- preserve = 1;
- udev_selinux_lsetfilecon(udev, file, mode);
- /* update time stamp when we re-use the node, like on media change events */
- utimes(file, NULL);
+ if (stats.st_mode != mode || stats.st_uid != uid || stats.st_gid != gid) {
+ info(udev, "set permissions %s, %#o, uid=%u, gid=%u\n", file, mode, uid, gid);
+ chmod(file, mode);
+ chown(file, uid, gid);
+ } else {
+ info(udev, "preserve permissions %s, %#o, uid=%u, gid=%u\n", file, mode, uid, gid);
+ }
+ /*
+ * Set initial selinux file context only on add events.
+ * We set the proper context on bootup (triger) or for newly
+ * added devices, but we don't change it later, in case
+ * something else has set a custom context in the meantime.
+ */
+ if (strcmp(udev_device_get_action(dev), "add") == 0)
+ udev_selinux_lsetfilecon(udev, file, mode);
+ /* always update timestamp when we re-use the node, like on media change events */
+ utimensat(AT_FDCWD, file, NULL, 0);