Bug 1637931
| Summary: | bind-chroot: /var/named/chroot*/dev/urandom do not have correct label | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Petr Menšík <pemensik> | ||||
| Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 29 | CC: | dab0816, dwalsh, esm, lvrabec, mgrepl, pemensik, plautrba | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | selinux-policy-3.14.2-40.fc29 | Doc Type: | If docs needed, set a value | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2018-10-18 11:06:58 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 1631515 | ||||||
| Attachments: |
|
||||||
|
Description
Petr Menšík
2018-10-10 11:05:56 UTC
I failed to spot the requirement for it before I added /dev/urandom in chroot and the requirement for it. Until fixed by selinux-policy, it makes bind-chroot unusable on F28, F29 and rawhide. Created attachment 1492526 [details]
Proposed fix
Thanks for report and fix. :)
Author: Lukas Vrabec <lvrabec>
Date: Mon Oct 15 13:21:00 2018 +0200
Label correctly /var/named/chroot*/dev/unrandom in bind chroot.
Thanks Petr Mensik <pmensik> for proposed patch.
BZ(1637931)
*** Bug 1639340 has been marked as a duplicate of this bug. *** selinux-policy-3.14.2-39.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2018-ce273879ac selinux-policy-3.14.2-40.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-ce273879ac selinux-policy-3.14.2-40.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report. |