Bug 168840
Summary: | Files created without selinux contexts | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Orion Poplawski <orion> |
Component: | selinux-policy-targeted | Assignee: | Russell Coker <rcoker> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-01-27 06:04:19 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Orion Poplawski
2005-09-20 15:54:29 UTC
Changing to selinux-policy-targeted to try to get some more info. Looks like things work when files are labeled samba_share_t (new ones are created that way), but not when existing dirs are labeled user_home_t (new ones don't have labels). Scratch the above. It seems I've got one system where it appears to work, and one where it doesn't. Are you seeing avc messages? This seems like a kernel problem to me. Policy would not come into play here. I'm running in permissive mode. Only avc messages I get are after the file is created: Nov 30 21:05:59 alexandria kernel: audit(1133409959.234:3594): avc: denied { getattr } for pid=3629 comm="smbd" name="C_Drive045_i014.iv2i" dev=dm-6 ino=2700225 scontext=system_u:system_r:smbd_t tcontext=system_u:object_r:file_t tclass=file I'm running 2.6.12-1.1456_FC4smp because of problems experience with later kernels. Will try to test with the latest soon. Are you using ext3? Or reiserfs? Or xfs? (In reply to comment #5) > Are you using ext3? Or reiserfs? Or xfs? jfs Not supported with SELinux. |