Intel compiler helper package with an SELinux problem

Jerry James loganjerry at gmail.com
Wed Oct 24 04:05:24 UTC 2007 

I have a little helper package for use with Intel's C and C++
compilers (icc and icpc), and debugger (idb).  You can see what I have
here:

  http://jjames.fedorapeople.org/icc-extras/

It works okay, but I have two problems with it that I hope someone on
this list has the expertise to help me solve.  I'd like to eventually
contribute this package to Fedora if I can get the problems ironed
out.

First, Intel's package names change with every release because the
version number is embedded.  For example, the version I am using now
is:

  intel-icc100026-10.0.026-1

The previous version had a package name of intel-icc100025.  The files
install into directories containing the version number, for example
/opt/intel/cc/10.0.26.  This means that it is easy to install multiple
versions in parallel.  Unfortunately, it makes my life difficult.  My
package doesn't need to change anything but the Intel version number
as Intel releases new versions.  There are reasons for not wanting to
release a new version of my package every time Intel makes a release
(for example, different versions are available to paying customers and
cheapskates like me).  So I made my package put symbolic links named
"current" into Intel's directories, so that I can refer to
/opt/intel/cc/current.  The scripts try to detect when the symbolic
links break and take appropriate action.  This would be a lot easier
if I could use an rpm trigger, but as I mentioned above, the package
names change with each Intel release.  Does anyone have a better
approach to suggest?

Second, the "current" symbolic links cause an SELinux problem.  When I
ran ldconfig, I got this:

:avc: denied { read } for comm="ldconfig" dev=dm-0 egid=0 euid=0
exe="/sbin/ldconfig" exit=0 fsgid=0 fsuid=0 gid=0 items=0
name="current" pid=4734 scontext=user_u:system_r:ldconfig_t:s0 sgid=0
subj=user_u:system_r:ldconfig_t:s0 suid=0 tclass=lnk_file
tcontext=user_u:object_r:usr_t:s0 tty=pts2 uid=0

So, while thinking of a better approach to suggest, think of how I
might avoid this problem too, please. :-)

Thanks in advance for any help.
-- 
Jerry James
http://loganjerry.googlepages.com/

More information about the fedora-devel-list mailing list