prelink and yum conflict
Stephen Smalley
sds at epoch.ncsc.mil
Tue Oct 12 12:57:28 UTC 2004
On Mon, 2004-10-11 at 02:34, Russell Coker wrote:
> On Sat, 9 Oct 2004 02:14, Stephen Smalley <sds at epoch.ncsc.mil> wrote:
> > /etc/ld.so.cache is supposed to be labeled ld_so_cache_t.
>
> ldconfig is being executed directly from rpm not via "sh -c ldconfig". This
> means that it doesn't transition to ldconfig_t.
>
> Jeff, please change rpm to use "sh -c" for spawning all scripts including
> ldconfig and /usr/sbin/glibc_post_upgrade. Should I file a bugzilla against
> rpm?
Ironically, this used to work with the older rpm that did not setexeccon
to rpm_script_t for binaries, as there was a transition from rpm_t to
ldconfig_t in the policy. But since we asked Jeff to change the
behavior, the explicit setexeccon takes precedence over the default
transition, and ldconfig ends up running in rpm_script_t directly then.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the selinux
mailing list