Bug 176600
Summary: | 2.6.14 breaks SELinux support for XFS and ReiserFS | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Richard Shaffer <rshaffer> |
Component: | kernel | Assignee: | Eric Paris <eparis> |
Status: | CLOSED UPSTREAM | QA Contact: | Brian Brock <bbrock> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 6 | CC: | davej, jmorris, sdsmall, wtogami |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-10-04 23:52:08 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Richard Shaffer
2005-12-27 10:19:18 UTC
To be clear, we were fixing a problem in the security labeling of new inodes. The patches in question were discussed openly, at least one XFS maintainer (hch) knew about the patches and actively encouraged us to remove the old hooks despite potential breakage in order to provide consistent interface/semantics and said he would fix XFS ASAP (but didn't), and the patches lived in -mm for some time before going to Linus. The fact that no fix was provided for XFS in time for 2.6.14 (or 2.6.15) was IMHO not our fault; we warned people about the issue, and even offered to hold the patch removing the old hooks, but no one spoke up until after 2.6.14 was already long since released and 2.6.15 was already at -rc4. We fixed the filesystems we use and test ourselves, and the JFS maintainers took care of their filesystem in response to the open discussion of the patches. reiserfs folks didn't respond, and SELinux support has never been a priority to them AFAIK. SuSE did some work incorporated into 2.6.12 that allegedly enabled SELinux to work properly with the reiserfs xattrs (but I do not have any specific reports of people successfully using SELinux with reiserfs, nor have I ever tried it); prior to 2.6.12, reiserfs wasn't working with SELinux anyway. Unlikely that they will take any action to fix it again since SELinux is not supported by SuSE. Easiest answer is to disable SELinux if using XFS until 2.6.16. I would also suggesting contacting the XFS maintainer for clarification of his intentions and timeframe for upstream fix. This is a mass-update to all currently open kernel bugs. A new kernel update has been released (Version: 2.6.15-1.1830_FC4) based upon a new upstream kernel release. Please retest against this new kernel, as a large number of patches go into each upstream release, possibly including changes that may address this problem. This bug has been placed in NEEDINFO_REPORTER state. Due to the large volume of inactive bugs in bugzilla, if this bug is still in this state in two weeks time, it will be closed. Should this bug still be relevant after this period, the reporter can reopen the bug at any time. Any other users on the Cc: list of this bug can request that the bug be reopened by adding a comment to the bug. If this bug is a problem preventing you from installing the release this version is filed against, please see bug 169613. Thank you. Not fixed in 2.6.15-1.1830_FC4. Per above comments, looks hopeful for 2.6.16. Yes, xfs workaround is in Linus' tree for 2.6.16. No fix for reiserfs in sight yet. Did this ever get fixed in .17 / .18 ? xfs should work with SELinux for kernels >= 2.6.16. reiserfs is still not fixed, and no one seems interested in fixing it. I'd suggest filing this in the upstream kernel.org bugzilla, as it's highly unlikely anyone at Red Hat is going to fix this due to us not supporting reiserfs. |