Bug 155556

Summary: nash creating nodes, should't this be done by udev?
Product: [Fedora] Fedora Reporter: Daniel Walsh <dwalsh>
Component: udevAssignee: Harald Hoyer <harald>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: notting, rcoker
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-04-21 10:24:14 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Daniel Walsh 2005-04-21 08:36:06 EDT
Description of problem:

We are trying to write better SELinux policy for the initscripts and we came
accross rc.sysinit requireing the ability to mk blk devices on /dev.  
Can't this functionality be moved to udev?

diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/initrc.te 
policy-1.23.11/domains/program/initrc.te
--- nsapolicy/domains/program/initrc.te 2005-03-24 08:58:25.000000000 -0500
+++ policy-1.23.11/domains/program/initrc.te    2005-04-14 15:30:19.000000000 
-0400
@@ -12,7 +12,7 @@
 # initrc_exec_t is the type of the init program.
 #
 # do not use privmail for sendmail as it creates a type transition conflict
-type initrc_t, ifdef(`unlimitedRC', `admin, etc_writer, fs_domain, privmem, 
auth_write, ') domain, privlog, privowner, privmodule, ifdef(`sendmail.te', 
`', `privmail,') ifdef(`distro_debian', `etc_writer, ') sysctl_kernel_writer, 
nscd_client_domain;
+type initrc_t, fs_domain, ifdef(`unlimitedRC', `admin, etc_writer, privmem, 
auth_write, ') domain, privlog, privowner, privmodule, ifdef(`sendmail.te', 
`', `privmail,') ifdef(`distro_debian', `etc_writer, ') sysctl_kernel_writer, 
nscd_client_domain;
 
 role system_r types initrc_t;
 uses_shlib(initrc_t);

Note that the above is needed for the following command:
echo "raidautorun /dev/md0" | nash --quiet
Comment 1 Harald Hoyer 2005-04-21 08:40:16 EDT
why is this assigned to udev?
Comment 2 Daniel Walsh 2005-04-21 08:46:05 EDT
Because I think udev should be doing it.  I also cc'd Bill.,
Comment 3 Harald Hoyer 2005-04-21 09:15:29 EDT
then the kernel module has to send hotplug events and udev will create those
devices... no change to udev needed!!
Comment 4 Bill Nottingham 2005-04-21 10:24:14 EDT
It doesn't work that way.

The raidautorun command requires a device node to operate on (basically, to send
the ioctl on).

*Then*, it scans the partitions and actually creates the raid devices. This is
what would send the hotplug event.
Comment 5 Daniel Walsh 2005-04-21 10:34:07 EDT
SO should I give these privs to nash and only allow nash to be tansitioned by
initrc?

Is nash used by anything else?

Dan
Comment 6 Bill Nottingham 2005-04-21 16:21:00 EDT
Yeah, that sounds about right.

nash is used on the initrd. Don't think it's used anywhere else.