Bug 121007
| Summary: | can't set selinux attributes on device files before they exist | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Alexandre Oliva <oliva> | ||||
| Component: | lvm2 | Assignee: | Alasdair Kergon <agk> | ||||
| Status: | CLOSED RAWHIDE | QA Contact: | |||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | rawhide | CC: | sct | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | i386 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2004-05-26 17:18:16 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Alexandre Oliva
2004-04-16 03:12:50 UTC
jeremy fixed this in lvm2-2.00.12-4 I've got 2.00.14-1.1, and it's sitll not fixed. I get the error both when lvm is run from initrd and when it's run after root fs pivoting. Worst yet: lvm claims to *fail* when run from initrd. Hmm... Could it be just because I have more than one volume group? Unfortunately, the messages are no longer logged in /var/log/boot.log, although I still see similar messages logged there from before the latest lvm2 update. Maybe the patch only arranged for the messages to not be logged to boot.log, but they still make it to the screen? Ah, yes, it's lvm vgchange -a y that prints the error. It seems to attempt to set context before creating the device. Testcase: lvm vgchange -a n <some unused volume group> lvm vgchange -a y <the same volume group> The second command will print: /dev/VG/LV: set_selinux_context failed: No such file or directory Oddly, strace shows it *has* created the device-mapper node, as well as the directory and symlink to it with the name it printed. This is very confusing. With/without selinux turned on? If that's the first error message printed, then the return code handling from is_selinux_enabled() is suspect. Need to locate documentation for these functions, but guessing that if it returns 0, it should still try to set filesystem xattr in case it gets enabled later? (And return success, not failure with errno likely untouched?) I'm struggling to reproduce this the straces I get look OK - can you send me your strace? [and double-check that 'lvm version' is right - esp. the library version] It doesn't matter whether selinux is enabled (permissive) or disabled (selinux=0). I haven't been able to boot in enforcing mode yet, and I doubt it matters as early as initrd, where I first get the errors. # lvm version LVM version: 2.00.14 (2004-04-16) Library version: 1.00.14-ioctl (2004-04-06) Driver version: 4.1.0 Created attachment 99544 [details]
strace output for vgchange -ay ext
The above was with selinux=0 in the boot command line. I get the same warning with selinux enabled in permissive mode, but I haven't saved the strace output, and I'd rather not have to relabel the filesystem after today's updates in order to duplicate it again, if I can help it. Fixed in 2.00.15-1.1. Same fix applied to device-mapper. |