Hi,
I'd like to report an odd behavior that I traced to SELinux. To mount
my Mac OS X partition automatically, I have the following line in
my /etc/fstab:
/dev/hda3 /Macintosh\040HD hfsplus ro 0 0
If I execute mount '/Macintosh HD' as root, this works fine.
However, this mount fails during the boot process.
If I execute
(A) /etc/rc.d/init.d/netfs start
as root, I get an error:
mount: cannot mount block device /dev/hda3 read-only [FAILED]
Running (A) under strace, I see
mount("/dev/hda3", "/Macintosh HD", "hfsplus", MS_RDONLY|MS_POSIXACL|
MS_ACTIVE|MS_NOUSER|0xec0000, 0x10037f58) = -1 EACCES (Permission
denied)
However, the following commands both succeed:
(B) /bin/bash /etc/rc.d/init.d/netfs start
(C) setenforce 0 ; /etc/rc.d/init.d/netfs start
Obviously, (C) proves that SELinux is the culprit. The question is,
under SELinux, why should (B) work while (A) fails? Since the netfs
script has #!/bin/bash as the shebang line, shouldn't (A) and (B) be
equivalent?
My setup is FC4 on a Mac mini with all updates applied:
selinux-policy-targeted-1.27.1-2.16.ppc.rpm
libselinux-1.23.10-2.ppc.rpm
util-linux-2.12p-9.12.ppc.rpm
initscripts-2.6.14-1.1653_FC4.ppc.rpm
kernel-2.6.14-1.1653_FC4.ppc.rpm
(I realize that /etc/rc.d/init.d/rc.sysinit contains the same mount
command as /etc/rc.d/init.d/netfs, but netfs is more convenient to test
than rc.sysinit.)
Derek
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
