Bug 119660
Summary: | Should rpmbuild be allowed to read/etc/security/selinux/file_contexts? | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Aleksey Nogin <aleksey> |
Component: | policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED RAWHIDE | QA Contact: | Ben Levenson <benl> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | gczarcinski, jbj, pgraner |
Target Milestone: | --- | Keywords: | SELinux |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2004-05-10 15:07:32 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Aleksey Nogin
2004-04-01 06:09:18 UTC
Fixed in policy-1.9.2-2 I am allowing it. Might end up being a tunable. OK, this does not make sense ... policy 1.9.2-10 (with policy. renamed to policy.16). I have a local (private) rpm build tree. When I try to install a src.rpm package, rpm is trying to access file_contexts. Why is this necessary? It is trying to read the file context of the file that you are assigning. There should be a change in that policy to allow user to read that file. Dan Which version of policy has the fix. I am running 1.9.2-10 and it has the problem. My problem is not the original one (with rpmbuild) ... it is with rpm installing a src.rpm into a local/private build tree owned by a regular user. It dissappeared. I am adding it back in. Look for it tomorrow. Basically need r_dir_file($1_t, policy_config_t) in base_user_role inside the macro. OK, it looks like the problem reported here is fixed in polic 1.9.2-12 However, the effect appears to cause other problem which will be separately reported. |