| 2008-07-06 10:14:40 |
Rehan Khan |
description |
Storing the rpm %pre and %post scripts in /tmp causes issues with systems secured by selinux. For example on Fedora useradd and groupadd are specifically constrained from running scripts in /tmp (selinux-targetted policy) so any rpm script which wants to add a user or group will *silently* fail. The only way to see the failure is in setroubleshooter.
Is there a better way/place to process rpm's? If this is an rpm problem how can smart handle this? |
Storing the rpm %pre and %post scripts in /tmp causes issues with systems secured by selinux. For example on Fedora useradd and groupadd are specifically constrained from being run from scripts in /tmp (selinux- targeted policy) so any rpm script which wants to add a user or group will *silently* fail. The only way to see the failure is in setroubleshooter.
Is there a better way/place to process rpm's? If this is an rpm problem how can smart handle this? |
|
