changing permissions during install
SE Linux requires that certain files have specific security contexts (well
they don't have to have them, but they may be blocked from what they want to
do otherwise).
For example the dhclient program needs permission to write to
/etc/resolv.conf, to assign IP addresses to interfaces, and to do raw reads
and writes on the network.
If the postinst of the dhclient package starts it before it has the
system_u:object_r:dhcpc_exec_t SID then it won't be able to operate.
I would like to be able to hook into the operation of dpkg so have my own
code run after the files are installed but before postinst so I can change
the security settings before the programs are run.
Is this possible? If not then can things be changed to make it possible?
Manoj, am I asking a stupid question here?
--
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page
Reply to: