Bug 187193

Summary: avc msg hal / cpqarray driver.
Product: [Fedora] Fedora Reporter: Dave Jones <davej>
Component: udevAssignee: Harald Hoyer <harald>
Status: CLOSED CANTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 5CC: dwalsh, john.horne, katzj, kay.sievers, patrickm, pfrields
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-02-20 06:35:10 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Dave Jones 2006-03-28 22:54:19 EST
this pops out during boot..

audit(1143604711.882:2): avc:  denied  { getattr } for  pid=1678 comm="hald"
name="ida!c0d0" dev=tmpfs ino=754 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:device_t:s0 tclass=blk_file
Comment 1 Daniel Walsh 2006-03-29 08:17:47 EST
What is the full path to the devices?

Comment 2 Dave Jones 2006-03-30 16:38:18 EST
actually, this is a kernel bug for exposing a pathname in sysfs with a / in it
(which gets munged to a !) and a udev bug, which should be munging it back to a /

The kernel bug is arguably difficult to fix as it could concievably break
existing setups, but I'll see what upstream says.

udev should still be fixed to munge any !'s back to /'s before creating a /dev
node though
Comment 3 Daniel Walsh 2006-03-30 16:47:05 EST
I love it when the bugs are not mine.  :^)
Comment 4 Kay Sievers 2006-04-09 09:28:23 EDT
No, udev translates '!' into '/' for ages: 

Udev definitely works for ccis devices, which have a '!' in the kernel name too.
It's likely HAL looking for an existing node while scanning with the names from
sysfs. Are we sure, that such a node actually exists at the time of the error?
Comment 5 Harald Hoyer 2006-04-10 04:19:40 EDT
thx Kay!
Comment 6 John Horne 2006-06-14 07:50:51 EDT
This is a "me too" I'm afraid. I see you redhat chaps are already on this so I'm
not sure that I can help too much.

I've just installed FC5 on to an HP/Compaq DL360 with a cciss 5i scsi disk
controller. The install had some problems - first reboot couldn't remount the
root partition (permission denied). Also it couldn't see the swap partition.
Rebooting without selinux worked.

I noticed that the /etc/blkid/blkid.tab file had the root partition as
/dev/cciss!c0d0p3   The /boot partition was correct though /dev/cciss/c0d0p1.
(It might have been the other way round - root was right, boot was wrong. Sorry
I don't have the original contents anymore.)

I edited the blkid.tab file and rebooted. Also re-enabled selinux. All is okay
having rebooted a few times. However, the haldaemon service still gives these

Jun 14 12:35:20 betty kernel: audit(1150284920.659:3): avc:  denied  { getattr }
for  pid=2842 comm="hald" name="cciss!c0d0" dev=tmpfs ino=757
scontext=user_u:system_r:hald_t:s0 tcontext=system_u:object_r:device_t:s0

The system is fully patched.

Looking in /dev I see:

drwxr-xr-x 2 root root        120 Jun 14 12:28 cciss
brwx------ 1 root root   104,   0 Jun 14 12:28 cciss!c0d0
brwx------ 1 root root   104,   1 Jun 14 12:28 cciss!c0d0p1
brwx------ 1 root root   104,   2 Jun 14 12:28 cciss!c0d0p2
brwx------ 1 root root   104,   3 Jun 14 12:28 cciss!c0d0p3

The cciss subdirectory contains the right partitions:

brw-r----- 1 root disk 104, 0 Jun 14 12:28 c0d0
brw-r----- 1 root disk 104, 1 Jun 14 12:28 c0d0p1
brw-r----- 1 root disk 104, 2 Jun 14 12:28 c0d0p2
brw-r----- 1 root disk 104, 3 Jun 14 12:28 c0d0p3

Comment 7 Daniel Walsh 2006-06-15 10:55:07 EDT
This is a udev problem.  It is creating bogus named devices, udev should be
translating thes names to the subdirectory.

If you want to get SELinux to work until udev is fixes you can execute this command

semanage fcontext -a -t fixed_disk_device_t  -f '-b' '/dev/cciss.*'

To assign a proper file context.
Comment 8 Kay Sievers 2006-06-15 11:04:34 EDT
No, udev translates these names since ages:
Comment 9 Daniel Walsh 2006-09-18 15:45:26 EDT
Any Updates on this bug?
Comment 10 Daniel Walsh 2006-09-18 15:48:07 EDT
*** Bug 200510 has been marked as a duplicate of this bug. ***
Comment 11 Harald Hoyer 2006-09-25 07:39:40 EDT
this would mean that the device node is created two times? one time unchanged
and the second time with the corrected pathname.. odd...
Comment 12 Harald Hoyer 2007-09-20 07:08:29 EDT
has anyone seen this bug in FC6, F7, rawhide?
Comment 13 John Horne 2007-09-20 08:11:10 EDT
If its any help, the bug hasn't occurred when using the latest RHEL 4 (AS) on an
HP DL580 (cciss 6 controller I think). It also doesn't occur when using CentOS 5
on DL360/DL380's.

Comment 14 Dave Jones 2007-10-05 17:27:37 EDT
my cpqarray died, so I can't test/reproduce this.