Bug 1123013 - File context for /var/run/keystone or /var/run/neutron is not defined
Summary: File context for /var/run/keystone or /var/run/neutron is not defined
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 20
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Lukas Vrabec
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-07-24 15:37 UTC by Richard Su
Modified: 2014-08-21 09:46 UTC (History)
4 users (show)

Fixed In Version: selinux-policy-3.12.1-180.fc20
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-08-21 09:46:39 UTC


Attachments (Terms of Use)

Description Richard Su 2014-07-24 15:37:06 UTC
Description of problem:
The targeted policy doesn't define a context for /var/run/keystone or /var/run/neutron. There isn't a keystone_var_run_t or a neutron_var_run_t. Shouldn't there be one?

There is one for /var/run/nova and /var/run/glance.

Version-Release number of selected component (if applicable):
selinux-policy-3.12.1-177.fc20.noarch
selinux-policy-devel-3.12.1-177.fc20.noarch
selinux-policy-targeted-3.12.1-177.fc20.noarch

How reproducible:
always

Steps to Reproduce:
grep keystone /etc/selinux/targeted/contexts/files/*
grep swift /etc/selinux/targeted/contexts/files/*

Actual results:
Should have
/etc/selinux/targeted/contexts/files/file_contexts:/var/run/keystone(/.*)?	system_u:object_r:keystone_var_run_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/var/run/neutron(/.*)?	system_u:object_r:neutron_var_run_t:s0

Expected results:
They don't exist.

Additional info:

Comment 1 Lukas Vrabec 2014-07-25 13:32:05 UTC
commit 9c1d7e6ac2d4756318c2a5c28ec0c4a6c261f84c
Author: Lukas Vrabec <lvrabec@redhat.com>
Date:   Fri Jul 25 14:20:16 2014 +0200

    Label keystone var run dir (#1123013)

https://github.com/selinux-policy/selinux-policy/commit/c772710645695bf68a37863cc48aa83a7148c45f

commit b29ab720555d0a046f15201576fae11ceac73d6d
Author: Lukas Vrabec <lvrabec@redhat.com>
Date:   Fri Jul 25 14:23:41 2014 +0200

    Label neutron var run dir (#1123013)

https://github.com/selinux-policy/selinux-policy/commit/b29ab720555d0a046f15201576fae11ceac73d6d

commit 2954df5066b73207dd4d2e9dec8bf9f6770bee65
Author: Lukas Vrabec <lvrabec@redhat.com>
Date:   Fri Jul 25 15:05:01 2014 +0200

    Fix mistakes keystone and quantum


https://github.com/selinux-policy/selinux-policy/commit/2954df5066b73207dd4d2e9dec8bf9f6770bee65

Comment 2 Fedora Update System 2014-08-13 12:09:15 UTC
selinux-policy-3.12.1-180.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/selinux-policy-3.12.1-180.fc20

Comment 3 Fedora Update System 2014-08-16 00:30:36 UTC
Package selinux-policy-3.12.1-180.fc20:
* should fix your issue,
* was pushed to the Fedora 20 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing selinux-policy-3.12.1-180.fc20'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2014-9454/selinux-policy-3.12.1-180.fc20
then log in and leave karma (feedback).

Comment 4 Fedora Update System 2014-08-21 09:46:39 UTC
selinux-policy-3.12.1-180.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.