Red Hat Bugzilla – Bug 160897
Better mechanism is needed for pre-creating folders
Last modified: 2007-11-30 17:11:08 EST
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4 Description of problem: We need something that's managed with the package, whose files we are pre-creating - not with selinux. We need to be doing creation and relabel at install time, not at login shell time. Version-Release number of selected component (if applicable): How reproducible: Didn't try Steps to Reproduce: Additional info:
This bug refers to the /etc/profile.d/selinux.sh script, which is a (necessary) hack, that should be eradicated in the long term, and replaced with a per package solution of some kind. A related item is the need to pre-create /tmp folders that are not "owned" by a particular user (like .*-unix). The selinux.sh script does not work for those, because it's a profile script. Those folders can be erased on a tmpfs /tmp, and need to be re-created before anything starts using them, mis-setting the context. This seems to imply that we need a boot time script for selinux as well.
restorecond can do this.