Stephen Smalley wrote:
On Mon, 2004-10-11 at 02:34, Russell Coker wrote:
On Sat, 9 Oct 2004 02:14, Stephen Smalley <sds@xxxxxxxxxxxxxx> wrote:
/etc/ld.so.cache is supposed to be labeled ld_so_cache_t.ldconfig is being executed directly from rpm not via "sh -c ldconfig". This means that it doesn't transition to ldconfig_t.
Jeff, please change rpm to use "sh -c" for spawning all scripts including ldconfig and /usr/sbin/glibc_post_upgrade. Should I file a bugzilla against rpm?
Ironically, this used to work with the older rpm that did not setexeccon
to rpm_script_t for binaries, as there was a transition from rpm_t to
ldconfig_t in the policy. But since we asked Jeff to change the
behavior, the explicit setexeccon takes precedence over the default
transition, and ldconfig ends up running in rpm_script_t directly then.
Not so much irony as difficult coordination. Compiling "rpm_script_t" into rpm is
gonna be difficult coordination, and now that there are two behaviors, support
is gonna get messy too.
I'm open for better ideas, would like to have the choice of "rpm_script_t" exec type in libselinux
even though mechanism is of necessity in rpm.
How about a simple routine, I pass the interpreter (i.e. "/bin/sh" or "/sbin/ldconfig"), and
libselinux gives me the IDENTITY:ROLE:TYPE to set.
Even better, rpm will fork, then give libselinux argv[0] before doing execve. Then libselinux
can do whatever it wants.
You can have argv, not just argv[0] if you want too. ;-)
Sound like a plan?
73 de Jeff