[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#900580: Please restore SELinux context after creating the files in /var/lib/texmf

Package: tex-common
Version: 6.09
Severity: normal
User: selinux-devel@lists.alioth.debian.org
Usertags: selinux

Hi,

When installing tex related packages, files are being generated in
/var/lib/texmf by maintainer scripts/triggers

The generated files are ending being labeld as dpkg_script_tmp_t instead
of tetex_data_t as they are created in /tmp and then moved.

To fix this, there are several ways:

1) Run restorecon utility (when present) on the newly created files
2) move the files using the -Z option to the label is set atomically in
one go (the option is supported in current debian stable)
3) Copy the files instead of moving them, copied files ends with the
label of their parent folder

Kind regards,

Laurent Bigonville

# restorecon -Rv /var/lib/texmf
Relabeled /var/lib/texmf/web2c/metafont/mf.log from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/metafont/mf.base from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/tex/tex.fmt from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/tex/tex.log from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/pdftex/pdfetex.log from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/pdftex/pdftex.fmt from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/pdftex/etex.fmt from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/pdftex/pdftex.log from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/pdftex/pdfetex.fmt from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/pdftex/etex.log from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/luatex/dviluatex.fmt from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/luatex/dviluatex.log from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/luatex/luatex.fmt from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0
Relabeled /var/lib/texmf/web2c/luatex/luatex.log from unconfined_u:object_r:dpkg_script_tmp_t:s0 to unconfined_u:object_r:tetex_data_t:s0


-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.16.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8), LANGUAGE=fr_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Permissive - Policy name: refpolicy

Versions of packages tex-common depends on:
ii  dpkg  1.19.0.5+b1
ii  ucf   3.0038

tex-common recommends no packages.

Versions of packages tex-common suggests:
ii  debhelper  11.3.2

Versions of packages texlive-base depends on:
ii  debconf [debconf-2.0]  1.5.66
ii  libpaper-utils         1.1.24+nmu5
ii  texlive-binaries       2018.20180416.47457-4
ii  ucf                    3.0038
ii  xdg-utils              1.1.3-1

Versions of packages texlive-base recommends:
ii  lmodern  2.004.5-3

Versions of packages texlive-base suggests:
ii  evince [postscript-viewer]       3.28.2-1
ii  ghostscript [postscript-viewer]  9.22~dfsg-2.1
pn  perl-tk                          <none>
pn  xpdf-reader | pdf-viewer         <none>

Versions of packages texlive-binaries depends on:
ii  dpkg              1.19.0.5+b1
ii  libc6             2.27-3
ii  libcairo2         1.15.10-3
ii  libfontconfig1    2.13.0-5
ii  libfreetype6      2.8.1-2
ii  libgcc1           1:8.1.0-4
ii  libgmp10          2:6.1.2+dfsg-3
ii  libgraphite2-3    1.3.11-2
ii  libgs9            9.22~dfsg-2.1
ii  libharfbuzz-icu0  1.7.6-1+b1
ii  libharfbuzz0b     1.7.6-1+b1
ii  libice6           2:1.0.9-2
ii  libicu60          60.2-6
ii  libkpathsea6      2018.20180416.47457-4
ii  libmpfr6          4.0.1-1
ii  libpaper1         1.1.24+nmu5
ii  libpixman-1-0     0.34.0-2
ii  libpng16-16       1.6.34-1
ii  libpotrace0       1.15-1
ii  libptexenc1       2018.20180416.47457-4
ii  libsm6            2:1.2.2-1+b3
ii  libstdc++6        8.1.0-4
ii  libsynctex2       2018.20180416.47457-4
ii  libtexlua52       2018.20180416.47457-4
ii  libtexlua53       2018.20180416.47457-4
ii  libtexluajit2     2018.20180416.47457-4
ii  libx11-6          2:1.6.5-1
ii  libxaw7           2:1.0.13-1+b2
ii  libxext6          2:1.3.3-1+b2
ii  libxi6            2:1.7.9-1
ii  libxmu6           2:1.1.2-2
ii  libxpm4           1:3.5.12-1
ii  libxt6            1:1.1.5-1
ii  libzzip-0-13      0.13.62-3.1
ii  perl              5.26.2-5
ii  t1utils           1.41-2
ii  zlib1g            1:1.2.11.dfsg-1

Versions of packages texlive-binaries recommends:
ii  texlive-base  2018.20180505-1

-- debconf information excluded

-- debsums errors found:
debsums: changed file /usr/sbin/update-tl-stacked-conffile (from tex-common package)
Reply to: