Created attachment 402953 [details] Preseve selinux contexts on crl files Description of problem: custom file contexts are not preserved after running fetch-crl. While it is not common to set specific file contexts on CRLs, it would still be nice to preserve any that have been set. Version-Release number of selected component (if applicable): 2.8.2-1.el5 How reproducible: Always Steps to Reproduce: 1. Set the standard context for certificates: semanage fcontext -a -t cert_t "/etc/grid-security(/.*)?" 2. run fetch-crl 3. ls -lZ /etc/grid-security/certificates/ Actual results: File contexts show up as system_u:object_r:tmp_t: -rw-r--r-- root root user_u:object_r:tmp_t /etc/grid-security/certificates/0a2bac92.r0 -rw-r--r-- root root user_u:object_r:tmp_t /etc/grid-security/certificates/1149214e.r0 -rw-r--r-- root root user_u:object_r:tmp_t /etc/grid-security/certificates/11b4a5a2.r0 Expected results: File contexts should show up as system_u:object_r:cert_t: -rw-r--r-- root root system_u:object_r:cert_t /etc/grid-security/certificates/09ff08b7.r0 -rw-r--r-- root root system_u:object_r:cert_t /etc/grid-security/certificates/0a12b607.r0 -rw-r--r-- root root system_u:object_r:cert_t /etc/grid-security/certificates/0a2bac92.r0 Additional info: The attached patch was made against fetch-crl 2.6.6, but will also apply against 2.8.2.
fetch-crl-2.8.2-2.el4 has been submitted as an update for Fedora EPEL 4. http://admin.fedoraproject.org/updates/fetch-crl-2.8.2-2.el4
fetch-crl-2.8.2-2.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/fetch-crl-2.8.2-2.el5
fetch-crl-2.8.2-2.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/fetch-crl-2.8.2-2.fc11
fetch-crl-2.8.2-2.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/fetch-crl-2.8.2-2.fc12
fetch-crl-2.8.2-2.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/fetch-crl-2.8.2-2.fc13
The patch will need changing upstream but Fedora/EPEL it'sjust fine. Thanks. Steve.
fetch-crl-2.8.3-1.el4 has been submitted as an update for Fedora EPEL 4. http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.el4
fetch-crl-2.8.3-1.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.el5
fetch-crl-2.8.3-1.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.fc11
fetch-crl-2.8.3-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.fc12
fetch-crl-2.8.3-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.fc13
fetch-crl-2.8.3-1.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update fetch-crl'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.fc12
fetch-crl-2.8.3-1.fc11 has been pushed to the Fedora 11 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update fetch-crl'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.fc11
fetch-crl-2.8.3-1.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update fetch-crl'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.fc13
fetch-crl-2.8.3-1.el4 has been pushed to the Fedora EPEL 4 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update fetch-crl'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.el4
fetch-crl-2.8.3-1.el5 has been pushed to the Fedora EPEL 5 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update fetch-crl'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.3-1.el5
fetch-crl-2.8.4-1.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update fetch-crl'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.4-1.fc13
fetch-crl-2.8.4-1.el5 has been pushed to the Fedora EPEL 5 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update fetch-crl'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.4-1.el5
fetch-crl-2.8.4-1.el4 has been pushed to the Fedora EPEL 4 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update fetch-crl'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/fetch-crl-2.8.4-1.el4
fetch-crl-2.8.4-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
fetch-crl-2.8.4-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
fetch-crl-2.8.4-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
fetch-crl-2.8.4-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
fetch-crl-2.8.4-1.el4 has been pushed to the Fedora EPEL 4 stable repository. If problems still persist, please make note of it in this bug report.