Bug 577403 - fetch-crl doesn't preserve file contexts
Summary: fetch-crl doesn't preserve file contexts
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: fetch-crl
Version: el5
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Steve Traylen
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-03-26 21:09 UTC by Wart
Modified: 2010-04-15 23:49 UTC (History)
2 users (show)

Fixed In Version: fetch-crl-2.8.4-1.el4
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-04-09 01:39:35 UTC
Type: ---


Attachments (Terms of Use)
Preseve selinux contexts on crl files (410 bytes, application/octet-stream)
2010-03-26 21:09 UTC, Wart
no flags Details

Description Wart 2010-03-26 21:09:04 UTC
Created attachment 402953 [details]
Preseve selinux contexts on crl files

Description of problem:
custom file contexts are not preserved after running fetch-crl.  While it is not common to set specific file contexts on CRLs, it would still be nice to preserve any that have been set.

Version-Release number of selected component (if applicable):
2.8.2-1.el5

How reproducible:
Always

Steps to Reproduce:
1. Set the standard context for certificates: semanage fcontext -a -t cert_t "/etc/grid-security(/.*)?"
2. run fetch-crl
3. ls -lZ /etc/grid-security/certificates/
  
Actual results:
File contexts show up as system_u:object_r:tmp_t:
-rw-r--r--  root root user_u:object_r:tmp_t            /etc/grid-security/certificates/0a2bac92.r0
-rw-r--r--  root root user_u:object_r:tmp_t            /etc/grid-security/certificates/1149214e.r0
-rw-r--r--  root root user_u:object_r:tmp_t            /etc/grid-security/certificates/11b4a5a2.r0


Expected results:
File contexts should show up as system_u:object_r:cert_t:
-rw-r--r--  root root system_u:object_r:cert_t         /etc/grid-security/certificates/09ff08b7.r0
-rw-r--r--  root root system_u:object_r:cert_t         /etc/grid-security/certificates/0a12b607.r0
-rw-r--r--  root root system_u:object_r:cert_t         /etc/grid-security/certificates/0a2bac92.r0


Additional info:
The attached patch was made against fetch-crl 2.6.6, but will also apply against 2.8.2.

Comment 1 Fedora Update System 2010-03-27 10:02:42 UTC
fetch-crl-2.8.2-2.el4 has been submitted as an update for Fedora EPEL 4.
http://admin.fedoraproject.org/updates/fetch-crl-2.8.2-2.el4

Comment 2 Fedora Update System 2010-03-27 10:03:31 UTC
fetch-crl-2.8.2-2.el5 has been submitted as an update for Fedora EPEL 5.
http://admin.fedoraproject.org/updates/fetch-crl-2.8.2-2.el5

Comment 3 Fedora Update System 2010-03-27 10:04:02 UTC
fetch-crl-2.8.2-2.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/fetch-crl-2.8.2-2.fc11

Comment 4 Fedora Update System 2010-03-27 10:04:33 UTC
fetch-crl-2.8.2-2.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/fetch-crl-2.8.2-2.fc12

Comment 5 Fedora Update System 2010-03-27 10:05:04 UTC
fetch-crl-2.8.2-2.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/fetch-crl-2.8.2-2.fc13

Comment 6 Steve Traylen 2010-03-27 19:13:12 UTC
The patch will need changing upstream but Fedora/EPEL it'sjust fine.
Thanks.
Steve.

Comment 7 Fedora Update System 2010-03-28 17:44:48 UTC
fetch-crl-2.8.3-1.el4 has been submitted as an update for Fedora EPEL 4.
http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.el4

Comment 8 Fedora Update System 2010-03-28 17:45:36 UTC
fetch-crl-2.8.3-1.el5 has been submitted as an update for Fedora EPEL 5.
http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.el5

Comment 9 Fedora Update System 2010-03-28 17:46:15 UTC
fetch-crl-2.8.3-1.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.fc11

Comment 10 Fedora Update System 2010-03-28 17:46:50 UTC
fetch-crl-2.8.3-1.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.fc12

Comment 11 Fedora Update System 2010-03-28 17:47:25 UTC
fetch-crl-2.8.3-1.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.fc13

Comment 12 Fedora Update System 2010-03-30 02:15:07 UTC
fetch-crl-2.8.3-1.fc12 has been pushed to the Fedora 12 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update fetch-crl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.fc12

Comment 13 Fedora Update System 2010-03-30 02:26:05 UTC
fetch-crl-2.8.3-1.fc11 has been pushed to the Fedora 11 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update fetch-crl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.fc11

Comment 14 Fedora Update System 2010-04-01 19:30:12 UTC
fetch-crl-2.8.3-1.fc13 has been pushed to the Fedora 13 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update fetch-crl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.fc13

Comment 15 Fedora Update System 2010-04-01 21:02:20 UTC
fetch-crl-2.8.3-1.el4 has been pushed to the Fedora EPEL 4 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update fetch-crl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.el4

Comment 16 Fedora Update System 2010-04-01 21:03:17 UTC
fetch-crl-2.8.3-1.el5 has been pushed to the Fedora EPEL 5 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update fetch-crl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.el5

Comment 17 Fedora Update System 2010-04-06 19:55:27 UTC
fetch-crl-2.8.4-1.fc13 has been pushed to the Fedora 13 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update fetch-crl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.4-1.fc13

Comment 18 Fedora Update System 2010-04-07 22:16:05 UTC
fetch-crl-2.8.4-1.el5 has been pushed to the Fedora EPEL 5 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update fetch-crl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.4-1.el5

Comment 19 Fedora Update System 2010-04-07 22:18:30 UTC
fetch-crl-2.8.4-1.el4 has been pushed to the Fedora EPEL 4 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update fetch-crl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.4-1.el4

Comment 20 Fedora Update System 2010-04-09 01:39:23 UTC
fetch-crl-2.8.4-1.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 21 Fedora Update System 2010-04-09 01:42:26 UTC
fetch-crl-2.8.4-1.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 22 Fedora Update System 2010-04-09 03:48:37 UTC
fetch-crl-2.8.4-1.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 23 Fedora Update System 2010-04-15 23:48:08 UTC
fetch-crl-2.8.4-1.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 24 Fedora Update System 2010-04-15 23:48:50 UTC
fetch-crl-2.8.4-1.el4 has been pushed to the Fedora EPEL 4 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.