Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 235744 - vim doesn't restore SELinux context on files after saving, requiring manual restorecon
Summary: vim doesn't restore SELinux context on files after saving, requiring manual r...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: vim
Version: 6
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Karsten Hopp
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-04-09 21:37 UTC by James Hunt
Modified: 2007-11-30 22:12 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-04-16 08:11:24 UTC


Attachments (Terms of Use)

Description James Hunt 2007-04-09 21:37:06 UTC
Description of problem:

When I edit a file in say, /etc, vim does *not* maintain the SELinux security
context of the file as it should.

Version-Release number of selected component (if applicable):

# rpm -qa|grep vim
vim-minimal-7.0.201-1.fc6
vim-common-7.0.201-1.fc6
vim-enhanced-7.0.201-1.fc6
vim-X11-7.0.201-1.fc6
# 

How reproducible:

Every time.

Steps to Reproduce:
1. Ensure roots .vimrc contains, ":set dir=>/tmp"
2. ls -lZ /etc/fstab
-rw-r--r--  root root system_u:object_r:etc_t          /etc/fstab
3. vi /etc/fstab
4. :wq

Actual results:

# ls -lZ /etc/fstab
-rw-r--r--  root root user_u:object_r:tmp_t            /etc/fstab

Expected results:

ls -lZ /etc/fstab
-rw-r--r--  root root system_u:object_r:etc_t          /etc/fstab

Additional info:

To fix the problem, run:

# restorecon -v /etc/fstab
restorecon reset /etc/fstab context
user_u:object_r:tmp_t:s0->system_u:object_r:etc_t:s0

Note: vim _is_ linked to libselinux:

# ldd `which vim`
        linux-gate.so.1 =>  (0x00e11000)
        libselinux.so.1 => /lib/libselinux.so.1 (0x4988f000)
        libncurses.so.5 => /usr/lib/libncurses.so.5 (0x4a1c2000)
        libacl.so.1 => /lib/libacl.so.1 (0x4902d000)
        libgpm.so.1 => /usr/lib/libgpm.so.1 (0x41000000)
        libperl.so =>
/usr/lib/perl5/5.8.8/i386-linux-thread-multi/CORE/libperl.so (0x4a014000)
        libresolv.so.2 => /lib/libresolv.so.2 (0x498fb000)
        libutil.so.1 => /lib/libutil.so.1 (0x49e9f000)
        libc.so.6 => /lib/libc.so.6 (0x48d24000)
        libm.so.6 => /lib/libm.so.6 (0x48e63000)
        libdl.so.2 => /lib/libdl.so.2 (0x48e8c000)
        libpthread.so.0 => /lib/libpthread.so.0 (0x48fca000)
        libsepol.so.1 => /lib/libsepol.so.1 (0x498a8000)
        /lib/ld-linux.so.2 (0x48d07000)
        libattr.so.1 => /lib/libattr.so.1 (0x499ac000)
        libnsl.so.1 => /lib/libnsl.so.1 (0x49926000)
        libcrypt.so.1 => /lib/libcrypt.so.1 (0x4a178000)

Comment 1 James Hunt 2007-04-11 20:27:18 UTC
This problem seems to have miraculously disappeared after a flurry of selinux
updates (well, two actually :) from Dan.

Please close.


Note You need to log in before you can comment on or make changes to this bug.