Bug 757565

Summary: emacs is not selinux aware
Product: [Fedora] Fedora Reporter: Bill Gradwohl <bill>
Component: emacsAssignee: Karel Klíč <kklic>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 16CC: jonathan.underwood, kklic, rvokal, ville.skytta
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-02-21 15:57:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Bill Gradwohl 2011-11-27 20:39:57 UTC 
Description of problem:
Modify a file with emacs and the *~ version keeps the correct selinux information but the real file has default context.

Version-Release number of selected component (if applicable):
Any and all for quite some time

How reproducible:


Steps to Reproduce:
1.emacs someFileName
2.make a change
3.save
4.Now ls -Z someFileName*
  
Actual results:
The ~ version has the correct selinux info and the real file has it wrong.

Expected results:


Additional info:
What editor are you guys using to avoid manually fixing selinux issues like this? What editor IS selinux aware?
Comment 1 Ville Skyttä 2011-11-27 21:38:46 UTC 
I don't have a SELinux enabled system at hand to test with, but I suppose setting backup-by-copying to t could help.

M-x customize-variable RET backup-by-copying RET -> Toggle it to on
Comment 2 Bill Gradwohl 2011-11-27 22:04:02 UTC 
Ville - 

Thanks for the suggestion. I didn't know it could do that.

But emacs still needs to get fixed.

gedit is also not selinux aware. I'm wondering what the selinux people are using when they make changes to conf files, etc. Its a PITA to keep fixing up the context and too easy to forget to do it.
Comment 3 Karel Klíč 2011-11-27 22:29:31 UTC 
Hi Bill,

the SELinux support will be a part of Emacs 24, which will be released soon. See bug #506060. It would be too error-prone to backport those patches to Emacs 23.

Setting the backup-by-copying variable helps. I think we should not enable it by default, because it would surprise users. Furthermore, Emacs manual says the default is to backup by renaming.

http://www.gnu.org/s/emacs/manual/html_node/elisp/Rename-or-Copy.html
Comment 4 Karel Klíč 2012-02-21 15:57:36 UTC 
No plan to address this issue in Fedora 16. Emacs in Fedora 17 already is SELinux aware.