Bug 444239
Summary: | SELinux denys access to disk witout AVC | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Flóki Pálsson <flokip> | ||||||
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> | ||||||
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
Severity: | low | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | rawhide | CC: | jkubin | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | x86_64 | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2008-05-06 21:22:09 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Flóki Pálsson
2008-04-25 22:31:42 UTC
Created attachment 303831 [details]
fdisk and ll fore /media
In a terminal can you execute id -Z I was on vacation. Yes. But still no AVC and access to disk [floki@localhost ~]$ id -Z unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [floki@localhost ~]$ [root@localhost ~]# id -Z unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [root@localhost ~]# semodule -DB will turn off all dontaudit rules, see if AVC's are generated then. semodule -B will turn them back on. After [root@localhost ~]# semodule -DB then clik on /boot in places in Nautilus ( /dev/sdb1 194442 19592 164811 11% /boot ) there is no AVC and no access PS Disk /dev/sda: 120.0 GB is now corrupt Hard to say, it looks as gremlins or ghosts in your box ... Is it somehow reliably reproducible? ie: 1) make partition(s) and format your 120GB hard drive or `# fsck.ext3 /dev/sdb` 2) mount it 3) # setenforce 0; setenforce 1; 4) ... (# semodule -DB; semodule -B) 5) a corruption of HDD has occured 6) --> 1) Thank you! I would say you are having far more problems then just selinux. semodule -DB is just rebuilding and reloading policy, it should not corrupt the disk. I think your disk is going haywire. Yes I believe that SELinux is not related to corruption of HDD. Now I can see 120gb disk in FC9 Nautilus in collume Places. In FC8 it is possible to access 120 gb disk. How the disk is readble agin I dot know. ( I mounted something in FC8 ) In FC9 it is not possible to access the disk. 3) # setenforce 0; setenforce 1; 4) ... (# semodule -DB; semodule -B) 5) a corruption of HDD has occured - corruption does not happen 6) --> 1) The corruption ( ?) off the disk is not related to SElinux. Now when in permissive mode it is possible to access (_tonlist ( on 120gb )) Stepps 3 and 4 give not access to disk (_tonlist) or AVC. Se attachment off error when it was not possible to access disk. Created attachment 304694 [details]
mount problem
|