[Bug 880] SELinux patch
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sun Apr 16 15:39:25 EST 2006
http://bugzilla.mindrot.org/show_bug.cgi?id=880
------- Comment #5 from dtucker at zip.com.au 2006-04-16 15:39 -------
(From update of attachment 1111)
>+LIBSELINUX=@LIBSELINUX@
[...]
>+ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBSELINUX) $(LIBS)
Instead of doing this, I think we ought to split $LIBS up differently: generic
libs required for all programs, one for just the crypto libs and associated,
one for sshd only. The latter could replace LIBPAM and LIBWRAP.
We're now in the situation where we need it: libdl is either not needed, needed
for libpam only or needed for everything crypto-related (for openssl-0.9.8*)
and this is messy to represent with the current implementation.
>+ if [ -x /sbin/restorecon ]; then
>+ /sbin/restorecon $RSA1_KEY.pub
>+ fi
Is this a a valid thing to do, eg, if selinux is installed but disabled at
runtime?
Still need to look through the rest of the patch...
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list