On Fri, Feb 22, 2013 at 2:14 AM, Bond, Darryl <dbond@xxxxxxxxxxxxx> wrote:
> Yup there is something wrong???
>
> Here I change the label on a random file in /tmp
> # strace chcon --reference=test afile
> execve("/usr/bin/chcon", ["chcon", "--reference=test", "afile"], [/* 30 vars */]) = 0
> brk(0) = 0xe11000
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fcc7e469000
> access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
> open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=107608, ...}) = 0
> mmap(NULL, 107608, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fcc7e44e000
> close(3) = 0
> open("/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3
> read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0pa o;\0\0\0"..., 832) = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=136440, ...}) = 0
> mmap(0x3b6f200000, 2234408, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3b6f200000
> mprotect(0x3b6f21f000, 2093056, PROT_NONE) = 0
> mmap(0x3b6f41e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e000) = 0x3b6f41e000
> mmap(0x3b6f420000, 6184, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3b6f420000
> close(3) = 0
> open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
> read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\33\302\0257\0\0\0"..., 832) = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=2071376, ...}) = 0
> mmap(0x3715c00000, 3896312, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3715c00000
> mprotect(0x3715dad000, 2097152, PROT_NONE) = 0
> mmap(0x3715fad000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1ad000) = 0x3715fad000
> mmap(0x3715fb3000, 17400, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3715fb3000
> close(3) = 0
> open("/lib64/libpcre.so.1", O_RDONLY|O_CLOEXEC) = 3
> read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\35`o;\0\0\0"..., 832) = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=388152, ...}) = 0
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fcc7e44d000
> mmap(0x3b6f600000, 2478664, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3b6f600000
> mprotect(0x3b6f65c000, 2097152, PROT_NONE) = 0
> mmap(0x3b6f85c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5c000) = 0x3b6f85c000
> close(3) = 0
> open("/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
> read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\16\0\0267\0\0\0"..., 832) = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=22440, ...}) = 0
> mmap(0x3716000000, 2109736, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3716000000
> mprotect(0x3716003000, 2093056, PROT_NONE) = 0
> mmap(0x3716202000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x3716202000
> close(3) = 0
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fcc7e44c000
> mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fcc7e44a000
> arch_prctl(ARCH_SET_FS, 0x7fcc7e44a7c0) = 0
> mprotect(0x60d000, 4096, PROT_READ) = 0
> mprotect(0x3b6f41e000, 4096, PROT_READ) = 0
> mprotect(0x3715fad000, 16384, PROT_READ) = 0
> mprotect(0x3b6f85c000, 4096, PROT_READ) = 0
> mprotect(0x3716202000, 4096, PROT_READ) = 0
> mprotect(0x3715a20000, 4096, PROT_READ) = 0
> munmap(0x7fcc7e44e000, 107608) = 0
> statfs("/sys/fs/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) = 0
> statfs("/sys/fs/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) = 0
> stat("/sys/fs/selinux", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
> brk(0) = 0xe11000
> brk(0xe32000) = 0xe32000
> open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=104789808, ...}) = 0
> mmap(NULL, 104789808, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fcc7805a000
> close(3) = 0
> getxattr("test", "security.selinux", "unconfined_u:object_r:user_tmp_t:s0", 255) = 36
> open("/sys/fs/selinux/mls", O_RDONLY) = 3
> read(3, "1", 19) = 1
> close(3) = 0
> socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC, 0) = 3
> connect(3, {sa_family=AF_FILE, sun_path="/var/run/setrans/.setrans-unix"}, 110) = -1 ENOENT (No such file or directory)
> close(3) = 0
> newfstatat(AT_FDCWD, "afile", {st_mode=S_IFREG|0644, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
> socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC, 0) = 3
> connect(3, {sa_family=AF_FILE, sun_path="/var/run/setrans/.setrans-unix"}, 110) = -1 ENOENT (No such file or directory)
> close(3) = 0
> setxattr("afile", "security.selinux", "unconfined_u:object_r:user_tmp_t:s0", 36, 0) = 0
> close(1) = 0
> close(2) = 0
> exit_group(0) = ?
