prelink and yum conflict
Jeff Johnson
n3npq at nc.rr.com
Mon Oct 11 12:39:30 UTC 2004
Russell Coker wrote:
>On Sat, 9 Oct 2004 02:14, Stephen Smalley <sds at epoch.ncsc.mil> wrote:
>
>
>>/etc/ld.so.cache is supposed to be labeled ld_so_cache_t.
>>
>>
>
>ldconfig is being executed directly from rpm not via "sh -c ldconfig". This
>means that it doesn't transition to ldconfig_t.
>
>Jeff, please change rpm to use "sh -c" for spawning all scripts including
>ldconfig and /usr/sbin/glibc_post_upgrade. Should I file a bugzilla against
>rpm?
>
I would if it would "work".
This was my reasoning originally for limiting "rpm_script_t" to /bin/sh
execution, rather than
applying in general.
As long as glibc_post_upgrade is a static binary that attempts sshd
restart, policy
will be a bit more complex than otherwise. The restart of sshd is necessary
iff there is a incompatibility in one of the name service modules, a fairly
rare event.
Making glibc_post_upgrade actions a bit easier to see and change is
needed imho.
I'd suggest using the embedded lua now in rpm rather than the a
statically linked
helper. But that is probably a different problem than /etc/ld.so.cache
mentioned here.
Current behavior is to set "rpm_script_t" for all package interpreters
rather than
just /bin/sh.
What change(s) do you wish?
73 de Jeff
More information about the selinux
mailing list