Bug 542420
| Summary: | selinux sticks ":etc_t:" into symlinks labels in /etc/cron.xxxx directories | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Michal Jaegermann <michal> |
| Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 12 | CC: | dwalsh, mgrepl |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | selinux-policy-3.6.32-120.fc12 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-12-07 22:47:13 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Michal Jaegermann
2009-11-29 18:42:01 UTC
OTOH see bug 426428. Boggle! I am changing the labeling so all files in that directory will be bin_t, not just regular files. Current labeling is /etc/cron.daily/.* -- gen_context(system_u:object_r:bin_t,s0) Which says label all files as bin_t New labeling says /etc/cron.daily(/.*)? gen_context(system_u:object_r:bin_t,s0) Which should set all of the labels to bin_t. You can set this your self doing # semanage fcontext -a -t bin_t '/etc/cron.daily(/.*)?' # restorecon -R -v /etc/cron.daily Fixed in selinux-policy-3.6.32-52.fc12.noarch selinux-policy-3.6.32-52.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/selinux-policy-3.6.32-52.fc12 selinux-policy-3.6.32-52.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2009-12549 selinux-policy-3.6.32-55.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/selinux-policy-3.6.32-55.fc12 selinux-policy-3.6.32-55.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2009-12650 selinux-policy-3.6.32-55.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. selinux-policy-3.6.32-120.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/selinux-policy-3.6.32-120.fc12 selinux-policy-3.6.32-120.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. |