> +++ exited with 0 +++
>
> And here I try the same on cephfs filesystem
> # strace chcon --reference=test afile
> execve("/usr/bin/chcon", ["chcon", "--reference=test", "afile"], [/* 30 vars */]) = 0
> brk(0) = 0x24a4000
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4913992000
> access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
> open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=107608, ...}) = 0
> mmap(NULL, 107608, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f4913977000
> close(3) = 0
> open("/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3
> read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0pa o;\0\0\0"..., 832) = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=136440, ...}) = 0
> mmap(0x3b6f200000, 2234408, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3b6f200000
> mprotect(0x3b6f21f000, 2093056, PROT_NONE) = 0
> mmap(0x3b6f41e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e000) = 0x3b6f41e000
> mmap(0x3b6f420000, 6184, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3b6f420000
> close(3) = 0
> open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
> read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\33\302\0257\0\0\0"..., 832) = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=2071376, ...}) = 0
> mmap(0x3715c00000, 3896312, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3715c00000
> mprotect(0x3715dad000, 2097152, PROT_NONE) = 0
> mmap(0x3715fad000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1ad000) = 0x3715fad000
> mmap(0x3715fb3000, 17400, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3715fb3000
> close(3) = 0
> open("/lib64/libpcre.so.1", O_RDONLY|O_CLOEXEC) = 3
> read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\35`o;\0\0\0"..., 832) = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=388152, ...}) = 0
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4913976000
> mmap(0x3b6f600000, 2478664, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3b6f600000
> mprotect(0x3b6f65c000, 2097152, PROT_NONE) = 0
> mmap(0x3b6f85c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5c000) = 0x3b6f85c000
> close(3) = 0
> open("/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
> read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\16\0\0267\0\0\0"..., 832) = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=22440, ...}) = 0
> mmap(0x3716000000, 2109736, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3716000000
> mprotect(0x3716003000, 2093056, PROT_NONE) = 0
> mmap(0x3716202000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x3716202000
> close(3) = 0
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4913975000
> mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4913973000
> arch_prctl(ARCH_SET_FS, 0x7f49139737c0) = 0
> mprotect(0x60d000, 4096, PROT_READ) = 0
> mprotect(0x3b6f41e000, 4096, PROT_READ) = 0
> mprotect(0x3715fad000, 16384, PROT_READ) = 0
> mprotect(0x3b6f85c000, 4096, PROT_READ) = 0
> mprotect(0x3716202000, 4096, PROT_READ) = 0
> mprotect(0x3715a20000, 4096, PROT_READ) = 0
> munmap(0x7f4913977000, 107608) = 0
> statfs("/sys/fs/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) = 0
> statfs("/sys/fs/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) = 0
> stat("/sys/fs/selinux", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
> brk(0) = 0x24a4000
> brk(0x24c5000) = 0x24c5000
> open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=104789808, ...}) = 0
> mmap(NULL, 104789808, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f490d583000
> close(3) = 0
> getxattr("test", "security.selinux", "system_u:object_r:unlabeled_t:s0", 255) = 33
> open("/sys/fs/selinux/mls", O_RDONLY) = 3
> read(3, "1", 19) = 1
> close(3) = 0
> socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC, 0) = 3
> connect(3, {sa_family=AF_FILE, sun_path="/var/run/setrans/.setrans-unix"}, 110) = -1 ENOENT (No such file or directory)
> close(3) = 0
> newfstatat(AT_FDCWD, "afile", {st_mode=S_IFREG|0644, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
> socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC, 0) = 3
> connect(3, {sa_family=AF_FILE, sun_path="/var/run/setrans/.setrans-unix"}, 110) = -1 ENOENT (No such file or directory)
> close(3) = 0
> setxattr("afile", "security.selinux", "system_u:object_r:unlabeled_t:s0", 33, 0) = -1 EOPNOTSUPP (Operation not supported)
Well, there it is. I've been through this code again and it still
looks good to me, so I'm not sure what's going wrong. I've created a
bug in the tracker for it, though:
http://tracker.ceph.com/issues/4241
-Greg
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
