Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 475432 - SELinux kerberos files path differences
Summary: SELinux kerberos files path differences
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: SELinux (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: SE Linux Bugs
URL:
Whiteboard: sec-policy r3
Keywords:
Depends on:
Blocks:
 
Reported: 2013-07-01 15:34 UTC by Sven Vermeulen (RETIRED)
Modified: 2014-01-12 20:54 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sven Vermeulen (RETIRED) gentoo-dev 2013-07-01 15:34:49 UTC
15:28 <@SwifT> I'm guessing that /var/lib/krb5kdc is like /var/kerberos/krb5kdc?
15:28 < godlike> hmmm this is weird, I don't have /var/kerberos
15:28 < godlike> I only have /var/lib/krb5kdc
15:29 <@SwifT> perhaps the following works: "semanage fcontext -a -e /var/kerberos/krb5kdc /var/lib/krb5kdc" ?
15:29 <@SwifT> yes, that's because the kerberos module is written with certain default paths in mind, and gentoo either uses 
               different ones, or the author of the selinux policy used non-default ones 
15:30 <@SwifT> with the above semanage command (the one with "-e") it sould tell selinux that everything in /var/lib/krb5kdc should 
               be checked against /var/kerberos/krb5kdc in its own expression list
15:30 <@SwifT> so restorecon -R /var/lib/krb5kdc might fix the contexts there
15:31 < godlike> SwifT: drwxr-xr-x. 2 root root    system_u:object_r:krb5kdc_conf_t         4096 Jul  1 11:04 krb5kdc
15:31 < godlike> you're a wizard


Reproducible: Always
Comment 1 Sven Vermeulen (RETIRED) gentoo-dev 2013-08-15 18:34:03 UTC
Added same substitution entry to the file_contexts.subs_dist file.
Comment 2 Sven Vermeulen (RETIRED) gentoo-dev 2013-09-26 17:33:01 UTC
r3 is now in the tree, ~arch'ed
Comment 3 Sven Vermeulen (RETIRED) gentoo-dev 2014-01-12 20:54:46 UTC
r4 is now stable in the tree