errors with labels after running for a while

Daniel J Walsh dwalsh at redhat.com
Mon Mar 15 16:35:15 UTC 2004


Stephen Smalley wrote:

>On Mon, 2004-03-15 at 09:40, Bill Nottingham wrote:
>  
>
>>postinstall scriptlet (using /bin/sh):
>>/sbin/chkconfig --add named
>>if [ -f etc/named.boot -a ! -f etc/named.conf ]; then
>>  if [ -x /usr/sbin/named-bootconf ]; then
>>    cat etc/named.boot | /usr/sbin/named-bootconf > etc/named.conf
>>    chmod 644 etc/named.conf
>>  fi
>>fi
>>if [ ! -e /etc/rndc.key.rpmnew ]; then
>>  sed -e "s/@KEY@/`/usr/sbin/dns-keygen`/" /etc/rndc.key >/etc/rndc.key.tmp
>>  mv -f /etc/rndc.key.tmp /etc/rndc.key
>>fi
>>chmod 0640 /etc/rndc.conf etc/rndc.key
>>chown root:named /etc/rndc.conf etc/rndc.key
>>/sbin/ldconfig
>>exit 0
>>
>>sed & mv, actually.
>>    
>>
>
>Can you add a '/usr/sbin/restorecon etc/rndc.key' (and likewise for any
>similarly created files)?  That should restore the context on it based
>on the installed file_contexts file.
>
>  
>
bind 9-2-3-9 has this patch

 >         if [ -x /usr/sbin/restorecon ]; then
 >               #
 >               # Restore selinux file_context
 >               #
 >               /usr/sbin/restorecon /etc/rndc.key
 >         fi






More information about the fedora-selinux-list mailing list