[Pkg-sysvinit-devel] Bug#626725: initscripts: Needs to set SELinux labels for /run
Roger Leigh
rleigh at codelibre.net
Sun May 15 12:41:41 UTC 2011
On Sat, May 14, 2011 at 06:44:29PM +0100, Martin Orr wrote:
> Directories and symlinks created as part of the /run transition are not
> labelled for SELinux. The effect is that most services fail to start on
> boot after transitioning to /run.
>
> You need to run restorecon after creating a directory or symbolic link
> in an init script or maintainer script. Attached patch does this.
>
> /run with SELinux also requires the refpolicy patch I have submitted in
> #626720. Once that is fixed, initscripts should probably have
> Breaks: selinux-policy-default (<< $FIXEDVERSION)
Hi Martin,
Is it safe to apply the patch /before/ refpolicy is updated or would
this break anything? Or is the Breaks: essential?
I could apply the patch today and then add the Breaks once refpolicy
is updated. Or I could wait until refpolicy is updated and do both
then.
Thanks,
Roger
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/
`- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-sysvinit-devel/attachments/20110515/767a0a0c/attachment.pgp>
More information about the Pkg-sysvinit-devel
mailing list