On Wed, 2003-11-26 at 09:50, Daniel J Walsh wrote:
  

Ok, moving the ifdef(`dpkg.te') rule allowed login to relabel the tty
and me to login, but should we still make the change to getty to
relabel the tty?  If yes, how should getty determine what context to
set the tty too?  Do we need to add something to default_contexts or
is there another way to determine this?
    

If getty already resets the ownership, then it makes sense to also patch
it to reset the context.  It can pull a single context from a config
file like run_init does, or this could be the time to create that
libselinux function that returns the matching context from the file
contexts configuration for a given pathname...