Bug 467291

Summary: sectool reports false positives
Product: [Fedora] Fedora Reporter: Dominick Grift <dominick.grift>
Component: sectoolAssignee: Peter Vrabec <pvrabec>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: pvrabec
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-10-27 12:55:13 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 438944    
Attachments:
Description Flags
sectool results none

Description Dominick Grift 2008-10-16 17:47:17 UTC 
Created attachment 320586 [details]
sectool results

Description of problem:
sectool-gui filesystem check reports false positives for selinux-contexts

Version-Release number of selected component (if applicable):
sectool-gui-0.9.0-1.fc10.x86_64
sectool-0.9.0-1.fc10.x86_64

How reproducible:
Run the tests (level 5). Look into the filesystem report for /etc/localtime.
sectool reports that this location should have type etc_t, however matchpatchcon /etc/localtime reports that it should be locale_t.

Another example:

Warning(10)   Mislabeled directory '/usr/share/hplip/installer' found. Labeled as 'system_u:object_r:usr_t', should be 'system_u:object_r:bin_t

sh-3.2# matchpathcon /usr/share/hplip/installer
/usr/share/hplip/installer      system_u:object_r:usr_t
Comment 1 Peter Vrabec 2008-10-21 14:31:37 UTC 
Could you try to reproduce the problem with the latest git version, please. 

We can't reproduce it, but I hope it have been already fixed.

What is your?
$ stat -Z /etc/localtime
Comment 2 Dominick Grift 2008-10-21 14:53:25 UTC 
I dont think i would mind trying to reproduce the issue using the latest git version but i dont know the address. Could you not just point me to a source rpm somewhere instead?

  File: `/etc/localtime'
  Size: 2917      	Blocks: 8          IO Block: 4096   regular file
Device: fd01h/64769d	Inode: 737348      Links: 1     Device type: 0,0
Access: (0644/-rw-r--r--)  Uid: (    0/    root)   Gid: (    0/    root)
   S_Context: system_u:object_r:locale_t
Access: 2008-10-21 16:48:50.000000000 +0200
Modify: 2008-09-30 17:59:09.000000000 +0200
Change: 2008-09-30 17:59:09.000000000 +0200
Comment 3 Peter Vrabec 2008-10-21 15:09:15 UTC 
here we go:
http://people.redhat.com/pvrabec/rpms/sectool-0.9.0-2.src.rpm
Comment 4 Dominick Grift 2008-10-21 15:44:09 UTC 
Works fine now in:

sectool-gui-0.9.0-2.x86_64
sectool-0.9.0-2.x86_64

thanks