Make patch SELinux compatible
Stephen Smalley
sds at tycho.nsa.gov
Thu May 20 19:58:07 UTC 2010
On Thu, 2010-05-20 at 14:12 +0200, yersinia wrote:
> On Thu, May 20, 2010 at 1:15 PM, Vadym Chepkov <vchepkov at gmail.com> wrote:
> > Hi,
> >
> > Is there a way to make patch in Redhat SELinux compatible?
> >
> > # ls -Z php.php
> > -rw-r--r-- root root user_u:object_r:httpd_sys_content_t:s0 php.php
> >
> > # patch -p1 < /root/php.patch
> > patching file php.php
> >
> > # ls -Z php.php
> > -rw-r--r-- root root user_u:object_r:tmp_t:s0 php.php
> Strange. For me this work as aspected, because patch first unlink php.php and
> after read /tmp/pxxxx and write php.php. Are you sure that the file
> context for your php.php was persistent (via semanage fscontext ) and
> not set via chcon ?
What distro release are you using? For me, patch is not preserving
context (as per the original bug report) on F-12.
--
Stephen Smalley
National Security Agency
More information about the selinux
mailing list