From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040923 Description of problem: From rawhide-20040927 as well as FC3t2 (both using the same kernel 1.541), I can mount /dev/hda2 (reiser), navigate the fs, cat files, etc., but, if I try to write to a file or create a ne wone, the process attempting the write becomes unkillably frozen. Subsequent syncs immediately, unkillably freeze. Attempts to umount fail. Attempts to reboot silently fail. If I login on another tty, I get to the "Last login: ..." line, then my cursor remains blinking on the next line forever. There is no Oops or other kernel output on the console, and nothing shows up in dmesg. At this point, all I can do is power cycle. If I boot into a kernel that does not experience this problem, I can read and write to the partition without problems. Changes I make to the partition do show up when I reboot into FC, but as soon as I try to make changes in FC, everything freezes again. If I boot into 1.541 with the argument "selinux=0", I am able to write to /dev/hda2 normally. Version-Release number of selected component (if applicable): kernel-2.6.8-1.541 Expected Results: If this is an unknown and/or easily-solvable issue with SELinux and reiser, I would prefer if the issue could be solved. Barring that, I would prefer if the kernel either disabled the affected parts of SELinux on reiser partitions, or did not allow reiser partitions to be mounted rw when SELinux is enabled.
don't use reiserfs like this. realistically we're not going to be fixing reiserfs so marking this bug as WONTFIX.
I am not using reiserfs in a strange way; I am simply mounting it and attempting to use it on a system that happens to have SELinux enabled. Our installer allowed me to choose to mount /dev/hda2 rw as type reiser, I did not go behind its back. The kernel allowed /dev/hda2 to mount rw out of the box, I did not need to customize any module loading scripts or install any extra packages. This is a robustness issue and must be addressed, preferably in one of the three ways above (correct rw operation, disable SELinux on mount, or prevent reiser partitions from being mounted rw when SELinux is enabled). A fourth way of addressing it might be to remove the reiser driver from the distribution, which would be unfortunate for users who would otherwise choose to use reiser and simply disable SELinux. A fifth way of addressing it might be to cause our installer to not offer to mount reiser partitions, which would also be unfortunate for users who value reiser over SELinux. Either way, there will be users who value reiser and, as long as we allow its use, we can not make it easy to destabilize the kernel through normal use of its features (reiser and SELinux).
We aren't distributing those broken patches to add xattr support to reiserfs are we? Did they get upstreamed?
we aren't touching reiserfs at all. btw you missed a 4th way, the most likely way: disable reiserfs.
If either the fourth or fifth way of addressing this problem is determined to be the only practical solution, please go ahead with it. We should not ship a distribution in this state. Users (which class would include me before this morning) need to be educated to not use reiser and SELinux at the same time, or they need to be prevented from doing it, but they can not be allowed to cause filesystem inconsistency or kernel instability through the normal actions of enabling SELinux, using reiser, and attempting to write to a data partition. Please do not re-close this bug until one of the five methods of addressing this kernel issue has been decided upon and implemented.
well anaconda doesn't offer you to create a reiserfs partition. the kernel does not have the task to prevent the sysadmin from shooting himself in his foot.
Just me asking (because i didn't try it). But if i choose linux reiserfs at the install point anaconda will/? provide me with reiserfs as option (at least the same thing happened when i installed FC3T2 on lvm/xfs).
Created attachment 104848 [details] Use genfscon to map reiserfs to nfs_t rather than calling xattr handlers Allow use of reiserfs under SELinux, mapping all inodes to a single type, rather than trying to call the xattr security handlers in the reiserfs code that produce deadlock. nfs_t used as the type at Russell's suggestion, since policy already allows access for NFS home directories.
reiserfs is available only AS-IS and unsupported. If it breaks, you get to keep both pieces. Jeremy - It sounds like anaconda needs to be changed so that without the reiserfs option, it will refuse to upgrade an existing linux install on a reiserfs partition.
reiserfs/SELinux deadlock shouldn't be occuring anymore due to policy change to tell SELinux to not invoke the reiserfs xattr handlers at all. Is it still occurring? SELinux should just be mapping all reiserfs inodes to nfs_t at this point. As an side, recently restarted dialogue with Jeff Mahoney of SuSE about getting the reiserfs xattr support fixed so that it will work with SELinux, but don't know what they will be done.
Looks like policy fix went into 1.17.28-2 on Oct 6th. FC3T3 had an older revision that lacked the change, so expect reiserfs to still deadlock there. But in FC3 final, it shouldn't be an issue.
The newer policy package should fix this.