If you are maintinaing of developing a Fedora Package.
Arjan van de Ven
arjan at infradead.org
Sat Oct 13 14:51:39 UTC 2007
On Sat, 13 Oct 2007 10:33:56 -0400
Daniel J Walsh <dwalsh at redhat.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> If the location of the executable changes,
> for example from /usr/bin to /usr/sbin. Please make sure the SELinux
> context is correct in the new location
>
> matchpathcon /usr/bin/MYAPP
> matchpathcon /ust/sbin/MYAPP
>
> If they aren't the same, then SELinux might have a problem.
>
> Please either fix the file_contect if you include SELinux policy or
> contact the maintainer of selinux-policy (me currently) package to
> tell him/her. This way we can coordinate the updates.
>
wouldn't it be a nice thing if the build system would notice such
changes and would send out a mail to some list if they happen... so
that you and others could just get automatic notices?
we could use the same for detecting things like "hey this rpm added a
setuid binary" and stuff like that.
I can think of about 40 other tests that I'd like to do in such a
program ;)
More information about the fedora-devel-list
mailing list