On Thu, 2013-10-10 at 12:13 +0200, Dominick Grift wrote: > Let's not compare init scripts with dpkg scripts. > > The issue at hand here is that dpkg, and dpkg scripts do not install >files with the correct context.
So far as I can tell, that's very much _not_ the issue at hand. This bug is precisely about files created outside of the packaging system, not by it. init scripts are a common creator of such files (e.g. state in /run) but scripts downloading files from external locations are another; for example, see the bug marked as being blocked by this one. On a related note, "dpkg script" is not a term generally used within Debian. Are you referring to what we'd call maintainer scripts? (Pre/post removal/installation scripts.) > As a Fedora user, i am not very familiar with dpkg, That much is clear. :-) > but i can tell you > that rpm, and the rpm script mechanism are SELinux aware. A quick grep of dpkg's source code will demonstrate that this is also the case for dpkg. A small bit of archaeology leads to 2005-06-11 Manoj Srivastava <sriva...@debian.org> * lib/star.c (ExtractFile, SetModes): If dpkg is compiled with SELinux, test once whether SELinux is enabled on the system. If it is enabled, find out the security context of the file from its path and either set what we think it should be or let the default security context for the process be applied. Regards, Adam -- To UNSUBSCRIBE, email to debian-policy-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1381431927.19154.28.ca...@jacala.jungle.funky-badger.org