Bug 235744 - vim doesn't restore SELinux context on files after saving, requiring manual restorecon
vim doesn't restore SELinux context on files after saving, requiring manual r...
Product: Fedora
Classification: Fedora
Component: vim (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Karsten Hopp
David Lawrence
Depends On:
  Show dependency treegraph
Reported: 2007-04-09 17:37 EDT by James Hunt
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-04-16 04:11:24 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description James Hunt 2007-04-09 17:37:06 EDT
Description of problem:

When I edit a file in say, /etc, vim does *not* maintain the SELinux security
context of the file as it should.

Version-Release number of selected component (if applicable):

# rpm -qa|grep vim

How reproducible:

Every time.

Steps to Reproduce:
1. Ensure roots .vimrc contains, ":set dir=>/tmp"
2. ls -lZ /etc/fstab
-rw-r--r--  root root system_u:object_r:etc_t          /etc/fstab
3. vi /etc/fstab
4. :wq

Actual results:

# ls -lZ /etc/fstab
-rw-r--r--  root root user_u:object_r:tmp_t            /etc/fstab

Expected results:

ls -lZ /etc/fstab
-rw-r--r--  root root system_u:object_r:etc_t          /etc/fstab

Additional info:

To fix the problem, run:

# restorecon -v /etc/fstab
restorecon reset /etc/fstab context

Note: vim _is_ linked to libselinux:

# ldd `which vim`
        linux-gate.so.1 =>  (0x00e11000)
        libselinux.so.1 => /lib/libselinux.so.1 (0x4988f000)
        libncurses.so.5 => /usr/lib/libncurses.so.5 (0x4a1c2000)
        libacl.so.1 => /lib/libacl.so.1 (0x4902d000)
        libgpm.so.1 => /usr/lib/libgpm.so.1 (0x41000000)
        libperl.so =>
/usr/lib/perl5/5.8.8/i386-linux-thread-multi/CORE/libperl.so (0x4a014000)
        libresolv.so.2 => /lib/libresolv.so.2 (0x498fb000)
        libutil.so.1 => /lib/libutil.so.1 (0x49e9f000)
        libc.so.6 => /lib/libc.so.6 (0x48d24000)
        libm.so.6 => /lib/libm.so.6 (0x48e63000)
        libdl.so.2 => /lib/libdl.so.2 (0x48e8c000)
        libpthread.so.0 => /lib/libpthread.so.0 (0x48fca000)
        libsepol.so.1 => /lib/libsepol.so.1 (0x498a8000)
        /lib/ld-linux.so.2 (0x48d07000)
        libattr.so.1 => /lib/libattr.so.1 (0x499ac000)
        libnsl.so.1 => /lib/libnsl.so.1 (0x49926000)
        libcrypt.so.1 => /lib/libcrypt.so.1 (0x4a178000)
Comment 1 James Hunt 2007-04-11 16:27:18 EDT
This problem seems to have miraculously disappeared after a flurry of selinux
updates (well, two actually :) from Dan.

Please close.

Note You need to log in before you can comment on or make changes to this bug.