Description of problem: When attempting to create a db file outside of /var/db, makedb gives an error about being unable to determine the context for the file. It works fine if the file is in /var/db. I believe this is related to the fix for https://bugzilla.redhat.com/show_bug.cgi?id=136522 Version-Release number of selected component (if applicable): nss_db-2.2-35.1 How reproducible: Every time Steps to Reproduce: 1. mkdir /tmp/foo 2. Edit /var/db/Makefile so that the VAR_DB line points to /tmp/foo 3. cd /var/db ; make Actual results: [root@svartalfheim db]# make passwd... makedb: cannot determine file context for `/tmp/foo/passwd.db' make: *** [/tmp/foo/passwd.db] Error 1 Expected results: passwd... done. group... done. protocols... done. rpc... done. services... done. shadow... done. Additional info:
Should be a relatively simple change to the patch which adds labeling of files. Test cases will entail calling makedb directly using various destination filenames, in permissive and enforcing mode, and making sure that it exits with an error message only if the file is supposed to have a specific label, passing that label to setfscreatecon() generated an error, and we're in enforcing mode.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2007-1145.html