Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 133145
| Summary: | avc denied for tmpfs during boot | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | John Reiser <jreiser> | ||||
| Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 3 | CC: | wtogami | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | i386 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2004-10-15 17:11:01 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 130887, 133652 | ||||||
| Attachments: |
|
||||||
Created attachment 104090 [details]
grep "avc:" /var/log/messages # plus all selinux-related lines, to show context
I see 12 lines with avc: complaints.
THis is caused because the tmpfs xattr patch was pulled from the kernel. Please use the previous kernel (FC3-T2 kernel) until we have this sorted out. Dan kernel-2.6.8-1.541 is supposed to have tmpfs + xattrs. The next working tmpfs + xattrs kernel was 598+. Reiser mentions "permissive" mode. Are the xattrs being set properly in permissive mode? I see no complaints when booting to targeted, permissive mode using: kernel-2.6.8-1.541 selinux-policy-targeted-1.17.24-2 initscripts-7.85-1 The /var/log/messages at boot has: Oct 9 16:44:38 localhost kernel: SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs [I stopped running up2date on Oct.4 because my reading of fedora-test-list convinced me that FC3test2 had entered a phase of instability that was more than I wanted to handle.] Fixed with latest kernel (603) and policy-1.17.29-1. Yeah, we can mark this as fixed. |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040809 Epiphany/1.3.8 Description of problem: During boot to multiuser runlevel 5, there are various messages "avc: denied" with tmpfs_t being the common element. Version-Release number of selected component (if applicable): selinux-policy-targeted-1.17.18-3 How reproducible: Always Steps to Reproduce: 1. Boot to runlevel 5 using kernel-2.6.8-1.541, initscripts-7.82-1, and selinux-policy-targeted-1.17.18-3 in permissive mode. 2. 3. Actual Results: 12 lines in /var/log/messages with "avc: denied", all featuring tmpfs_t. Expected Results: No complaints. Additional info: Selected lines will be attached (all lines from /var/log/messages relating to selinux, in order.)