Bug 817765
| Summary: | Systemd context set, not set | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Frank Murphy <sysoutfran> |
| Component: | systemd | Assignee: | systemd-maint |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 17 | CC: | dominick.grift, dwalsh, johannbg, lpoetter, metherid, mgrepl, notting, plautrba, systemd-maint |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-09-14 14:31:56 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Shows the relabelto" forgot to show above.
*** system size and speed of hard drives.
[ 8.566136] type=1400 audit(1335687882.859:7): avc: denied {
relabelfrom } for pid=489 comm="systemd-tmpfile" name="lp2"
dev="devtmpfs" ino=11419
scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:printer_device_t:s0 tclass=chr_file
[ 8.588374] type=1400 audit(1335687882.881:8): avc: denied {
relabelto } for pid=489 comm="systemd-tmpfile" name="lp2"
dev="devtmpfs" ino=11419
scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:printer_device_t:s0 tclass=chr_file
SELinux policy has been updated to allow this, but the tool should really check whether or not the label needs to be fixed before applying the change. Seems to be fixed now. Closing. |
Description of problem: Yes please open a bug on systemd to check if a context is the same as the context it is going to set, and then don't set it. Version-Release number of selected component (if applicable): systemd-44-7.fc17 How reproducible: always on bootup Steps to Reproduce: 1. remove rhgb quiet 2. bootup 3. Actual results: Started Tell Plymouth To Write Out Runtime Data [ OK ] Started Load Random Seed [ OK ] [ 8.277700] type=1400 audit(1335858258.586:4): avc: denied { relabelfrom } for pid=485 comm="systemd-tmpfile" name="lp0" dev="devtmpfs" ino=11256 scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:printer_device_t:s0 tclass=chr_file [ 8.288448] type=1400 audit(1335858258.597:5): avc: denied { relabelfrom } for pid=485 comm="systemd-tmpfile" name="lp1" dev="devtmpfs" ino=11258 scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:printer_device_t:s0 tclass=chr_file [ 8.299324] type=1400 audit(1335858258.608:6): avc: denied { relabelfrom } for pid=485 comm="systemd-tmpfile" name="lp2" dev="devtmpfs" ino=11259 scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:printer_device_t:s0 tclass=chr_file [ 8.310061] type=1400 audit(1335858258.618:7): avc: denied { relabelfrom } for pid=485 comm="systemd-tmpfile" name="lp3" dev="devtmpfs" ino=11260 scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:printer_device_t:s0 tclass=chr_file Started Recreate Volatile Files and Directories [ OK ] Expected results: noe of the above. Additional info: http://lists.fedoraproject.org/pipermail/selinux/2012-April/014591.html