Description of problem: The runcon program reorders parameters since it uses the default getopt_long setup. But runcon differs from su here since su does not take a command and its parameters on the command line. Trying to run runcon -t unconfined_t /usr/sbin/prelink --no-update-cache some/binary fails since --no-update-cache is no option for runcon. But runcon shouldn't use it in the first place. Of course one can add -- as a parameter before the program name but this is not how other programs with similar interface work, they don't require this kind of knowledge from the user (strace, sh, ...). Version-Release number of selected component (if applicable): coreutils-6.7-9.fc7 How reproducible: always Steps to Reproduce: 1.echo 'int main(){return 0;}' > u.c 2.gcc -o u u.c 3.runcon -t unconfined_t /usr/sbin/prelink -N ./u Actual results: runcon: invalid option -- N [...] Expected results: Success Additional info: The solution is easy: add + as the first character in the option string of the getopt_long call. I very much doubt any script today depends on this level of option reordering so it should not introduce any regression.
Hi Uli, Thanks for the report. I've fixed it on the selinux branch, upstream: http://git.sv.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=9aee8e78ea
Built as coreutils-6.9-9.fc9 , closing RAWHIDE