Bug 133380 - rc.sysinit needs extra parameter when running restorecon for SE Linux
Summary: rc.sysinit needs extra parameter when running restorecon for SE Linux
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: initscripts
Version: 3
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Bill Nottingham
QA Contact: Brock Organ
URL:
Whiteboard:
Depends On:
Blocks: FC3SELinux
TreeView+ depends on / blocked
 
Reported: 2004-09-23 16:53 UTC by Russell Coker
Modified: 2014-03-17 02:48 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2004-09-23 18:32:02 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Russell Coker 2004-09-23 16:53:25 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.3; Linux) (KHTML, like Gecko)

Description of problem:
/sbin/restorecon  /dev/* 2> /dev/null

The above line is currently in rc.sysinit to label tmpfs /dev.  It needs to be replaced with the below line to allow LVM systems to boot with strict policy.

/sbin/restorecon  /dev/* /dev/*/* 2> /dev/null


Version-Release number of selected component (if applicable):
7.82-1

How reproducible:
Always

Steps to Reproduce:
Install the strict policy on a system with LVM root and watch it fail to boot in enforcing mode.

Additional info:
Comment 1 Russell Coker 2004-09-23 17:15:13 UTC 
/sbin/restorecon  /dev/* /dev/.udev.tdb /dev/*/* 2> /dev/null 
 
Actually it should be the above.  Sorry, I fixed one bug only to 
find another. 
 
Also don't bother testing the fix, with the current policy in 
rawhide it probably won't work anyway (any situation in which it's 
needed things won't work).
Comment 2 Bill Nottingham 2004-09-23 18:32:02 UTC 
Fixed in CVS.
Note You need to log in before you can comment on or make changes to this bug.