[Pkg-sysvinit-devel] Bug#626725: initscripts: Needs to set SELinux labels for /run

Roger Leigh rleigh at codelibre.net
Sun May 15 12:41:41 UTC 2011


On Sat, May 14, 2011 at 06:44:29PM +0100, Martin Orr wrote:
> Directories and symlinks created as part of the /run transition are not
> labelled for SELinux.  The effect is that most services fail to start on
> boot after transitioning to /run.
> 
> You need to run restorecon after creating a directory or symbolic link
> in an init script or maintainer script.  Attached patch does this.
> 
> /run with SELinux also requires the refpolicy patch I have submitted in
> #626720.  Once that is fixed, initscripts should probably have
> Breaks: selinux-policy-default (<< $FIXEDVERSION)

Hi Martin,

Is it safe to apply the patch /before/ refpolicy is updated or would
this break anything?  Or is the Breaks: essential?

I could apply the patch today and then add the Breaks once refpolicy
is updated.  Or I could wait until refpolicy is updated and do both
then.


Thanks,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux             http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?       http://gutenprint.sourceforge.net/
   `-    GPG Public Key: 0x25BFB848   Please GPG sign your mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-sysvinit-devel/attachments/20110515/767a0a0c/attachment.pgp>


More information about the Pkg-sysvinit-devel mailing list