> On Fri, 2006-04-07 at 21:24 -0400, mroselinux@xxxxxxxxxxxxxxxxxxxx
> wrote:
>> As I indicated in a previous message, I am migrating a samba server from
>> FC3 to FC5 and have run into another SELINUX policy issue. I have a
>> second hard drive with a single ext3 partition that I primarly use for
>> backups. It is labeled /backup. I did a mkdir /backup and entered the
>> appropriate line into fstab. When I reboot, I get the following
>>
>> -----------------------------------------------------------------------
>>
>> Apr 7 21:08:11 localhost kernel: audit(1144458480.400:2): avc: denied
>> {
>> getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2
>> scontext=system_u:system_r:hald_t:s0
>> tcontext=system_u:object_r:file_t:s0
>> tclass=dir
>> Apr 7 21:08:11 localhost kernel: audit(1144458480.444:3): avc: denied
>> {
>> getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2
>> scontext=system_u:system_r:hald_t:s0
>> tcontext=system_u:object_r:file_t:s0
>> tclass=dir
>> Apr 7 21:08:11 localhost kernel: audit(1144458480.516:4): avc: denied
>> {
>> getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2
>> scontext=system_u:system_r:hald_t:s0
>> tcontext=system_u:object_r:file_t:s0
>> tclass=dir
>>
>> --------------------------------------------------------------------------
>>
>> What do I need to do to support the /backup partition with SELINUX?
>
> I have the same setup. :) Mine is labeled root_t it seems.
>
> [medieval@chaucer ~]$ ls -Zd /mnt/hdb1
> drwxr-xr-x root root system_u:object_r:root_t /mnt/hdb1
>
> Try this:
>
> chcon -t root_t /mnt/hdb1
>
> See if that helps. You can also do a "restorecon -R /mnt/hdb1" too I
> think.
>
> Bob
>
> --
> Bob Kashani
> http://www.gnome.org/~bobk/
>
>
Hi Bob,
Thanks for the reply. My setup must be somewhat different from yours
because my second HD is /dev/hdb2. In any event, here is screen copy of
what I tried.
[root@localhost ~]# ls -Zd /mnt/hdb1
ls: /mnt/hdb1: No such file or directory
[root@localhost ~]# ls -Zd /mnt/hdb1
ls: /mnt/hdb1: No such file or directory
[root@localhost ~]# ls -Zd /dev/hdb1
brw-r----- root disk system_u:object_r:fixed_disk_device_t /dev/hdb1
[root@localhost ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
17775388 2423964 14433920 15% /
/dev/hda1 101086 14054 81813 15% /boot
/dev/hdb1 19243740 176288 18089900 1% /backup
tmpfs 257324 0 257324 0% /dev/shm
[root@localhost ~]# ls -Zd /backup
drwxr-xr-x root root system_u:object_r:file_t /backup
[root@localhost ~]# restorecon /backup
[root@localhost ~]# ls -Zd /backup
drwxr-xr-x root root system_u:object_r:default_t /backup
[root@localhost ~]# chcon -t root_t /backup
[root@localhost ~]# ls -Zd /backup
drwxr-xr-x root root system_u:object_r:root_t /backup
[root@localhost ~]#
After the chcon and rebooting the system, the HAL denied messages did not
occur. I still have more experimenting to do with data under /backup.
Regards,
Mark
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
