237664 – [selinux] openrc's runscript does not properly load selinux module

Bug 237664 - [selinux] openrc's runscript does not properly load selinux module

Summary: [selinux] openrc's runscript does not properly load selinux module

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Hardened (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	SE Linux Bugs

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2008-09-14 22:46 UTC by Michael Edenfield
Modified:	2008-10-03 13:42 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
check for selinux module in previous location (runscript-selinux.patch,999 bytes, patch) 2008-09-14 22:49 UTC, Michael Edenfield	Details \| Diff
Update policycoreutils-extra to be openrc-aware (policycoreutils-extra-openrc.patch,505 bytes, patch) 2008-09-14 23:43 UTC, Michael Edenfield	Details \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Edenfield 2008-09-14 22:46:08 UTC

openrc changes the location of the rc lib directory from /lib/rcscripts to /lib/rc, which no longer contains the selinux module.  This causes services to launch under the wrong context, or fail to launch at all.

Comment 1 Michael Edenfield 2008-09-14 22:49:39 UTC

Created attachment 165431 [details, diff]
check for selinux module in previous location

If the selinux module for runscript is not found in the rc lib directory, check the previous location (/lib/rcscripts) as well.

Comment 2 Michael Edenfield 2008-09-14 23:43:18 UTC

Created attachment 165435 [details, diff]
Update policycoreutils-extra to be openrc-aware

This patch is probably a better long-term solution than changing openrc itself.

Comment 3 Chris PeBenito (RETIRED) gentoo-dev

2008-10-03 13:42:10 UTC

fixed in policycoreutils 2.0