Ubuntu
selinux package

  1. Bug #876994
  2. Comment #8

Comment 8 for bug 876994

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

I can confirm Marc's assessment regarding Yama. On Ubuntu 10.04 (without yama):
$ ln -s /forcefsck /var/lock/selinux-relabel
$ sudo touch /var/lock/selinux-relabel
$ test -e /forcefsck && echo yes
yes
$

On 10.10 and higher (all versions confirmed):
$ ln -s /forcefsck /var/lock/selinux-relabel
$ sudo touch /var/lock/selinux-relabel
touch: cannot touch `/var/lock/selinux-relabel': Permission denied
$ test -e /forcefsck && echo yes
$