How is /usr/share/texmf-var being managed? From the below log messages on upgrading policy it seems that an rpm postinst script is creating files in the /tmp directory and then moving them across. If so this seems like a bad idea (think about what happens if the machine crashes part way through the move process, what happens if /tmp has space but /usr doesn't, and the other possible issues). For SE Linux we could get this working by relabelling files after the package in question is installed/upgraded (the postinst of the package could call restorecon to do it). But it seems that a better solution would be to just put the files under /usr/share/texmf-var when they are first created. /sbin/restorecon reset context /usr/share/texmf-var/web2c/omega.log:root:object_r:rpm_script_tmp_t->system_u:object_r:usr_t /sbin/restorecon reset context /usr/share/texmf-var/web2c/bplain.fmt:root:object_r:rpm_script_tmp_t->system_u:object_r:usr_t /sbin/restorecon reset context /usr/share/texmf-var/web2c/aleph.log:root:object_r:rpm_script_tmp_t->system_u:object_r:usr_t /sbin/restorecon reset context /usr/share/texmf-var/web2c/mf.log:root:object_r:rpm_script_tmp_t->system_u:object_r:usr_t /sbin/restorecon reset context /usr/share/texmf-var/web2c/amstex.log:root:object_r:rpm_script_tmp_t->system_u:object_r:usr_t -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
