Labeling confusion with apt-get/dpkg

[Roger Brunell <rog_brunell@xxxxxxxxx>]

Chalk this up to inexperience, but I am confused, I think.
I used apt-get to install tcsh on my system. 'dpkg' was updated with the
sel-aware version. I then checked the labels and found conflicting data:

root@flattop:/usr/bin# cd /bin
root@flattop:/bin# ls -lZ bash
-rwxr-xr-x  root     root     system_u:object_r:shell_exec_t   bash
root@flattop:/bin# ls -lZ tcsh
-rwxr-xr-x  root     root     system_u:object_r:bin_t          tcsh
root@flattop:/bin# 

I look in /etc/selinux/strict/contexts/files/file_contexts:

    158 #
    159 # /bin
    160 #
    161 /bin(/.*)?                      system_u:object_r:bin_t
    162 /bin/tcsh               --      system_u:object_r:shell_exec_t
    163 /bin/bash               --      system_u:object_r:shell_exec_t
    164 /bin/bash2              --      system_u:object_r:shell_exec_t

bash's label came from line 163 (during a relabel op). While, it appears, that
tcsh's label is from 161 (updated by dpkg). But why not a match with 162?

Who reads and interprets the file_contexts file? It doesn't appear to be
conditional.



Roger Brunell

Infosec Engineer (retired)
"Born 20 years too early"


		
__________________________________ 
Discover Yahoo! 
Have fun online with music videos, cool games, IM and more. Check it out! 
http://discover.yahoo.com/online.html

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.