how does rpm work under Selinux

Stephen Smalley sds at
Wed Jun 1 11:31:10 UTC 2005

On Wed, 2005-06-01 at 00:53 +0100, Mike Hearn wrote:
> On Tue, 31 May 2005 15:11:30 -0400, Stephen Smalley wrote:
> > rpm has been modified to set the security context on newly installed
> > files in accordance with the policy (based on the file_contexts
> > configuration).
> I thought RPMs could contain their own file contexts for each contained
> file, rather than relying on external regular expressions. Is this not the
> case? Was it ever the case? :)

That was the original approach during FC2 development, but was later
dropped.  With multiple policies (strict, targeted, mls, ...), including
potential customization by end users, it became problematic.

Stephen Smalley
National Security Agency

More information about the fedora-selinux-list mailing list