Stephen Smalley wrote:
On Fri, 2004-12-03 at 03:03, Joe Orton wrote:The new RPM is in FC3. We have also seen this problem, but have not been able to find the cause.
I've seen a few issues where file labels are getting lost:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=140706 http://bugs.php.net/bug.php?id=30952
and another one reported to the httpd users' list. Is there a known
cause of these problems? Is it prelink related, possibly?
I've seen prior reports suggesting that it is prelink-related, but no hard evidence. On the other hand, I just checked my FC3 systems (all strict policy) and they don't have any mislabeled shared objects. While they have been getting regular updates via yum and the prelink cron job is present, I see that prelink has been getting denials because of the /etc/ld.so.cache mislabeling problem (problem in rpm, not sure if a fixed rpm has found its way into FC3 or not). So possibly if prelink wasn't encountering those denials on ld.so.cache, it would gone on to complete its processing and would have left the shared objects with the wrong label. I'll restorecon /etc/ld.so.cache again and see if the problem manifests upon the next prelink run.
We believe it is either prelink or rpm related.
Dan
