restorecon vs. setfiles
Stephen Smalley
sds at epoch.ncsc.mil
Fri Jun 25 17:44:15 UTC 2004
On Fri, 2004-06-25 at 12:56, Daniel J Walsh wrote:
> Any chance the so files are getting created in a post install script?
> rpm should be working the same as restorecon and setfiles.
The .so symlink might be created by %post, but that is ok, as it just
gets the type of the parent directory anyway. Only the actual shared
object should have shlib_t, and that should be installed by rpm.
rpm source code appears to be passing the mode as part of the lookup, so
I don't think that is the issue.
rpm -Uvh --force libselinux*.rpm keeps the correct security context on
/lib/libselinux.so.1 for me, both on a strict policy machine and a
targeted policy machine. rpm is 4.3.2-0.4; I haven't updated to -1 yet.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list