On Sat, Jun 26, 2004 at 05:12:34PM -0700, Gary Peck wrote:
Could this be an issue with apt? I'm actually using apt-get to install these packages. When I tried using "rpm -Uvh ..." directly, it seemed to set the contexts correctly as you say. However, when I did it with apt-get again, I saw the same problem. Here's some files from the mozilla package with their correct contexts:
system_u:object_r:shlib_t /usr/lib/mozilla-1.7/components/libaccessibility.so system_u:object_r:shlib_t /usr/lib/mozilla-1.7/components/libaddrbook.so system_u:object_r:shlib_t /usr/lib/mozilla-1.7/components/libappcomps.so system_u:object_r:shlib_t /usr/lib/mozilla-1.7/components/libautoconfig.so
Then I run "apt-get install mozilla", which upgrades mozilla from 1.7-0.3.1 to 1.7-0.3.2. Afterwards, these same files (but from the new version of mozilla) have the following contexts:
root:object_r:lib_t /usr/lib/mozilla-1.7/components/libaccessibility.so root:object_r:lib_t /usr/lib/mozilla-1.7/components/libaddrbook.so root:object_r:lib_t /usr/lib/mozilla-1.7/components/libappcomps.so root:object_r:lib_t /usr/lib/mozilla-1.7/components/libautoconfig.so
I assumed that apt's behaviour should be the same since it's just using rpm underneath, but maybe there's extra rpm API calls that need to be made by apt when it's running on a SELinux system?
This is with apt-0.5.15cnc6-0.fdr.11.2, rpm-4.3.2-0.4.
Ok, I'm pretty sure it's an apt problem now. I tried installing the same package twice, once with apt using the rpm API directly (apt-get install ...), and once with apt calling the rpm binary externally (apt-get -o RPM::PM="external" install ...). When using the API, I see the same problem as above. When calling the rpm binary, the contexts get set correctly.
I've CC'ed the apt-rpm list as it's probably a more appropriate place for this discussion. Anyone there care to comment?
gary