Bug 842384 - Glibc 2.5-81.el5_8.4 update changes SELinux context of nssswitch.conf to rpm_script_tmp_t
Summary: Glibc 2.5-81.el5_8.4 update changes SELinux context of nssswitch.conf to rpm_...
Status: CLOSED DUPLICATE of bug 818585
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: glibc (Show other bugs)
(Show other bugs)
Version: 5.8
Hardware: x86_64 Unspecified
Target Milestone: rc
: ---
Assignee: Jeff Law
QA Contact: qe-baseos-tools
Depends On:
TreeView+ depends on / blocked
Reported: 2012-07-23 16:24 UTC by Gary Anderson
Modified: 2016-11-24 15:55 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-07-23 16:31:22 UTC
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Gary Anderson 2012-07-23 16:24:12 UTC
Description of problem:
Update to latest glibc package (2.5-81.el5_8.4) on RHEL5.8 x86_64 changes context of /etc/nssswitch.conf to rpm_script_tmp_t, when it should remain etc_t.

Version-Release number of selected component (if applicable): glibc-2.5-81.el5_8.4

How reproducible:
every RHEL5.8 server updated

Steps to Reproduce:
1. update glibc to 2.5-81.el5_8.4
2. list the context of /etc/nssswitch.conf
Actual results:
/etc/nssswitch.conf SELinux context is changed to rpm_script_tmp_t.

Expected results:
/etc/nssswitch.conf SELinux context will remain (or after update scripts are run be changed back to) etc_t.

Additional info:
Permission Denied syscalls are seen in the audit.log for nscd.  After a restorecon/etc/nssswitch.conf, these syscalls are resolved.

Comment 1 Jeff Law 2012-07-23 16:31:22 UTC
Gary, are you sure you didn't update any other components, particular sudo at the same time.   We're currently tracking an issue where an update of sudo causes this kind of problem.

rpm -q --scripts sudo

Shows the scripts run by sudo when it's installed/updated.  Note that it twiddles nssswitch.conf in fun and interesting ways, but does not restore its selinux context properly when complete.

*** This bug has been marked as a duplicate of bug 818585 ***

Comment 2 Gary Anderson 2012-07-23 16:37:55 UTC
Jeff, I wasn't sure that glibc was the component that did it, I only filed it against that component as an rpm -q --whatprovides /etc/nsswitch.conf shows glibc owns it.  Sorry, I should have investigated further.  Interestingly we did update sudo at the same time, sudo-1.7.2p1-14.el5_8.x86_64 is now our installed version.  Thanks for the correction.

Note You need to log in before you can comment on or make changes to this bug.