crytpsetup, for setting up encrypted volumes, runs shell scripts during this
process which gives me:
Mar 27 10:16:41 caligula kernel: audit(1206612989.635:4): avc: denied {
execute } for pid=2929 comm="cryptsetup" name="dash" dev=dm-0 ino=470542
scontext=system_u:system_r:lvm_t:s0
tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
Attached patch fixes this.
Best wishes,
--
Martin Orr
Written by: Martin Orr
Allow cryptsetup to run shell scripts
Mar 27 10:16:41 caligula kernel: audit(1206612989.635:4): avc: denied { execute } for pid=2929 comm="cryptsetup" name="dash" dev=dm-0 ino=470542 scontext=system_u:system_r:lvm_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
Index: policy/modules/system/lvm.te
===================================================================
--- policy/modules/system/lvm.te.orig
+++ policy/modules/system/lvm.te
@@ -247,6 +247,7 @@
term_list_ptys(lvm_t)
corecmd_exec_bin(lvm_t)
+corecmd_exec_shell(lvm_t)
domain_use_interactive_fds(lvm_t)
