Bug 186076 - Yumex cant update packages under selinux=enforced
Yumex cant update packages under selinux=enforced
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
5
All Linux
medium Severity medium
: ---
: ---
Assigned To: Russell Coker
:
Depends On:
Blocks: 186227
  Show dependency treegraph
 
Reported: 2006-03-21 10:09 EST by Tim Lauridsen
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version: 2.2.25-3.fc5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-04-04 05:21:54 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tim Lauridsen 2006-03-21 10:09:34 EST
Description of problem:

On a newly installed FC5, with selinux set to "Enforcing"
I have some problem when updating some packages with yumex.

I get some scriptlet error:

error: %pre(avahi-0.6.9-8.FC5.i386) scriptlet failed, exit status 255
error:   install: %pre scriptlet failed (2), skipping avahi-0.6.9-8.FC5
error: %pre(xorg-x11-server-Xorg-1.0.1-9.i386) scriptlet failed, exit
status 255
error:   install: %pre scriptlet failed (2), skipping
xorg-x11-server-Xorg-1.0.1-9
error: %post(tcsh-6.14-6.fc5.1.i386) scriptlet failed, exit status 255
error: %preun(avahi-0.6.9-3.i386) scriptlet failed, exit status 255 

The error occours because /usr/bin/yumex & /usr/share/yumex/yumex dont have the
rpm_exec_t attribute.

[tim@localhost ~]$ ls -Z /usr/bin/yum
-rwxr-xr-x  root     root     system_u:object_r:rpm_exec_t     /usr/bin/yum
[tim@localhost ~]$ ls -Z /usr/bin/yumex
lrwxrwxrwx  root     root     system_u:object_r:bin_t          /usr/bin/yumex ->
consolehelper
[tim@localhost ~]$ ls -Z /usr/share/yumex/yumex
-rwxr-xr-x  root     root     system_u:object_r:usr_t         
/usr/share/yumex/yumex
[tim@localhost ~]$ ls -Z /usr/sbin/pup
-rwxr-xr-x  root     root     system_u:object_r:rpm_exec_t     /usr/sbin/pup
[tim@localhost ~]$ ls -Z /usr/sbin/pup

I cant added with the following commands:

[root@localhost ~]# semanage fcontext -a -f -- -t rpm_exec_t /usr/share/yumex/yumex
[root@localhost ~]# restorecon  /usr/share/yumex/yumex 
[root@localhost ~]# semanage fcontext -a -f -l -t rpm_exec_t /usr/bin/yumex
[root@localhost ~]# restorecon  /usr/bin/yumex

but it would be nice to have yumex in the targeted-policy
Comment 1 Daniel Walsh 2006-04-03 11:53:04 EDT
Fixed in 2.2.25-3.fc5
Comment 2 Tim Lauridsen 2006-04-04 03:20:37 EDT
Thanks !!!!

Note You need to log in before you can comment on or make changes to this bug.