Bug 518164
| Summary: | File system not relabeled despite present file /.autorelabel | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Joachim Frieben <jfrieben> |
| Component: | selinux-policy | Assignee: | Bill Nottingham <notting> |
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | rawhide | CC: | dwalsh, jkubin, mgrepl, notting, rvokal, wtogami |
| Target Milestone: | --- | Keywords: | Reopened |
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | selinux-policy-3.6.30-6.fc12.noarch | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-09-13 21:35:33 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Issue still present after upgrade to initscripts-8.98-1.x86_64. rawhide without selinux* packages installed.
cat: /proc/self/attr/current: Invalid argument
Welcome to Fedora
Press 'I' to enter interactive startup.
Starting udev: [ OK ]
Setting hostname localhost.localdomain [ OK ]
Setting up Logical Volume Management: [ OK ]
/etc/rc.d/rc.sysinit: line 488: restorecon: command not found
/etc/rc.d/rc.sysinit: line 488: restorecon: command not found
/etc/rc.d/rc.sysinit: line 488: restorecon: command not found
/etc/rc.d/rc.sysinit: line 488: restorecon: command not found
/etc/rc.d/rc.sysinit: line 488: restorecon: command not found
...
Warren: I can't reproduce that at all on a machine where I've removed selinx-policy* and policycoreutils. selinux=0 ? Booting without selinux because that is necessary with NFS root. Warren: Please open a separate bug. Thanks. Seems to have been fixed in selinux-policy-3.6.30-6.fc12.noarch. Filesystem got relabeled after updating to latest Koji without a new initscripts package but new selinux-policy-* ones. Bug #522224 is the problem described in Comment #3. |
Description of problem: For a current "rawhide" system, the creation of file /.autorelabel after updating packages selinux-policy-* has no effect when rebooting the system. Version-Release number of selected component (if applicable): initscripts-8.97-1.x86_64 How reproducible: Always. Steps to Reproduce: 1. Execute 'touch /.autorelabel'. 2. Reboot system. Actual results: System starts up without relabeling the file system. Expected results: File system gets relabeled. Additional info: - Adding option "autorelabel" to kernel options has no effect either. - Installed packages from the present Koji tree include: * kernel-2.6.31-0.162.rc6.git2.fc12.x86_64 * libselinux-2.0.85-2.fc12.x86_64 * policycoreutils-*-2.0.71-3.fc12.x86_64 * selinux-policy-*-3.6.28-1.fc12.noarch - Content of /etc/sysconfig/selinux reads: # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=permissive # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted