Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 410955

Summary: Portage /var/lib/portage/config is an ldconfig cache file (SELinux)
Product: Gentoo Linux Reporter: Sven Vermeulen (RETIRED) <swift>
Component: HardenedAssignee: SE Linux Bugs <selinux>
Status: RESOLVED INVALID    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Sven Vermeulen (RETIRED) gentoo-dev 2012-04-05 21:04:33 UTC 
When portage works on /var/lib/portage/config, it easily marks it (SELinux-wise) as portage_cache_t. However, this should be ldconfig_cache_t as it is ldconfig that works on it, and there is no reason for portage to have it as portage_cache_t.

We need to figure out which domain is writing this file and see if it can either use setfscreate() to use the proper context (and patch the policies to use the proper context) or, if plausible, update the policy with a named file transition on it.

Reproducible: Always
Comment 1 Sven Vermeulen (RETIRED) gentoo-dev 2012-08-15 15:23:00 UTC 
So I was wrong, this is not about ldconfig_cache_t.