Re: SE-Linux packages - Anton Emmerfors

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Anton Emmerfors <anton@vegasys.com>
To: selinux@tycho.nsa.gov
Subject: Re: SE-Linux packages
Date: Sat, 21 Sep 2002 10:12:29 +0200	[thread overview]
Message-ID: <20020921081229.9CE3D4128@galadriel> (raw)
In-Reply-To: <200209201747.53722.russell@coker.com.au>

On Fri, Sep 20, 2002 at 05:47:53PM +0200, Russell Coker wrote:
> 
> > [3] If installing packages after the SE-Linux version of dpkg has
> > been installed, but a SE-Linux kernel is not yet booted,
> > /etc/dpkg/postinst.d/selinux broke badly, and I had to disable it.
> 
> Yes, you could have just removed the "-e" in that script though...
> 
> Probably should make the script check for a running SE kernel and only try to 
> do anything if it's running.

I encountered the same problem and hacked the script as follows. Not
sure if it is the best test but it works for me...


	/Anton

-8<--8=--

#!/bin/sh -e

SELINUX=$(avc_enforcing 2>&1)
if [ "x$SELINUX" = "xpermissive" -o "x$SELINUX" = "xenforcing" ]; then
  if [ -e /etc/selinux ]; then
    make -s -C /etc/selinux file_contexts/file_contexts
    SETFILES=/usr/sbin/setfiles
    if [ -x /usr/sbin/setfiles.old ]; then
      SETFILES=/usr/sbin/setfiles.old
    fi
    dpkg -L $1 | grep ^/.. | $SETFILES -q -s /etc/selinux/file_contexts/file_contexts
    if [ -x /usr/sbin/setfiles.old -a "$1" = "selinux" ]; then
      rm /usr/sbin/setfiles.old
    fi
  fi
else
  echo "Not running on SELinux-enabled kernel, files not relabeled."
  echo "Run 'make -C /etc/selinux/ relabel' manually to relabel."
fi

-8<--8=--
						

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

next prev parent reply	other threads:[~2002-09-21  8:12 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-09-20  2:21 SE-Linux packages Brian May
2002-09-20 15:47 ` Russell Coker
2002-09-21  8:12   ` Anton Emmerfors [this message]
2002-09-24  3:07   ` Brian May
2002-09-24 11:54     ` Russell Coker
2002-09-27  6:09       ` Brian May
2002-09-27 10:54         ` Russell Coker
2002-09-24 11:54   ` Russell Coker
2002-09-27  9:29 ` Brian May
2002-10-01  8:07   ` Tom
2002-10-01 11:40     ` Stephen Smalley
2002-10-01 14:08     ` Russell Coker

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20020921081229.9CE3D4128@galadriel \
    --to=anton@vegasys.com \
    --cc=selinux@tycho.nsa.gov \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.