Bug feedback,When rpm-plugin-selinux and rpm -- root are used at the same time, the selinux status of the new directory cannot be correctly recognized #2399
kiraskyler
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
https://github.com/rpm-software-management/rpm/blob/master/plugins/selinux.c
When you specify
--root=other directories
when installing the software, only use the functionselinux_ status_ close
andselinux_ status_open
cannot get the status of the new installation directory. At this time, the functionselinux_ file_ context_path
still obtains the original environment when executing the rpm commandexample
Selinux in the old environment is target mode, while selinux in the new environment is mls mode
selinux_ file_ context_ path
gets the target modechroot
selinux_ file_ context_ path
still obtains the target modeThis is because this mode is read from the
/etc/selinux/config
file and needs to useselinux_reset_config
function can reload the config file in the new installation directoryThese actions may be required to repair this code
After the chroot of the rpm installation process, or the
sehandle_init
function, when the root directory is modified, executeselinux once_reset_config
functionPossible problems
The libselinux library used for the parsing of the
etc/seliux/config
file. If the libselinux of the installed environment is inconsistent with the libselinux of the current environment in the method of parsing this file (for example, when the version is updated), whether chroot is required and the libselinux library of the installed environment is dynamically loaded when calling libselinuxBeta Was this translation helpful? Give feedback.
All reactions