Bug 216819

Summary: ntfs-3g won't mount filesystem during startup
Product: [Fedora] Fedora Reporter: Larry Johnson <ljohnson>
Component: ntfs-3gAssignee: Tom "spot" Callaway <tcallawa>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: 6CC: extras-qa, szaka, torsten
Target Milestone: ---   
Target Release: ---   
Hardware: noarch   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-06-27 23:07:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
"audit2allow -M local" input file none

Description Larry Johnson 2006-11-22 04:34:46 UTC 
Description of problem:
After installation of ntfs-3g and adding drives to the /etc/fstab, ntfs-3g
allows me to mount my drive from the commandline by issuing the 'mount' command.
 However, during system startup, the mount reports SELinux audit failures during
startup.  If the ntfs-3g filesystem is mounted ruing shutdown, SELinux audit
errors are also reported there.

I was able to build an audit policy file that I used as the input to audit2allow
that resolved these issues.  If these look reasonable, it would be nice if the
install script for the RPM would automatically compile and install these
policies.  I have attached the file for your review.


Version-Release number of selected component (if applicable):
  Fedora:  Core 6
  Kernel:  2.6.18.1-2849
  ntfs-3g: 0.0.5.20070920.fc6


How reproducible:
  Very

Steps to Reproduce:
  1) Install the ntfs-3g package
  2) Edit /etc/fstab to include an NTFS mount
  3) Reboot system
  
Actual results:
  System startup does not mount NTFS drives and shutdown reports errors
  during NTFS drive 'umount'.

Expected results:
  NTFS drive should mount and unmount without errors during startup and
  shutdown.

Additional info:
  I have attached the audit policy file that I used with 'audit2allow'
Comment 1 Larry Johnson 2006-11-22 04:34:46 UTC 
Created attachment 141868 [details]
"audit2allow -M local" input file
Comment 2 Szabolcs Szakacsits 2007-01-07 12:29:01 UTC 
This should be fixed for RHEL5 and FC6 by selinux-policy-2.4.6-23. Could you
please confirm? Thank you.
Comment 3 Torsten Rausche 2007-01-08 12:00:24 UTC 
No change with selinux-policy-2.4.6-23.fc6 so far.
Comment 4 Larry Johnson 2007-03-28 22:39:34 UTC 
I am now running the following configuration:
  kernel:    2.6.20-1.2933.fc6
  fuse:      2.6.3-2.fc6
  fuse-libs: 2.6.3-2.fc6
  ntfs-3g:   2:1.0-1.fc6

I am now receiving errors on startup shutdown when a windows NTFS partition is
auto mounted from /etc/fstab.  All errors seem to be audit errors with SELinux
for both fuse and ntfsl-3g.
Comment 5 Torsten Rausche 2007-04-04 10:51:25 UTC 
selinux-policy-2.4.6-49.fc6 seems to fix it.
Comment 6 Larry Johnson 2007-04-07 02:39:40 UTC 
Still seems to be a problem even with selinux-policy-2.4.6-49-fc6 installed. 
Here are the errors that I am receiving:

Apr  4 21:43:56 holmes kernel: audit(1175741024.399:4): avc:  denied  { getattr 
} for  pid=2041 comm="mount.ntfs-3g" name="modprobe" dev=sda7 ino=39960724
scontext=system_u:system_r:mount_t:s0 context=system_u:object_r:insmod_exec_t:s0
tclass=file
Apr  4 21:43:56 holmes kernel: audit(1175741024.399:5): avc:  denied  { execute 
} for  pid=2043 comm="mount.ntfs-3g" name="bash" dev=sda7 ino=10076172
scontext=system_u:system_r:mount_t:s0 context=system_u:object_r:shell_exec_t:s0
tclass=file
Apr  4 21:43:56 holmes kernel: fuse init (API version 7.8)
Apr  4 21:43:56 holmes kernel: SELinux: initialized (dev sda2, type fuseblk),
not configured for labeling
Apr  4 21:43:56 holmes kernel: audit(1175741025.619:6): avc:  denied  { mount } 
for  pid=2044 comm="fusermount" name="/" dev=sda2 ino=1
scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:unlabeled_t:s0
tclass=filesystem
Comment 7 Larry Johnson 2007-04-07 02:59:25 UTC 
Sorry, misspoke. :(

I was running selinux-policy-2.4.6-46-fc6 instead of
selinux-policy-2.4.6-49-fc6.  Once I installed 49, it appears to mount on
startup and unmount on shutdown.

Thanks for the work.
Comment 8 Torsten Rausche 2007-04-18 11:19:45 UTC 
So could anyone please close this bug report?