Red Hat Bugzilla – Bug 189890
patch does not respect SELinux type context on files
Last modified: 2007-11-30 17:07:24 EST
patch-2.5.4-20 on U3.
Description of problem:
patch always changes the context type of a file to tmp_t. Example:
[test@test ~]$ ls -Z test.pl test.diff
-rw-rw-r-- test test user_u:object_r:user_home_t test.diff
-rw-rw-r-- test test user_u:object_r:user_home_t test.pl
[test@test ~]$ patch -p0 test.pl test.diff
patching file test.pl
[test@test ~]$ ls -Z test.pl
-rw-rw-r-- test test user_u:object_r:tmp_t test.pl
This can cause unexpected permssion errors when using the patched file; for
example, if it were a cgi script or libary with type httpd_sys_content_t, the
context change can cause odd permission errors.
Although straightforward to work around, it would be nice if patch would handle
the type cleanup itself.
*** This bug has been marked as a duplicate of 165799 ***