shared library and selinux
Daniel J Walsh
dwalsh at redhat.com
Wed Apr 28 15:46:56 UTC 2004
J. Scott Amort wrote:
>Hi All,
>
>I am developing a shared library on FC2T2, and am running into a problem
>with selinux. When I do a make install on my library, it places the
>file libfoo.so.0.0.0 in /usr/local/lib as expected, but puts up an error
>when running ldconfig:
>
>/sbin/ldconfig: Input file /usr/local/lib/libfoo.so.0.0.0 not found.
>
>The problem appears to be related to the selinux context, as the file
>definitely exists. It is creating libfoo.so.0.0.0 with a type context
>of lib_t, instead of the correct shlib_t. Once I change that and run
>ldconfig, it creates the links as expected. Also of note is that the
>user context is root (which makes sense as I sued to do the make
>install) instead of system_u, and although this doesn't appear to affect
>the use of the library, I wonder if it may be more consistent to have it
>labelled as the latter. Is this a simple mistake on my part, or should
>it be put in bugzilla? Thanks for any help.
>
>
Shared libraries are required to be labeled shlib_t. So in your make
install you could
just add
restorecon /usr/local/lib/libfoo.so.0.0.0
Files that get placed in a directory default to picking up the context
of the directory. If you installed
via RPM it would change the context to match the context as specified in
/etc/security/selinux/file_contexts.
restorecon does the same thing.
Dan
>Best,
>Scott
>
>
>
>
More information about the fedora-test-list
mailing list