On Wed, Jan 15, 2014 at 05:37:06PM +0800, Yang Chengwei wrote: > On Thu, Jan 02, 2014 at 10:48:16PM +0000, Schaufler, Casey wrote: > > > > > > If you are installing individual packages on a Tizen 3 system please be sure > > that you have the right Smack label. You can see what the Smack label of > > your > > process is using “id –Z”. If your process label is not “_” you may be > > surprised > > by some of the files that will be given your current process label. Files > > created by post-installation operations will get your current label. It is > > also > > possible that some of the post-installation operations will impact files > > from > > other packages, causing mysterious failures that seem unrelated to the > > package > > you’ve installed. If the package you are installing has a proper manifest > > file > > this will not be a problem. > > > > > > > > You can change the Smack label of your process to “_” by: > > > > > > > > # echo _ > /proc/self/attr/current > > > > # installation command > > Just did below test in Tizen 3.0 mobile image (20140114.2) and got > confused myself.
Oh, oops, the warmming cubic makes me lost my mind. There wasn't any ">" in below commands! Thanks Passion! And just double checked, only builtin "echo" can work as expected, the echo from coreutils doesn't. -- Thanks, Chengwei > > -----------------------8<------------------------------------------ > sh-4.2# ps -Z $$ > LABEL PID TTY STAT TIME COMMAND > System 377 pts/0 Ss 0:00 /bin/sh - > > sh-4.2# /bin/echo "_" /proc/self/attr/current > _ /proc/self/attr/current > > sh-4.2# ps -Z $$ > LABEL PID TTY STAT TIME COMMAND > System 377 pts/0 Ss 0:00 /bin/sh - > > sh-4.2# chsmack /usr/bin/touch > /usr/bin/touch access="_" > > sh-4.2# touch /file > > sh-4.2# chsmack /file > /file access="System" > ------------------------8<------------------------------------- > > So apparently echo from coreutils didn't change the shell context label, > and the later created file still inheriented the smack label of process. > > ------------------------8<------------------------------------ > sh-4.2# echo "_" /proc/self/attr/current > _ /proc/self/attr/current > > sh-4.2# ps -Z $$ > LABEL PID TTY STAT TIME COMMAND > System 377 pts/0 Ss 0:00 /bin/sh - > > sh-4.2# chsmack /usr/bin/touch > /usr/bin/touch access="_" > > sh-4.2# touch /file2 > > sh-4.2# chsmack /file2 > /file2 access="System" > ------------------------8<---------------------------------------- > > And this made me confused, as you said, the shell builtin echo should > change the smack label of current shell, so the later process started by > shell should inherient its label if it has no its own SMACK64EXEC label. > > So as I understand, the new file /file2 should has "_" access label > rather than "System". > > -- > Thanks, > Chengwei > > > > > > > > > Thanks, and sorry for any confusion. > > > > > > > > > _______________________________________________ > > Dev mailing list > > [email protected] > > https://lists.tizen.org/listinfo/dev > > _______________________________________________ > Dev mailing list > [email protected] > https://lists.tizen.org/listinfo/dev
signature.asc
Description: Digital signature
_______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
