Older coreutils was less efficient and always called
getxattr("security.selinux"),
and thus shows the SELinux context as expected:
$ coreutils-9.3/src/ls -lZd /run/initramfs
drwxr-xr-x. 3 root root system_u:object_r:tmpfs_t:s0 60 Apr 19 14:52
/run/initramfs
$ coreutils-9.3/src/ls -lZd /sys/block
drwxr-xr-x. 2 root root system_u:object_r:sysfs_t:s0 0 Apr 23 12:54 /sys/block
However newer coreutils is more efficient, and does not call getxattr()
if listxattr() returns 0 indicating that there are no xattrs.
$ coreutils-9.7/src/ls -lZd /run/initramfs
drwxr-xr-x 3 root root ? 60 Apr 19 14:52 /run/initramfs
$ coreutils-9.7/src/ls -lZd /sys/block
drwxr-xr-x 2 root root ? 0 Apr 23 12:54 /sys/block
I also noticed the same issue with the exa utility for example.
For coreutils to maintain efficient processing and to fix the issue centrally,
it would be more correct for listxattr() to return ENOTSUP,
in which case ls will try the getxattr() call and operate as expected.
Otherwise I can't see a way for coreutils to be both efficient and always
correct.
I'm currently testing on kernel 6.14.2-300.fc42.x86_64
thanks,
Padraig
