off-by: Milan Zink <zeten30@gmail.com>
---
 .../create/post/S10selinux-label-brick.sh          | 57 +++++++++++-----------
 1 file changed, 29 insertions(+), 28 deletions(-)

diff --git a/extras/hook-scripts/create/post/S10selinux-label-brick.sh b/extras/hook-scripts/create/post/S10selinux-label-brick.sh
index 6be407248cc..de242d20af4 100755
--- a/extras/hook-scripts/create/post/S10selinux-label-brick.sh
+++ b/extras/hook-scripts/create/post/S10selinux-label-brick.sh
@@ -14,48 +14,49 @@ OPTSPEC="volname:"
 VOL=
 
 parse_args () {
-        ARGS=$(getopt -o '' -l $OPTSPEC -n $PROGNAME -- "$@")
-        eval set -- "$ARGS"
-
-        while true; do
-        case $1 in
-        --volname)
-         shift
-         VOL=$1
-         ;;
-        *)
-         shift
-         break
-         ;;
-        esac
+  ARGS=$(getopt -o '' -l ${OPTSPEC} -n ${PROGNAME} -- "$@")
+  eval set -- "${ARGS}"
+
+  while true; do
+    case ${1} in
+      --volname)
+        shift
+        VOL=${1}
+      ;;
+      *)
         shift
-        done
+        break
+      ;;
+    esac
+    shift
+  done
 }
 
 set_brick_labels()
 {
-        volname=$1
+  volname=${1}
 
-        # grab the path for each local brick
-        brickdirs=$(grep '^path=' /var/lib/glusterd/vols/${volname}/bricks/* | cut -d= -f 2)
+  # grab the path for each local brick
+  brickpath="/var/lib/glusterd/vols/${volname}/bricks/*"
+  brickdirs=$(grep '^path=' "${brickpath}" | cut -d= -f 2 | sort -u)
 
-        for b in $brickdirs
-        do
-                # Add a file context for each brick path and associate with the
-                # glusterd_brick_t SELinux type.
-                semanage fcontext --add -t glusterd_brick_t -r s0 $b(/.*)?
+  for b in ${brickdirs}; do
+    # Add a file context for each brick path and associate with the
+    # glusterd_brick_t SELinux type.
+    pattern="${b}\(/.*\)?"
+    semanage fcontext --add -t glusterd_brick_t -r s0 "${pattern}"
 
-                # Set the labels on the new brick path.
-                restorecon -R $b
-        done
+    # Set the labels on the new brick path.
+    restorecon -R "${b}"
+  done
 }
 
 SELINUX_STATE=$(which getenforce && getenforce)
 [ "${SELINUX_STATE}" = 'Disabled' ] && exit 0
 
 parse_args "$@"
-[ -z "$VOL" ] && exit 1
+[ -z "${VOL}" ] && exit 1
 
-set_brick_labels $VOL
+set_brick_labels "${VOL}"
 
 exit 0
-- 
cgit