On Thu, 01 Jul 2004 08:14:09 EDT, Daniel J Walsh <dwalsh@xxxxxxxxxx> said:
> Todays policycoreutils has a new cron job, fixfiles.cron, that will run
> in /etc/cron.daily. This script will run a check on the file system on
> Suggestions on improvements? Comments?
(I'd bugzilla this but I'm offline as I write this)
FC2 devel tree, with policycoreutils-1.14.1-1
The cronjob tosses a few error messages due to a fixfiles bug:
/etc/cron.daily/fixfiles.cron:
/sbin/fixfiles: line 111: [: =: unary operator expected
/sbin/fixfiles: line 111: [: =: unary operator expected
logging to /var/tmp/fixfiles.WBgGN24978
Patch follows:
% diff -up /sbin/fixfiles.dist /sbin/fixfiles
--- /sbin/fixfiles.dist 2004-06-30 13:40:47.000000000 -0400
+++ /sbin/fixfiles 2004-07-03 13:22:59.403549435 -0400
@@ -30,6 +30,7 @@ rpmFlag=0
rpmFiles=""
outfileFlag=0
OUTFILES=""
+logfileFlag=0
LOGFILE=`mktemp /var/tmp/fixfiles.XXXXXXXXXX` || exit 1
SETFILES=/usr/sbin/setfiles
FILESYSTEMS=`mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[23]| xfs | reiserfs ).*rw/{print $3}';`
I also need to figure out why /var/tmp/badcontexts seems to be
totally broken. In the run-parts output, setfiles says for /var:
/usr/sbin/setfiles: labeling files under /var
/usr/sbin/setfiles: relabeling /var/lib/scrollkeeper/TOC/464 from root:object_r:rpm_var_lib_t to system_u:object_r:var_lib_t
/usr/sbin/setfiles: relabeling /var/lib/scrollkeeper/index/464 from root:object_r:rpm_var_lib_t to system_u:object_r:var_lib_t
/usr/sbin/setfiles: relabeling /var/run/lpd.515 from system_u:object_r:lpd_var_run_t to system_u:object_r:var_run_t
/usr/sbin/setfiles: relabeling /var/run/lprng from system_u:object_r:var_run_t to system_u:object_r:lpd_var_run_t
/usr/sbin/setfiles: hash table stats: 1264 elements, 1264/65536 buckets used, longest chain len
OK... So I have 4 files with context issues on /var (which is an issue in and
of itself, but not the point here. badfilecontexts however contains:
/var/lib/rpm/__db.001
/var/lib/rpm/__db.002
/var/lib/rpm/__db.003
/var/lib/alternatives/print
/var/lib/scrollkeeper/TOC/495
/var/lib/scrollkeeper/TOC/496
/var/lib/scrollkeeper/TOC/497
/var/lib/scrollkeeper/TOC/498
/var/lib/scrollkeeper/TOC/499
<<many lines elided>>
/var/lib/scrollkeeper/TOC/528
/var/lib/scrollkeeper/TOC/529
/var/lib/scrollkeeper/TOC/464
/var/lib/scrollkeeper/index/495
/var/lib/scrollkeeper/index/496
/var/lib/scrollkeeper/index/497
<more lines elided>>
/var/lib/scrollkeeper/index/529
/var/lib/scrollkeeper/index/464
/var/lib/scrollkeeper/scrollkeeper_docs
/var/lib/texmf/ls-R
/var/cache/man/cat8/grub-install.8.bz2
/var/cache/man/cat8/acpid.8.bz2
/var/lock/subsys/psacct
/var/lock/rpm/transaction
/var/run/lpd.515
/var/run/lprng
Total output of the relabelling is about 150 lines, but /var/tmp/badcontexts
is 86,978 lines, many of which make no sense at all (for instance,
it flagged apparently every single file in my Linux kernel source trees
for no apparent reason - consider the following spot check:
# egrep 'linux[^/]*/Makefile$' /var/tmp/badcontext
/usr/src/linux-2.6.7-mm4/Makefile
/usr/src/linux-2.6.7-mm5/security/selinux/Makefile
/usr/src/linux-2.6.7-mm5/Makefile
/usr/src/linux-2.6.7-mm3/Makefile
# ls -l --context /usr/src/linux-2.6.7-mm[345]/Makefile /usr/src/linux-2.6.7-mm5/security/selinux/Makefile
-rw-r--r-- valdis valdis system_u:object_r:src_t /usr/src/linux-2.6.7-mm3/Makefile
-rw-r--r-- valdis valdis system_u:object_r:src_t /usr/src/linux-2.6.7-mm4/Makefile
-rw-r--r-- valdis valdis system_u:object_r:src_t /usr/src/linux-2.6.7-mm5/Makefile
-rw-r--r-- valdis valdis system_u:object_r:src_t /usr/src/linux-2.6.7-mm5/security/selinux/Makefile
When actually relabelling, fixfiles doesn't see anything wrong with
these 4 Makefiles...
Attachment:
pgpyI8LtUXKs2.pgp
Description: PGP signature
