Bug 160755
Summary: | /sbin/losetup -e blowfish /dev/loop0 /var/local/existing_file # fails | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Stephen P. Schaefer <sschaefer> |
Component: | util-linux | Assignee: | Karel Zak <kzak> |
Status: | CLOSED NOTABUG | QA Contact: | Ben Levenson <benl> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4 | CC: | bugzilla.redhat.com, stefan.hoelldampf |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-06-29 09:22:09 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Stephen P. Schaefer
2005-06-17 05:02:32 UTC
I can confirm this bug. Upgraded from FC3 to FC4 and have to "setenforce 0" since for loopback mounts. I have moved the image file around the filesystem and did setfiles /etc/selinux/targeted/contexts/files/file_contexts $imagefile but it did not help. Tried to find a valid security context ("chcon") for the image file but failed. Always got something like avc: denied ... comm="losetup" ... scontext=root:system_r:fsadm_t tcontext=... tclass=file Using FC4, 2.6.11-1.1369_FC4xen0, util-linux-2.12p-9.5 , selinux-policy-targeted-1.23.16-6 Bug #160859 is a duplicate of this. It has a good summary line. xen does not work on image files because of this bug. "xm create" fails when xend tries to assing a /dev/loop* to the imagefile. But when i do setenforce 0 losetup /dev/loop0 /home/xen/domain1-rootfs setenforce 1 xm create domain1 it works. An upgrade to selinux-policy-targeted-1.23.18-12 resolved this issue for me. Now i can do "losetup" and "mount -o loop" again. Unfortunately, xen's "xm create" still does not work. Will open xen bug entry for this. See bug #161195. I ran up2date last night, bringing in selinux-policy-targeted-1.23.18-12, and this is working as I'd like. I'd be happy to see this declared resolved. The form would seem to allow me to do that, but I'm not familiar enough with the QA requirements to feel comfortable doing that. I haven't (yet) tried xen. Thanks for your feedback. |