tmp files causing issues with selinux
Bug #245984 reported by
Rehan Khan
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Smart Package Manager |
Triaged
|
Medium
|
netmask |
Bug Description
Storing the rpm %pre and %post scripts in /tmp causes issues with systems secured by selinux. For example on Fedora useradd and groupadd are specifically constrained from being run from scripts in /tmp (selinux- targeted policy) so any rpm script which wants to add a user or group will *silently* fail. The only way to see the failure is in setroubleshooter.
Is there a better way/place to process rpm's? If this is an rpm problem how can smart handle this?
To post a comment you must log in.
I'm setting this to critical as it makes smart generally unusable on selinux constrained rpm based systems (Fedora 8/9).