Bug 368041
Summary: | No output from lvm commands | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Olle Liljenzin <olle> | ||||
Component: | lvm2 | Assignee: | Milan Broz <mbroz> | ||||
Status: | CLOSED DUPLICATE | QA Contact: | Corey Marthaler <cmarthal> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | low | ||||||
Version: | 5.0 | CC: | agk, dwysocha, jbrassow, mbroz, prockai, pvrabec | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | x86_64 | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2008-01-04 11:59:59 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Olle Liljenzin
2007-11-06 09:26:47 UTC
What about other commands that write to stderr - do they have similar problems? Is selinux enabled - if so, can you reproduce without? Other programs can write to stderr. It appears to be an selinux issue as you suggest, at least in fc6 where I had immediate access to a machine where I could disable it. (I will try disabling in also in RHEL5 to verify, but it has to wait until tomorrow.) But selinux not allowing terminal output from lvm commands seems a bit restrictive, or is it just me getting hit by this? I have verified it is selinux by making a clean installation of rhel5 by these steps: 1. Install rhel5 x86_64 client with selinux enforced 2. install rsh-server 3. enable rlogin in /etc/xinetd.d/rlogin 4. add rlogin to /etc/securetty 5. start xinted 6. run 'lvm help' (help text is printed) 7. rlogin localhost 8. run 'lvm help' (help text is not printed) 9. run 'setenforce 0' 10. run 'lvm help' (help text is printed) So ensure selinux is logging failures and see what the precise error messages are. type=AVC msg=audit(1194462466.874:404): avc: denied { read write } for pid=11867 comm="lvm" name="10" dev=devpts ino=12 scontext=root:system_r:lvm_t:s0 tcontext=root:obj ect_r:rlogind_devpts_t:s0 tclass=chr_file I will attach the related part of audit.log as a file. Created attachment 250671 [details]
audit.log from 'lvm help' with selinux enforced
I understand now that I have reported this on wrong component, but is it rsh-server or selinux-policy or some other component that should have it? I was first hit by this in fc6 and it confused me that auditd in fc6 was silent and rlogin wasn't involved. I guess the fix for fc6 is an upgrade to f7. (But why isn't the write call failing when selinux blocks the output?) I have created a new bz 374431 on the component selinux-policy and want to make this bz a duplicate of the new one. Bugzilla says: You tried to change the Status field from NEW to CLOSED, but only the owner or submitter of the bug, or a autorized user, may change that field. AFAIK I am the submitter of the bug. Closing as duplicate per comment #8. *** This bug has been marked as a duplicate of 374431 *** |