[DSE-Dev] Bug#769803: policycoreutils: Please include /run/resolvconf/resolv.conf in /etc/selinux/restorecond.conf

[Bart-Jan Vrielink]

Package: policycoreutils
Version: 2.3-1
Severity: normal

Dear Maintainer,

resolvconf creates /run/resolvconf/resolv.conf (where /etc/resolv.conf is
symlinked to) using whatever SELinux context it currently is running in. I'm
not sure if this is (or should be) fixable in resolvconf, but a simple entry
in /etc/selinux/restorecond.conf would have saved me a lot of head ache :)

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (750, 'testing'), (400, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages policycoreutils depends on:
ii  init-system-helpers  1.21
ii  libaudit1            1:2.4-1
ii  libc6                2.19-13
ii  libcap2              1:2.24-6
ii  libdbus-1-3          1.8.10-1
ii  libdbus-glib-1-2     0.102-1
ii  libgcc1              1:4.9.1-19
ii  libglib2.0-0         2.42.0-2
ii  libpam0g             1.1.8-3.1
ii  libpcre3             1:8.35-3.1
ii  libselinux1          2.3-2
ii  libsemanage1         2.3-1
ii  libsepol1            2.3-2
ii  libstdc++6           4.9.1-19
ii  lsb-base             4.1+Debian13+nmu1
ii  psmisc               22.21-2
ii  python               2.7.8-2
ii  python-ipy           1:0.81-1
ii  python-selinux       2.3-2
ii  python-semanage      2.3-1
ii  python-sepolgen      1.2.1-1
ii  python-sepolicy      2.3-1
ii  python-setools       3.3.8-3.1
ii  selinux-utils        2.3-2

Versions of packages policycoreutils recommends:
ii  python-audit            1:2.4-1
ii  selinux-policy-default  2:2.20140421-7

Versions of packages policycoreutils suggests:
ii  selinux-policy-dev  2:2.20140421-7

-- Configuration Files:
/etc/selinux/restorecond.conf changed:
/etc/services
/etc/resolv.conf
/run/resolvconf/resolv.conf
/etc/samba/secrets.tdb
/etc/mtab
/etc/updatedb.conf
/var/run/cups
/var/run/dbus
/var/run/network
/var/run/network/ifstate
/var/run/PolicyKit
/var/run/utmp
/var/log/wtmp
/root/*
/root/.ssh/*


-- no debconf information