2042149 – selinux needs to accommodate /usr/lib/sysimage/rpm

Bug 2042149 - selinux needs to accommodate /usr/lib/sysimage/rpm

Summary: selinux needs to accommodate /usr/lib/sysimage/rpm

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Zdenek Pytela
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2042099
TreeView+	depends on / blocked

Reported:	2022-01-18 21:14 UTC by Chris Murphy
Modified:	2022-02-04 08:48 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2022-02-04 08:48:01 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	fedora-selinux selinux-policy pull 1033	0	None	open	rpm: Support /usr/lib/sysimage/rpm as the rpmdb path	2022-01-28 16:42:18 UTC

Description Chris Murphy 2022-01-18 21:14:37 UTC

Relocate RPM database to /usr/lib/sysimage/rpm
https://fedoraproject.org/wiki/Changes/RelocateRPMToUsr#Scope

Currently on Fedora 35
/usr/lib/sysimage
drwxr-xr-x. 1 root root system_u:object_r:usr_t:s0                0 Jul 21 17:47 sysimage

/var/lib/rpm
drwxr-xr-x. 1 root    root    system_u:object_r:rpm_var_lib_t:s0               106 Jan 14 05:50 rpm

I'm not sure what label /usr/lib/sysimage should be, but rpm inside it probably should have system_u:object_r:rpm_var_lib_t:s0

Comment 1 Neal Gompa 2022-01-28 16:42:19 UTC

Upstream pull request: https://github.com/fedora-selinux/selinux-policy/pull/1033

Comment 2 Neal Gompa 2022-01-28 18:22:59 UTC

Zdenek, can you please review+merge my PR and release it into Rawhide? Then I can build the new rpm with the rpmdb change...

Note You need to log in before you can comment on or make changes to this bug.