SELinux file context on /etc/resolv.conf #283
Description
Describe the bug
Starting an initial connection breaks the SELinux file context on /etc/resolv.conf.
OS and app information:
- Linux (OpenSUSE Tumbleweed). Note, Tumbleweed defaulted to using SELinux back in February:
https://news.opensuse.org/2025/02/13/tw-plans-to-adopt-selinux-as-default/ - windscribe-cli-2.18.8-0.x86_64
To Reproduce
Steps to reproduce the behavior:
- Install package.
- Login.
- Connect.
- Disconnect.
File context before:
-rw-r--r--. 1 root root system_u:object_r:net_conf_t:s0 55 Dec 10 13:29 /etc/resolv.confFile context after:
ls -alZ /etc/resolv.conf*
-rw-r--r--. 1 root root system_u:object_r:tmp_t:s0 25 Dec 10 13:46 /etc/resolv.conf
-rw-r--r--. 1 root root system_u:object_r:etc_t:s0 55 Dec 10 13:37 /etc/resolv.conf.default
As far as I can see, the "/opt/windscribe/scripts/update-network-manager" script copies and moves files around but doesn't take SELinux into account.
Fix suggestions:
- Change "cp" commands to "cp -a".
- Add "restorecon -F" commands after "mv" commands.
Expected behavior
The SELinux file context on /etc/resolv.conf should be unchanged.
Debug log or username
N/A.
Screenshots
N/A.
Additional context
Unknown.