On Tue, 16 Mar 2004 01:47, Stephen Smalley <sds@xxxxxxxxxxxxxx> wrote: > > sed & mv, actually. > > Can you add a '/usr/sbin/restorecon etc/rndc.key' (and likewise for any > similarly created files)? That should restore the context on it based > on the installed file_contexts file. In such cases restorecon is the only option. In general when developing a package it's easiest to do the following things: 1) Put config files in a sub-directory of /etc whenever possible. Files take their type from the type of the parent directory by default. This means that we get the right label without any effort. Also programs that create files in that directory will not need write permission to etc_t (which may become important in later evolutions of the software). 2) Have a single script that creates the file. If creating the file in question is a relatively common operation then having a script to do it is easiest as we can have domain_auto_trans() rules to give the right context for the script. Of course there is the requirement that when doing a domain_auto_trans() on a script execution the target domain must not be more privileged than the source domain, otherwise you make a security hole. Having a single script to perform an operation generally gives us the best range of options for changing how it works on the SE Linux side with minimum disturbance to the rpm side. 3) Make sure that you create the temporary file in the target directory. mv across file systems is not atomic, and you get type labeling issues. The bind script in question is correct in this regard, but I'm just mentioning it now as it's a common mistake. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page