Hi, (I guess you meant non-invasive in Subject?) Axel Beckert <abe@debian.org> (21/07/2012): > SELinux support has not become a release goal, but Russell > nevertheless expressed that he'd be glad if this patch would make it > into Wheezy. Let's see… > Since I have to make at least one more upload of screen with i18n > stuff and documentation fixes anyway (which will happen either later > today or within the next few days), I wonder if the release team would > grant a freeze exception for an upload of screen if I would include > his one-line patch to the init.d script as shown below? (Spoiler alert: I don't think you want to upload that.) > ----- Forwarded message from Russell Coker <russell@coker.com.au> ----- > Date: Thu, 05 Jul 2012 20:39:11 +1000 > From: Russell Coker <russell@coker.com.au> > Subject: Bug#680360: screen: Please label /var/run/screen for SE Linux > > Package: screen > Version: 4.1.0~20120320gitdb59704-3 > Severity: normal > > Please apply a patch like the following to the init.d scripe to give > $SCREENDIR the correct SE Linux label. > > --- screen-cleanup.orig 2012-07-05 20:15:33.788913184 +1000 > +++ screen-cleanup 2012-07-05 20:18:59.729095142 +1000 > @@ -27,6 +27,7 @@ > rm -f $SCREENDIR > mkdir $SCREENDIR > chown root:utmp $SCREENDIR > + [ -x /sbin/restorecon ] && /sbin/restorecon $SCREENDIR > fi > find $SCREENDIR -type p -delete > # If the local admin has used dpkg-statoverride to install the screen > > [...] > ----- End forwarded message ----- (For lazy people following at home, it's about debian/init) The patched init script would have: | set -e | … | [ -x /sbin/restorecon ] && /sbin/restorecon $SCREENDIR Meaning you never get to do the clean-up and the chmod dance if the policycoreutils package isn't installed. Mraw, KiBi.
Attachment:
signature.asc
Description: Digital signature