Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 319231

Summary: /usr/bin/install doesn't set the right context on installed binaries
Product: [Fedora] Fedora Reporter: Ray Strode [halfline] <rstrode>
Component: coreutilsAssignee: Ondrej Vasik <ovasik>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: rawhideCC: dwalsh, twaugh
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-02-18 11:20:15 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Ray Strode [halfline] 2007-10-04 16:49:02 EDT

I just did make install while working on rhgb optimization, and came across this:

$ ls -lZ /usr/bin/rhgb
-rwxr-xr-x  root root system_u:object_r:bin_t          /usr/bin/rhgb


$ sudo /sbin/restorecon /usr/bin/rhgb

results in

$ ls -lZ /usr/bin/rhgb
-rwxr-xr-x  root root system_u:object_r:rhgb_exec_t    /usr/bin/rhgb
Comment 1 Daniel Walsh 2007-10-04 16:54:10 EDT
THere used to be a builtin matchpathcon/setfscreatecon before creating the
destination file.  This is similar to rpm, so  I think it should set the correct
file context.  It should fail over to not setting the file context if it can't
retrieve it.
Comment 2 Ray Strode [halfline] 2007-10-04 16:57:16 EDT
for reference, the relevant make install output is:

/usr/bin/install -c rhgb /usr/bin/rhgb

Comment 3 Ondrej Vasik 2007-11-13 10:20:33 EST
Fixed in coreutils-6.9-13.fc9 , will backport to lower fedoras, closing RAWHIDE.
Comment 4 Ray Strode [halfline] 2008-02-14 15:51:12 EST
seems to be broken in


I did a make install today for gdm and when i restarted gdm users logging in got
the wrong context making it so that nm-applet couldn't talk over d-bus to
NetworkManager with messages like:

security:  context user_u:system_r:unconfined_dbusd_t:s0 is invalid
Comment 5 Ray Strode [halfline] 2008-02-14 15:52:05 EST
before make install:

$ ls -lZ /usr/sbin/gdm-binary 
-rwxr-xr-x  root root system_u:object_r:xdm_exec_t:s0  /usr/sbin/gdm-binary


$ ls -lZ /usr/sbin/gdm-binary 
-rwxr-xr-x  root root user_u:object_r:bin_t:s0         /usr/sbin/gdm-binary
Comment 6 Ondrej Vasik 2008-02-15 02:05:47 EST
Thanks for report, it is possible, because upstream implemented many things in
different way than RedHat and there may be some implementation conflicts. Will
check it and hopefully fix that asap...
Comment 7 Ondrej Vasik 2008-02-18 11:20:15 EST
Fixed again in coreutils-6.10-8.fc9 , caused by upstream changes. Closing RAWHIDE.