Bug 119779

Summary: selinux won't let a NTFS partition be mounted
Product: [Fedora] Fedora Reporter: Jason <dravet>
Component: policyAssignee: Daniel Walsh <dwalsh>
Status: CLOSED RAWHIDE QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: high    
Version: rawhideCC: 13640887, pgraner
Target Milestone: ---Keywords: SELinux
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-04-06 12:11:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 114961    

Description Jason 2004-04-02 03:56:09 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6)
Gecko/20040113

Description of problem:
I did a fresh install of FC2T2 and have selinux enabled.  I upgraded
the kernel to 2.6.4-1.300.  I made a ntfs.ko module and installed it
exactly like I have done dozens of times before.  When /etc/fstab
tries to mount the ntfs partition I get the following selinux error.

Apr  1 21:05:48 excalibur kernel: NTFS driver 2.1.6 [Flags: R/O MODULE].
Apr  1 21:05:48 excalibur kernel: NTFS volume version 3.1.
Apr  1 21:05:48 excalibur kernel: SELinux: initialized (dev sda1, type
ntfs), not configured for labeling
Apr  1 21:05:48 excalibur kernel: audit(1080875148.538:0): avc: 
denied  { mount } for  pid=2269 exe=/bin/mount name=/ dev=sda1 ino=5
scontext=root:sysadm_r:mount_t tcontext=system_u:object_r:unlabeled_t
tclass=filesystem

I really need the NTFS partition mounted.  If this is going to affect
NCPFS as well, NCPFS will need to be fixed as well.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.  install FC2T2 with selinux enabled
2.  compile and install the ntfs module
3.  try to mount a ntfs partition
    

Actual Results:  I get the error

Expected Results:  The partition should have been mounted

Additional info:
Comment 1 Jason 2004-04-02 23:15:26 UTC 
I just updated to policy-1.9.2-5.noarch.rpm and policy-sources-1.9.2-5
with the same results.
Comment 2 Albert Strasheim 2004-04-06 10:23:05 UTC 
I compiled a custom kernel using config-2.6.4-1.305smp and adding
CONFIG_NTFS_FS=m. As root, I can mount all my NTFS partitions from the
command line (i.e. mount /dev/hda2 /mnt/os) or with entries in
/etc/fstab, like:

/dev/hda2  /mnt/os  ntfs  ro,umask=002  0 0

util-linux-2.12-15
policy-1.9.2-10
Linux asok 2.6.4-1.305custom #1 SMP Mon Apr 5 18:57:53 SAST 2004 i686
i686 i386 GNU/Linux
Comment 3 Jason 2004-04-06 15:36:25 UTC 
Upgrading to the kernel 305 and policy 1.9.2-10 fixed the problem. 
Thank you.