How to properly upgrade policy
Bob Gustafson
bobgus at rcn.com
Fri Jun 25 19:07:16 UTC 2004
On Fri, 25 Jun 2004 12:17:16 -0400, Stephen Smalley wrote:
>On Fri, 2004-06-25 at 11:28, Bob Gustafson wrote:
>> However, looking my output from fixfiles, it seems as though there are
>> gross changes in policy that are occasionally occuring during this
>> development phase (object_r -> system_r).
>
>Files shouldn't be labeled with system_r, and I see no instances of
>system_r in either the strict or targeted file_contexts file. Details?
>
>--
>Stephen Smalley <sds at epoch.ncsc.mil>
>National Security Agency
>
I was looking around for the log of my fixfiles run at the time I wrote the
message and did not find them in /tmp. Later found them in /var/tmp
Faulty memory created the (object_r -> system_r) shown above.
Some of the actual lines (317) are shown below:
Many of the relabelings were from root: to system_u (not _r)
/usr/sbin/setfiles: relabeling /usr/share/texmf/web2c/pdflatex.log from
root:object_r:rpm_script_tmp_t to system_u:object_r:usr_t
/usr/sbin/setfiles: relabeling /usr/share/texmf/web2c/pdfjadetex.fmt from
root:object_r:rpm_script_tmp_t to system_u:object_r:usr_t
/usr/sbin/setfiles: relabeling /usr/share/texmf/web2c/pdfxmltex.log from
root:object_r:rpm_script_tmp_t to system_u:object_r:usr_t
/usr/sbin/setfiles: relabeling /usr/share/texmf/web2c/amstex.fmt from
root:object_r:rpm_script_tmp_t to system_u:object_r:usr_t
/usr/sbin/setfiles: relabeling /usr/share/texmf/web2c/bamstex.log from
root:object_r:rpm_script_tmp_t to system_u:object_r:usr_t
/usr/sbin/setfiles: relabeling /usr/share/texmf/web2c/cont-en.efmt from
root:object_r:rpm_script_tmp_t to system_u:object_r:usr_t
/usr/sbin/setfiles: relabeling /usr/share/texmf/web2c/elatex.log from
root:object_r:rpm_script_tmp_t to system_u:object_r:usr_t
/usr/sbin/setfiles: relabeling /usr/share/texmf/web2c/lambda.oft from
root:object_r:rpm_script_tmp_t to system_u:object_r:usr_t
More information about the fedora-selinux-list
mailing list