Bug#978547: fontconfig: Please create /var/cache/fontconfig with the default SELinux context
bauen1
j2468h at googlemail.com
Mon Dec 28 14:01:34 GMT 2020
Package: fontconfig
Version: 2.13.1-4.2
Severity: wishlist
X-Debbugs-Cc: j2468h at gmail.com
Dear Maintainer,
On an SELinux enabled system installing fontconfig results in the postinst script creating `/var/cache/fontconfig` .
However the postinst script doesn't reset the SELinux label to the default context like e.g. dpkg does when extracting packages, depending on the SELinux policy used, this could prevent legitimate access to `/var/cache/fontconfig` .
This minor annoyance could be fixed by using `mkdir -Z` instead of `mkdir` when creating `/var/cache/fontconfig` .
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.9.0-5-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Enforcing - Policy name: bauen1-policy
Versions of packages fontconfig depends on:
ii fontconfig-config 2.13.1-4.2
ii libc6 2.31-6
ii libfontconfig1 2.13.1-4.2
ii libfreetype6 2.10.4+dfsg-1
fontconfig recommends no packages.
fontconfig suggests no packages.
-- no debconf information
More information about the Pkg-freedesktop-maintainers
mailing list