Re: changing permissions during install
On Fri, 25 Jan 2002, Russell Coker wrote:
> SE Linux requires that certain files have specific security contexts (well
> they don't have to have them, but they may be blocked from what they want to
> do otherwise).
>
> For example the dhclient program needs permission to write to
> /etc/resolv.conf, to assign IP addresses to interfaces, and to do raw reads
> and writes on the network.
>
> If the postinst of the dhclient package starts it before it has the
> system_u:object_r:dhcpc_exec_t SID then it won't be able to operate.
>
> I would like to be able to hook into the operation of dpkg so have my own
> code run after the files are installed but before postinst so I can change
> the security settings before the programs are run.
>
> Is this possible? If not then can things be changed to make it possible?
File permissions are easy. dpkg-statoverride.
Anything else is not possible(atm).
Reply to: