[Bug 431588] selinux denial messages from yum-cron updates
bugzilla at redhat.com
bugzilla at redhat.com
Tue Nov 18 17:07:48 UTC 2008
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=431588
--- Comment #28 from Daniel Walsh <dwalsh at redhat.com> 2008-11-18 12:07:47 EDT ---
I would like 2 done.
Not 1. 1 is a work around.
If you use append, I can give several confined domains the ability to append to
the rpm log files, without giving them the ability to write(truncate) them.
diff -up /etc/cron.daily/yum.cron~ /etc/cron.daily/yum.cron
--- /etc/cron.daily/yum.cron~ 2008-03-13 15:05:18.000000000 -0400
+++ /etc/cron.daily/yum.cron 2008-11-18 12:06:24.000000000 -0500
@@ -34,6 +34,8 @@ if [ "$DOWNLOAD_ONLY" == "yes" ]; then
CHECK_ONLY=yes
fi
+touch $YUMTMP
+restorecon $YUMTMP
# Then check for updates and/or do them, as configured
{
if [ "$CHECK_ONLY" == "yes" ]; then
@@ -63,7 +65,7 @@ fi
/usr/bin/yum $YUM_PARAMETER -R $RANDOMWAIT -e ${ERROR_LEVEL:-0} -d
${DEBUG_LEVEL:-0} -y update yum
/usr/bin/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y
shell /etc/yum/yum-daily.yum
fi
-} > $YUMTMP 2>&1
+} >> $YUMTMP 2>&1
if [ ! -z "$MAILTO" ]; then
# if MAILTO is set, use mail command (ie better than standard mail with cron
output)
[root at localhost tmp]# gendiff /etc/cron.daily \~ > /tmp/t
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the fedora-triage-list
mailing list