On Sat, 25 Sep 2004 14:19, Tom London <selinux@xxxxxxxxx> wrote: > OK. I made a new initrd using mkinitrd-4.1.12-1, rebooted, but the > result is the same. > > Sorry.... Anything else I can try? It seems that a device node /dev/root is created when you boot from a non-LVM device. This is probably a bug in the boot scripts which may tie in with the following bugzilla (about root= parameter being ignored in the case of LVM systems). https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=133236 Anyway I have attached a policy patch that will work around the SE Linux aspects of this issue. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
--- /usr/src/se/policy/file_contexts/types.fc 2004-09-24 06:31:25.000000000 +1000 +++ file_contexts/types.fc 2004-09-26 21:40:25.000000000 +1000 @@ -144,6 +140,9 @@ /dev/par.* -c system_u:object_r:printer_device_t /dev/usb/lp.* -c system_u:object_r:printer_device_t /dev/usblp.* -c system_u:object_r:printer_device_t +ifdef(`distro_redhat', ` +/dev/root -b system_u:object_r:fixed_disk_device_t +') /u?dev/[shmx]d[^/]* -b system_u:object_r:fixed_disk_device_t /u?dev/dm-[0-9]+ -b system_u:object_r:fixed_disk_device_t /u?dev/sg[0-9]+ -c system_u:object_r:scsi_generic_device_t
