changing permissions during install

To: Debian Devel <debian-devel@lists.debian.org>
Subject: changing permissions during install
From: Russell Coker <russell@coker.com.au>
Date: Fri, 25 Jan 2002 14:11:41 +1100
Message-id: <[🔎] 20020125031142.3E2C63A20FD@lyta.coker.com.au>
Reply-to: Russell Coker <russell@coker.com.au>

SE Linux requires that certain files have specific security contexts (well 
they don't have to have them, but they may be blocked from what they want to 
do otherwise).

For example the dhclient program needs permission to write to 
/etc/resolv.conf, to assign IP addresses to interfaces, and to do raw reads 
and writes on the network.

If the postinst of the dhclient package starts it before it has the 
system_u:object_r:dhcpc_exec_t SID then it won't be able to operate.

I would like to be able to hook into the operation of dpkg so have my own 
code run after the files are installed but before postinst so I can change 
the security settings before the programs are run.

Is this possible?  If not then can things be changed to make it possible?

Manoj, am I asking a stupid question here?

-- 
http://www.coker.com.au/bonnie++/     Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/       Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/     My home page

Reply to:

Follow-Ups:
- Re: changing permissions during install
  - From: Adam Heath <doogie@debian.org>
- Re: changing permissions during install
  - From: Julian Gilbey <J.D.Gilbey@qmul.ac.uk>

Prev by Date: Re: woody: Remaining RC bugs in base system
Next by Date: Re: changing permissions during install
Previous by thread: Re: woody: Remaining RC bugs in base system
Next by thread: Re: changing permissions during install
Index(es):
- Date
- Thread