Bug 209649

Summary: ybin fails with "Failed to initialize HFS working directories: Permission denied"
Product: [Fedora] Fedora Reporter: Will Woods <wwoods>
Component: selinux-policy-targetedAssignee: Daniel Walsh <dwalsh>
Status: CLOSED RAWHIDE QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhide   
Target Milestone: ---   
Target Release: ---   
Hardware: powerpc   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-10-06 22:33:44 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Will Woods 2006-10-06 17:06:54 UTC 
+++ This bug was initially created as a clone of Bug #201414 +++
(See that bug for more details)

With today's tree (20061006), ybin fails when trying to update the bootloader
configuration on Apple hardware. 

audit(1160152655.772:5): avc:  denied  { write } for  pid=20949 comm="hmount"
name=".hcwd" dev=hda3 ino=18 scontext=root:system_r:bootloader_t:s0-s0:c0.c1023
tcontext=system_u:object_r:boot_runtime_t:s0 tclass=file

ybin is a shell script which calls hmount; hmount tries to write a state file.
Normally it tries to write to $HOME/.hcwd but writing to /root should not be
allowed by policy. 

ybin was patched to falsify $HOME, causing hmount to write to /boot/.hcwd
instead. The targeted policy is disallowing this.

This breaks kernel updates (and our installer testing) on Apple ppc hardware.
Comment 1 Will Woods 2006-10-06 22:33:44 UTC 
Should be fixed with selinux-policy-2.3.18-7. Will reopen if problem persists.