Description of problem: Some patterns in /etc/selinux/targeted/contexts/files/file_contexts contain typo errors. Some patterns match the 32-bit path, but the same pattern for the 64-bit path is missing. Version-Release number of selected component (if applicable): selinux-policy-doc-3.7.19-153.el6.noarch selinux-policy-targeted-3.7.19-153.el6.noarch selinux-policy-3.7.19-153.el6.noarch selinux-policy-mls-3.7.19-153.el6.noarch selinux-policy-minimum-3.7.19-153.el6.noarch How reproducible: always Expected results: There are no typo errors in /etc/selinux/targeted/contexts/files/file_contexts. The file contains a 64-bit equivalent pattern to each 32-bit pattern if it makes sense.
# grep sesh /etc/selinux/targeted/contexts/files/file_contexts /usr/sbin/sesh -- system_u:object_r:shell_exec_t:s0 /usr/libsexec/sesh -- system_u:object_r:shell_exec_t:s0 # There is a redundant 's' in the libsexec pattern, which means that # ls -Z /usr/libexec/sesh -rwxr-xr-x. root root system_u:object_r:bin_t:SystemLow /usr/libexec/sesh # matchpathcon /usr/libsexec/sesh /usr/libsexec/sesh system_u:object_r:shell_exec_t:SystemLow #
# matchpathcon /usr/lib/cherokee /usr/lib/cherokee system_u:object_r:httpd_modules_t:SystemLow # matchpathcon /usr/lib64/cherokee /usr/lib64/cherokee system_u:object_r:lib_t:SystemLow # # matchpathcon /usr/lib/pgsql/test/regress/regressplans.sh /usr/lib/pgsql/test/regress/regressplans.sh system_u:object_r:bin_t:SystemLow # matchpathcon /usr/lib64/pgsql/test/regress/regressplans.sh /usr/lib64/pgsql/test/regress/regressplans.sh system_u:object_r:postgresql_db_t:SystemLow #
Good cacthes.
# matchpathcon /usr/lib/games/ /usr/lib/games system_u:object_r:games_exec_t:s0 # matchpathcon /usr/lib64/games/ /usr/lib64/games system_u:object_r:lib_t:s0 # # matchpathcon /usr/lib/eclipse/eclipse /usr/lib/eclipse/eclipse system_u:object_r:java_exec_t:s0 # matchpathcon /usr/lib64/eclipse/eclipse /usr/lib64/eclipse/eclipse system_u:object_r:lib_t:s0 #
This request was not resolved in time for the current release. Red Hat invites you to ask your support representative to propose this request, if still desired, for consideration in the next release of Red Hat Enterprise Linux.
This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development. This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-0314.html